End-to-end HTTPS (full): risk of self-signed certificate

CloudFlare recommends to use Strict mode in an end-to-end SSL. What are the risks of not having the SSL certificate validated on the origin server (e.g. origin server configured with self-signed certificate)?

1 Like

Hi @dwalsh,

There are far more detailed explanations online, but in brief:

Using Full with a self-signed certificate will encrypt the connection between Cloudflare and your server, but any certificate presented, whether it’s for your domain or not, could be used by Cloudflare. This is a security issue because any certificate from a potential adversary would also be allowed. Kind of like putting a lock on it, but one that just lets any key open it.

That’s why only Full (strict) is the only secure option, because it validates that the certificate is valid. Cloudflare can provide an Origin Certificate for ease so you can use Full (strict).

2 Likes

Understood, thanks for the reply. But how can this vulnerability be exploited? What would an attacker have to do concretely?

@domjh @sdayman

1 Like

It’s like trying to figure out which one of these is really Toby Maguire. You need an authenticated certificate to verify the connection.

6 Likes