What happens if your host issues SSL redirects after you've set it up on cloudflare?


#1

I’ve set up SSL with Cloudflare, works great and cloudflare do an amazing job.

I’ve just discovered that my host/DNS provider is moving accounts to SSL too. So they are saying everything will be served with SSL/https.

Hmmm. I know DNS is served with cloudflare. But, what happens when a host/DNS provider issues certs and enables them when you have cloudflare doing the same?

I vaguely remember last year this happening elsewhere when a host started using cloudflare for SSL and it caused someone issues when they were doing the same on their own cloudflare account using redirect everything to ssl.

Nothing has happened yet as they’ve not implemented it. So, I’m just preparing in case.

Just wondering if anyone with some experience in this could say if there is likely to be a conflict here? Or indirect loops?


#2

That’s great! That means you can use SSL Full (Strict) mode here for a fully encrypted end-to-end connection.

As you suspect you might end up with an infinite redirect loop. You’ll need to keep an eye out for that SSL transition so you can switch to SSL Full (Strict) as soon as that happens.

The redirect loop will happen because Flexible means Cloudflare uses only HTTP to connect to your server, but soon your server will tell Cloudflare to use HTTPS and try again, so Cloudflare will try again…with HTTP. And the loop repeats. SSL Full means Cloudflare will use HTTPS to connect to your server. But right now, it can’t, because your server doesn’t have SSL…yet.


#3

Thank you for that confirmation!