Can you setup Cloudflare proxy to always use non ssl (http://) requests to origin for https:// requests.?
I have a client that has a situation I have’t ran into before. Firstly, the content is not confidential / financial or sensitive in any way, but we want to eliminate the mixed content warnings at the browser. They have a very large repository of GIS map data that is hosted on a university server, and apparently their IT department can only support non ssl requests to this machine.
We have setup a Cloudflare DNS CNAME with proxy enabled and an edge certificate. When we make requests through the proxy it is reporting that the origin server is timing out. Requests direct to the origin domain will work if http:// but dropped by university’s firewall if https://.
My understanding is if I set SSL/TLS encryption mode to flexible is it would support both types of connections. However is there a way I can set it to never try SSL connections to the origin server, yet still support them between the browser and Cloudflare?
That’s what flexible does, https to the edge, http to the origin. Ideally you could have a Cloudflare tunnel proxy the traffic to the internal network and send the requests to the origin via HTTP so that the data isn’t traversing the open internet over http even if just from Cloudflare’s edge tot he origin (no one really wants to punch a hole through their firewall for http traffic…