thanks for your reply.
Indeed, Cloudflare taking care of SSL is handy. However, some applications can't benefit of this.
One of my applications is like a WPMS which have "subdomains created on-the-fly" through the web interface (check it out: SkipDNS), and wildcard entries can't be proxied by Cloudflare servers (feature exclusive to the Enterprise plan, which I can't afford). They are directly pointed to the server. Creating the subdomains individually to have them proxied (and the Cloudflare's Universal SSL) is not a suitable solution.
There are also subdomains not related to the website above (another domain using Cloudflare API) I will move to spare servers, because they have have a huge traffic - including big file downloads - that should not be cached or even proxied by Cloudflare at all (it's against their rules, even with caching disabled, I got suspended at CF due to this rule 7 days - (twice!)) and also a high volume of websockets connections (they support websockets, but they should be rare and short for you to stay on free/pro plans, not my case). In this case, also, I must have the wildcard cert installed on my server.