How to download fly.io Origin Certificates

Question 1

When I’m using cloudflare, I able to download Origin Certificates to put into my origin server

How can I do the same with fly.io? I have already create Certificates and I want to download key & pem cert to put into my nginx process.

Question 2

Can I directly hit fly.io IP from Cloudflare DNS without following this tutorial (creating fly.io certs) ?

Thankyou

Question 2 should be possible because the machine has dedicated IP

Where is your nginx running? On Fly.io?

We don’t have a good way to let you install origin certificates. You can do your own TLS termination in your app/nginx. You just have to remove the tls and http handlers from [services] in fly.toml.

You can’t do TLS between CloudFlare and Fly.io using just your app IPs, we don’t serve certificates for those. You might be able to create a CNAME record that points to <appname>.fly.dev and have it use TLS, however. I’m not actually sure how their full stack works.