Verifying Cloudflare Certificate Requests via Nginx Location Matching

For domains connected through Cloudflare Partner, a certificate validation request is required. You must place the TXT file provided by Cloudflare in a specific directory and ensure it is accessible. If validation fails, you cannot access your website via HTTPS while using Cloudflare.

The validation requirements are shown in the screenshot below:

The usual approach is to create the corresponding directory in your website root, such as .well-known/pki-validation/, and then upload the ca3-xxx.txt file to that directory for verification.

Personally, I find this conventional method somewhat cumbersome. If you are using Nginx as your web server, you can completely bypass file uploads by using Nginx location matching for verification.

Add the following content to the server block of your Nginx site configuration file:

# CF validation
location ~* \.well-known.*\.txt {
    default_type text/plain;
    return 200 'ca3-bb7bcc8c944a4e98af233f75xxxx';
}

Note: Replace ca3-xxx.txt with your actual content, then reload the Nginx configuration (nginx -s reload).

Summary

Cloudflare certificate request validation can be performed either by uploading a file or by using Nginx location matching. Simply choose the method that you find more convenient.