1). Locate all the files needed
Download the Origin Certificate following files from Cloudflare dashboard
origin.pem
Locate the private key for the Certificate
pk.pem
Download the Cloudflare intermediate certificate in pem format
intermediate.pem
2). Convert the certificate to pfx
Windows 11
Enable WSL
Install Ubuntu
Run the command
~$ openssl pkcs12 -export -out origin.pfx -inkey pk.pem -in origin.pem -name “cloudflare origin”
3). On the Windows Server
Open mmc, load the Certificates snapin
Expand Certificates > Intermediate Certification Authorities > Certificates
Right click the folder and choose Import
Select intermediate.pem and click Next through the prompts
Open IIS Manager – Import the origin.pfx
In IIS Manager – bind the site to the ssl cert