Authenticated Origin Pulls and

Hi, i enabled AOP with Nginx and it work fine, if i disable Authenticated Origin Pulls on dashboard and i reload the page i get nginx error ( invalid cert ) so it proof that everything work fine.
But if i disable AOP after i load the page, client continue to have access to socket connexion context.
It’s possible to be sure that websocket traffic pass by CF ?

I’m not sure I understand the question. Authenticated Origin Pulls work by presenting a specific certificate during the TLS handshake with the origin. If you change the setting after establishing a connection with the origin as you did in your test by opening the webpage before, you will not see that settings change take effect until that TLS connection times out or is reset. So I think what you’re seeing is expected behaviour.

Most people set this configuration once and don’t change it, so you wouldn’t typically encounter this problem.

1 Like

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.