SSL (Secure Socket Layer) is the standard security technology for establishing an encrypted link between a web server and a browser. This secure link ensures that all data transferred remains private. It’s also called TLS (Transport Layer Security). Millions of websites use SSL encryption everyday to secure connections and keep their customer’s data safe from monitoring and tampering
Every website on the Internet should be served over HTTPS. Here’s why:
Manually configuring SSL requires several steps, and a misconfiguration can prevent users from getting to your website. Cloudflare allows any Internet property to become HTTPS-enabled with the click of a button. You’ll never need to worry about SSL certificates expiring or staying up to date with the latest SSL vulnerabilities when you’re using Cloudflare SSL.
HTTPS isn’t what it used to be. It’s faster, more secure, and used by more websites than ever before. SSL enables HTTP/2, which has the potential to make websites up to two times faster with no changes to existing codebases. Modern TLS also includes performance-oriented features like session resumption, OCSP stapling, and elliptic curve cryptography that uses smaller keys (resulting in a faster handshake). TLS 1.3 reduces latency even further and removes insecure features of TLS making HTTPS more secure and performant than any previous version of TLS and its non-secure counterpart, HTTP.
Cloudflare has even worked to improve the performance of OpenSSL. We implemented ChaCha20-Poly1305, a cipher suite that runs three times faster than AES-128-GCM on mobile devices. We care about performance.
Cloudflare is on a mission to build a better Internet. One of the ways we’re achieving this is by bringing the tools of the Internet giants to everyone. Today, in an effort called Universal SSL, we enable SSL by default for all our customers that are signed up directly for Cloudflare— even those on our Free plan.
Encrypting as much web traffic as possible to prevent data theft and other tampering is a critical step toward building a safer, better Internet. We’re proud to be the first Internet performance and security company that offered SSL protection at no cost.
The SSL for Free plan customers is completely compatible with all other Cloudflare performance and security features. Free plan SSL service will utilize Elliptic Curve Digital Signature Algorithm (ECDSA) certificates from Comodo or GlobalSign. These certificates will cover both your root domain and first-level subdomains through the use of a wildcard. It may take up to 24 hours to activate. SSL for Free plan users works with modern browsers that support Server Name Indication (SNI) and operating systems that support EDCSA certificates.
Over 13,000,000 Internet Applications and APIs