Regardless of whether or not you provide your own SSL certificates, cloudflare still uses their own between their servers and client browsers. So any SSL encrypted traffic is unencrypted at their end before being re-encrypted with your certificate. How can such an entity be trusted?

  • spottyPotty
    cake
    OPB
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago

    When I visit one of the sites I manage, that goes through CF (my personal ones don’t), I see that the certificate that the browser sees is one provided by CF and not the one that I create using LetsEncrypt.