Some of my clients get stuck in a continuous loop when checking the secure connection. Can you help in some way?
I also can see that the issue is on Tablets & Smart TV’s
Install Let’s Encrypt cert at origin, and try Full or Full Strict mode for SSL.
One should never use Full, as that’s an insecure legacy mode. Always use Full Strict.
Yes, I agree. Let’s expires every 90 days. Some host may typically require updating origin IP at DNS (non-proxy status) so in that case if cert has expired Full will continue to work. Just thought in broader case to avoid some pitfalls. While I highly recommend having Let’s Encrypt via txt record verification to ensure seamless renewal process (rather depending on IP), in that case OP may surely use Full Strict without any chance of SSL error at the time of renewal. Else, CF origin cert is always an amazing secure option for the long term as 15 years
I am afraid even in that case one should not fall back to a legacy mode, but rather use an Origin certificate.
Bottom line, never use Full - only Full Strict
This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.