I want to serve files from A server with cloudflare.
I cannot disable SSL on A server. Simply I pointed my domain to A server. When I type https://example.com chrome says that Your connection is not private.
Is it possible to make cloudflare serve files from A server over http not https?
Or can I make cloudflare to use a different SSL?
CloudFlare has a few different SSL options:
CloudFlare's Flexible SSL will allow communication between the client and CloudFlare over HTTPS whilst the connection from CloudFlare to the origin is over HTTP.
In addition to this, if the certificate is just unsigned but still returns the correct website files you can actually utilise Full SSL (but not Full (Strict)). By contrast Full (Strict) will require a signed certificate from the origin to CloudFlare.
Related
Stack:
Cloudflare
SSL in Full(Strict) mode
Always Use SSL is ON
Heroku
Automatic Certificate Management (ACM)
All this seems to work well, except that on the Cloudflare SSL Overview tab, under Traffic Served Over TLS 30% is labeled None (not secure) I would expect this section to have started to approach zero.
The settings above have been in effect for well over 24 hours.
So, where's all this non-ssl traffic coming from? Is that just traffic coming in over HTTP that Cloudflare is redirecting to SSL before it gets anywhere else? Or is it something else?
Yes, it's very likely that traffic is coming in over HTTP that Cloudflare is redirecting to SSL. When someone first requests the HTTP version of the site that will be handled over HTTP (not HTTPS), which will then redirect to the HTTPS version.
Im using hostgator as my host.They do not provide free ssl certificate.So im using cloudflare free ssl certificate for my site.SSL certificate working everywhere except Cpanel.
I tried manually adding ssl through cpanel option.But not really working!Is there any way i can add it there?
Or it will be really good if my cpnael url cpanel.site.com won't just show up to that address.
If you want to use the CloudFlare SSL certificate then there is no need to add that SSL certificate to yoru cpanel nor to your site. Read the cloudflare documentation in order to see how to create and use Page Rules and their SSL certificate. cPanel has nothing to do with it. CF works just fine with cPanel/WHM and pretty much with any other related hosting panel. Your site can be http only in cPnel and then you do the HTTPS redirection from Clouflare using their Flexible SSL and page rules
cpanel.yourdomain.com ssl is related to server side. If your host allow autossl with Let's Encrypt (for example) then it will install ssl for all your necessary subdomains like webmail, cpanel, mail, www etc. If you are installing ssl manually, then you cannot install it for cpanel subdomain. However if you want to use cpanel securely and have enabled ssl with yourdomain.com the you can use it:
https://yourdomain.com:2083
I've just started using Zap, and am successfully running it in Firefox and Chrome.
I'd like to use it to automatically serve it's SSL cert for non https sites as well.
So for example, I'd like it to be able to serve
http://example.com
as
https://example.com
even though example.com normally wouldn't serve an SSL cert.
This would allow me to test local development sites without ever creating a self signed cert for them, or having to configure the cert with a webserver.
I've tried to port forward my dev port (18000) to port 443, but there's no SSL cert being served by my webserver, and the connection fails. I've also tried this with sni terminator zap plugin with no luck, though it feels like it's super close!
Any suggestions?
No application can choose communication protocol on which a client communicates. Web servers communication is strictly client driven except server redirects. For client to choose HTTP(s) out of two options http and http(s) you may install browser plugins like HTTP(s) everywhere which will seek for https first even if http is entered in browser
I am using cloudflare to proxy requests to my server and within my server I have added support for subdomains. The issue is that my server only has an ssl certificate issued to the root domain, but the cloudflare certificate has support for wildcards. Whenever there is a request to the root domain the ssl certificate from cloudflare is used but when I try to access a subdomain my server's certificate is used and I get a nasty the domain is insecure error. Any suggestions as to how I can fix this? There is a CNAME record within cloudflare which has the * name as an alias to my domain.
If you're on a Free CloudFlare account, only browsers with SNI support work. This is so CloudFlare doesn't need to assign an IP for every free client; using a Pro account you can have support for legacy browsers which don't support SNI.
If I get an ssl certificate - can I still access my web pages using http (instead of https) so they'll load faster?
Or perhaps have the ssl for only certain pages on my site? (I'm using web hosting, perhaps it matters.)
Yes. When you're setting up the certificate, you can configure your server to listen on port 443 (for SSL, where it will serve your certificate) as well as port 80 (where normal HTTP traffic will go). For pages where you absolutely want to have SSL, you'll need to force the user to visit the https:// URL.