Full exryption mode and MITM attack

Question:

I use Full encryption mode on my domain, and I want to know, if my server had a valid SSL certificate, can someone still pose as my server and intercept traffic? since Full mode does not check for expiration date, neither for a valid SSL certificate, it just enctypts if available

What is the current SSL/TLS setting?

Full

For the reasons explained here, you need to use “Full (strict)” (or “Strict”) and a valid SSL certificate on your origin. Nothing else is secure.

I understand that, and I will use it.
But please, is my question possible?

If it wasn’t possible then we wouldn’t need encryption and SSL certificates.

1 Like

you mean we would not need full strict mode?
(I care about what I understand)

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.