Cloudflare offers auto SSL/TLS mode, allowing you to automatically select the connection mode to your origin server.
Cloudflare, which offers services such as CDN and DDoS protection, announced that it has introduced “Automatic SSL/TLS Mode” that automatically determines whether SSL and TLS can be used when connecting to the origin server.
Automatic SSL/TLS Provisioning: Secure and Simplify Source Connection
https://blog.cloudflare.com/introducing-automatic-ssl-tls-securing-and-simplifying-origin-connectivity
Cloudflare acts as a reverse proxy between users and servers, allowing access from users around the world to be processed by the nearest edge server for faster response times. The basic mechanism is that if the requested data is cached on the edge server, the data is returned from the edge server, and if there is no cache, the data is requested from the origin server, which is the origin server.
Regarding the communication path between users and Cloudflare, SSL/TLS communication was possible if Cloudflare set up a server certificate, but settings on the origin server side are required to enable SSL/TLS communication between Cloudflare and the origin server, so I couldn't change it just by setting up Cloudflare.
Starting August 8, 2024, “Automatic SSL/TLS” mode will be available to users who have set up “SSL/TLS Recommender” to notify them when a stronger SSL/TLS mode is available. Automatic SSL/TLS allows Cloudflare to send requests to origin servers using different SSL/TLS modes and compare the returned data to find the “most secure SSL/TLS mode.” This is the setting that is applied by default.
You can also manually switch the SSL/TLS level by selecting Custom SSL/TLS.
Although settings like installing a server certificate on the origin server are still required as before, if you use automatic SSL/TLS, Cloudflare will verify the data returned, so if you switch your SSL/TLS level due to a configuration error, you can reduce the risk of your site crashing.
After August 8, 2024, automatic SSL/TLS will be selected by default if you have enabled the SSL/TLS Recommender. However, the automatic SSL/TLS mode will not be switched immediately, and the first scan will start on September 9, 2024. If you want to disable automatic SSL/TLS but keep the SSL/TLS Recommender enabled, you will need to change the settings before the first scan.
Even if you do not have SSL/TLS Recommender enabled, Free and Professional plan users will be migrated to automatic SSL/TLS starting September 16, 2024, and Business and Pro plan users will be migrated to automatic SSL/TLS starting September 16, 2024. Enterprise plan users will also be migrated.
“Travel maven. Beer expert. Subtly charming alcohol fan. Internet junkie. Avid bacon scholar.”
More Stories
Enjoy a hot cigarette while looking at whales and tropical fish under the sea ⁉︎ “Ploom Dive” is an amazing spatial video experience using Apple Vision Pro
Apple Watch now supports sleep apnea, watchOS 11 released – Impress Watch
ASCII.jp: New macOS Release! macOS Sequoia 15 Can Display Your iPhone Screen on Your Mac!