Understand which TLS ciphers and protocols are supported by Cloudflare. Learn which browsers Cloudflare SSL certificates support and which intermediate and root certificates are used to sign Cloudflare certificates.
Cloudflare TLS/SSL cipher support
Since traffic encryption occurs either between website visitors and Cloudflare or between Cloudflare and your origin web server, Cloudflare distinguishes between:
Origin web server TLS/SSL ciphers supported by Cloudflare
Depending on the SSL option specified in the Cloudflare Crypto app, Cloudflare either connects to an origin web server over HTTP or HTTPS. Below is the list of origin server SSL ciphers that Cloudflare supports for TLS 1.3, TLS 1.2, and earlier TLS versions when connecting to your origin web server over HTTPS:
TLS 1.2 and earlier TLS versions:
- ECDHE-ECDSA-AES128-GCM-SHA256
- ECDHE-RSA-AES128-GCM-SHA256
- ECDHE-RSA-AES128-SHA
- AES128-GCM-SHA256
- AES128-SHA
- ECDHE-RSA-AES256-SHA384
- AES256-SHA
- DES-CBC3-SHA
TLS 1.3:
|
Cipher Suite Name (IANA) |
Cipher Suite (Octal Value) |
|
TLS_AES_128_GCM_SHA256 |
{0x13,0x01} |
|
TLS_AES_256_GCM_SHA384 |
{0x13,0x02} |
|
TLS_CHACHA20_POLY1305_SHA256 |
{0x13,0x03} |
Cloudflare TLS/SSL ciphers
The configuration of both the client browser and the web server determine the cipher suite used, not the SSL certificate. When a browser initiates an HTTPS connection, it sends a list of cipher suites it supports. The web server then picks the one it wants to use.
Cloudflare currently prefers to negotiate a connection using AES128. To use AES256, a client’s browser must enforce a 256 bit cipher suite. Our preference to use AES128 may change in the future.
Below is the list of SSL ciphers that Cloudflare supports for TLS 1.3 and TLS 1.2 and older for customer’s on paid plans:
|
OpenSSL Name |
TLS 1.0 |
TLS 1.1 |
TLS 1.2 |
TLS 1.3 |
|
ECDHE-ECDSA-AES128-GCM-SHA256 |
❌ |
❌ |
✅ |
❌ |
|
ECDHE-ECDSA-CHACHA20-POLY1305 |
❌ |
❌ |
✅ |
❌ |
|
ECDHE-RSA-AES128-GCM-SHA256 |
❌ |
❌ |
✅ |
❌ |
|
ECDHE-RSA-CHACHA20-POLY1305 |
❌ |
❌ |
✅ |
❌ |
|
ECDHE-ECDSA-AES128-SHA256 |
❌ |
❌ |
✅ |
❌ |
|
ECDHE-ECDSA-AES128-SHA |
✅ |
✅ |
✅ |
❌ |
|
ECDHE-RSA-AES128-SHA256 |
❌ |
❌ |
✅ |
❌ |
|
ECDHE-RSA-AES128-SHA |
✅ |
✅ |
✅ |
❌ |
|
AES128-GCM-SHA256 |
❌ |
❌ |
✅ |
❌ |
|
AES128-SHA256 |
❌ |
❌ |
✅ |
❌ |
|
AES128-SHA |
✅ |
✅ |
✅ |
❌ |
|
ECDHE-ECDSA-AES256-GCM-SHA384 |
❌ |
❌ |
✅ |
❌ |
|
ECDHE-ECDSA-AES256-SHA384 |
❌ |
❌ |
✅ |
❌ |
|
ECDHE-RSA-AES256-GCM-SHA384 |
❌ |
❌ |
✅ |
❌ |
|
ECDHE-RSA-AES256-SHA384 |
❌ |
❌ |
✅ |
❌ |
|
ECDHE-RSA-AES256-SHA |
✅ |
✅ |
✅ |
❌ |
|
AES256-GCM-SHA384 |
❌ |
❌ |
✅ |
❌ |
|
AES256-SHA256 |
❌ |
❌ |
✅ |
❌ |
|
AES256-SHA |
✅ |
✅ |
✅ |
❌ |
|
DES-CBC3-SHA |
✅ |
❌ |
❌ |
❌ |
|
AEAD-AES128-GCM-SHA256 |
❌ |
❌ |
❌ |
✅ |
|
AEAD-AES256-GCM-SHA384 |
❌ |
❌ |
❌ |
✅ |
|
AEAD-CHACHA20-POLY1305-SHA256 |
❌ |
❌ |
❌ |
✅ |
For the most current details on Cloudflare’s SSL configuration, see our public repository of SSL configurations.
