Hi. I’m new to Cloudflare.
What I noticed is that CF presents a SSL themselves. To encript my server I use Letsencrypt. No wonder actually. After all they add some headrers indicating the original request IP addr.
I just run a test.
I seted an invalid SSL in my web server but it seemed CF did not distrust it
This was my procedure.
I have a valid certificate for my domain.com
I created a new subdmain let’s call it sub domain com
In sub.domain.com i presented the certificate for domain com
If I skip the proxing and navigate to sub domain com on Safari, Safari distrust the certificate.
If CF is proxing the site is delivered normally. No message, no block. Nothing at all.
I’m worried about the idea of some MITM between CF and my actual server (in DO).