If you are already using Cloudflare to host the DNS of your domain (eg. acme.com), on which your Crisp Helpdesk is running (eg. help.acme.com), then Cloudflare lets you enable "proxy mode" on your Crisp Helpdesk domain. This is not required but can help improve performance.
1. Enable proxy mode
Enabling the Cloudflare "proxy" mode on your Crisp Helpdesk domain will use Cloudflare IPs for your visitor connections to the Helpdesk. It may speed up your Helpdesk a bit for visitors in areas that are far away from Europe, where Crisp hosts its Helpdesk system. Thus, you may enable "proxy" mode anytime, it won't cause any trouble and may speed up your Helpdesk in some cases (ie. reduce the network latency for regions that are far away from Europe). If most of your visitors are in Europe, you won't see much difference.
Cloudflare "proxy" mode may also let you use your own SSL certificate for your Crisp Helpdesk. By default, Crisp generates a SSL certificate on your behalf, which cannot be customized. Cloudflare lets you upload your custom SSL certificate in its higher-level plans, which is helpful when you want to use your own SSL certificate & key.
Beware! Do not enable Cloudflare "proxy" mode while validating your Crisp Helpdesk domain in the Crisp app. As Cloudflare "proxy" mode rewrites the IP address of your Helpdesk record, Crisp will be unable to validate your setup. Once validated, you may safely enable Cloudflare "proxy" mode.
2. Make sure your SSL settings are correct
Then, you need to make sure your Cloudflare SSL crypto settings are configured to "Full (Strict"). This ensures Cloudflare doesn't try to connect to Crisp servers using HTTP when your users access your Crisp Helpdesk over HTTPS, which would result in an infinite redirection loop (Crisp would try to redirect to HTTPS, while the user is already using HTTPS; the fault is on Cloudflare rewriting the protocol while proxying by default).
Before you switch to SSL Full (Strict), be warned that all your other sub-domains (eg. your website) will be redirected to HTTPS. You may need to make some changes to your website in order to allow that. Also, make sure you have a valid SSL certificate on your origin server so that Cloudflare can proxy to it, as it is now strict in its SSL certificate verifications.
Published on: 16 / 11 / 2017