Use Full - SSL/TLS encryption mode without a SSL certificate on the server?

Can I use Full - SSL/TLS encryption mode without a SSL certificate on the server?

Hello,

Full SSL/TLS encryption mode requires at least a self-signed certificate in your origin server. However, it’s extremely recommended that you use Full (Strict) SSL/TLS encryption mode, and you install a Cloudflare Origin Server certificate in your server.

In a nutshell:

  • No SSL/TLS encryption disables HTTPS and encryption, and clients can only connect using HTTP (port :80).
  • Flexible SSL/TLS encrypts the connection between the client and Cloudflare, but it doesn’t encrypt it between Cloudflare and your server, so it’s not recommended.
  • Full SSL/TLS encrypts the connection between the client and Cloudflare, and between Cloudflare and your server, but allows the use of self-signed untrusted certificates installed in your origin server.
  • Full (Strict) SSL/TLS is like Full SSL/TLS encryption mode, but requires a trusted certificate or an Origin Server certificate installed on your server to work. Recommended.
  • Strict (SSL-Only Origin Pull) SSL/TLS always encrypt the connection between Cloudflare and the origin server, regardless if the user connects to the site via HTTP. This option is only available for enterprise customers.

More information about SSL/TLS Encryption modes:

Hope it helps!

2 Likes

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.