First ensure your pod has a custom DNS assigned to it. This guide shows you how:
Flexible SSL encrypts the data from Cloudflare to the End User, but does not enforce encryption between your Pod and Cloudflare. This is fine for most cases where information is meant to be public (most informational websites and DApps without user specific info being served)
Strict SSL encrypts the data both from CloudFlare to the End User as well as the data between your Pod and Cloudflare. This is best when you are serving sensitive data such as personal user info (common with Web2 based sites with personal information kept behind a login)
Flexible provides the fastest setup and Strict provides a more complete encryption solution with a few more technical steps.
Both options are completely valid which is why they are both supported. Pick the one that matches your requirements best.
In CloudFlare, navigate to SSL/TLS > Overview
The following will REQUIRE you to use Cloudflare to create an SSL Certificate.
Go to your domain in Cloudflare and manage your "Origin Server" certificate
Create a Certificate
Configure your certificate type, domains and lifetime
Copy the Certificate and Key and paste into StackOS Pod Configuration
Your should see your certificate listed
Activate this style of Origin certificate in two ways:
1) By default for all subdomains of your domain
2) ONLY for a single domain.
Go to Rules > Page Rules
Create Page Rule
Configure Page Rule
Resulting Page Rule