hello - maybe a simple question but i thought best practice was to check the certificate to a site that is new to you . . . sometimes when i do this, it is registered to Cloudflare and not the domain itself so how do i proceed in this case? trust that Cloudflare has verified the site as legitimate? thanks.
The trustworthiness of a website has nothing to do with who owns the SSL certificate.
The SSL certificate simply lets you know that there’s an SSL connection between you and the host.
Websites don’t need to purchase their own SSL certificates (expensive), especially when you could use Let’s Encrypt which gives you free SSL certificates to use HTTPS on your website, or in this case, Cloudflare gives you free SSL certificates too.
thanks for replying . . . i’m a little confused by your statement . . . i thought the 2 were linked? meaning, i cannot get a certificate for ‘my_domain_dot_com’ if i cannot prove it, right?
anyway, the larger question i’m after is that in the crypto world, it is popular to trick people so i always try to line things up . . . here is a wallet on a popular layer1 protocol called Avalanche . . .in this case, all lines up (which i guess you are saying doesn’t give me assurance?) but in some cases, Cloudflare will step in and when i check the cert, it will be registered to Cloudflare. hope this makes sense -