Cloudflare TLS/SSL protocol support
Cloudflare only uses TLS 1.0, TLS 1.1, TLS 1.2, and TLS 1.3 to establish SSL connections between the visitor and Cloudflare.
TLS 1.2 became the industry standard in 2008. Both the Payment Cards Industry Security Standards Council (PCI SSC) and the National Institute of Standards and Technology (NIST) endorse TLS 1.2 for tighter security on the web.
Cloudflare TLS/SSL modern browser support
Cloudflare deploys additional SSL certificates for paid plans than compared to Free plans. This allows paid plans to support certain older devices. For information on what SSL protocols and ciphers your current browser supports, visit https://www.ssllabs.com/ssltest/viewMyClient.html.
Modern browser support for domains on paid Cloudflare plans
Cloudflare SSL certificates utilize the Subject Alternative Names (SAN) extension to support multiple domains on the same SSL certificate. Additionally, Dedicated Certificates and Universal SSL certificates use Server Name Indication (SNI) with Elliptic Curve Digital Signature Algorithm (ECDSA). SNI and ECDSA certificates work with the following modern browsers:
Desktop Browsers installed on Windows Vista or OS X 10.6 or later:
- Internet Explorer 7
- Firefox 2
- Opera 8 (with TLS 1.1 enabled)
- Google Chrome v5.0.342.0
- Safari 2.1
Mobile Browsers:
- Mobile Safari for iOS 4.0
- Android 3.0 (Honeycomb) and later
- Windows Phone 7
Modern browser support on Free Cloudflare domains
Due to fewer SSL certificates provided for Cloudflare domains on Free plans, SSL browser support for Free domains is limited to slightly newer browsers:
Minimum supported desktop browsers:
- Firefox 2
- Internet Explorer 7 on Windows Vista
- Windows Vista or OS X 10.6 with:
- Chrome 5.0.342.0
- Opera 14
- Safari 4
Minimum supported mobile browsers:
- Mobile Safari on iOS 4.0
- Android 4.0 ("Ice Cream Sandwich")
- Windows Phone 7
Cloudflare TLS/SSL Legacy Browser Support
Legacy Browser Support allows website owners with a paid Cloudflare plan to provide a secure connection for visitors with an older operating system or browser. Legacy Browser Support toggles whether your domain supports client browsers connecting via a SHA-1 SSL certificate.
When a visitor connects to a website protected by Cloudflare, the optimal certificate presented to the browser is automatically determined during the SSL/TLS handshake:
- Cloudflare presents an ECDSA SHA-256 certificate to browsers supporting Elliptic Curve Cryptography (ECC) and SHA-2 signatures.
- Cloudflare presents an RSA SHA-256 certificate to browsers supporting SHA-256 but not ECC.
- If the browser doesn’t support ECC or SHA-256, Cloudflare serves an RSA SHA-1 certificate.
Examples of browsers that do not support SHA-256 signatures and require RSA SHA-1 include:
- IE on Windows XP SP2 (or earlier), and
- pre-Gingerbread Android devices.
Business or Enterprise customers with specific concerns about SHA-1 security can disable Legacy Browser Support in their Cloudflare protected sites.
Disable Legacy Browser Support (Business or Enterprise domains only)
Disabling Legacy Browser Support causes errors for visitors with older operating systems (OS) or browsers establishing an HTTPS session with your website. These errors are not always obvious or prominently displayed in the visitor’s browser.
These minimum OS and browser versions are required when SHA-1 support is disabled:
- IE7 on Windows Vista
- Google Chrome on Windows Vista or OS X 10.5.7
- Safari 3.0 on Windows Vista or Mac OS X 10.5.6
- Mozilla Firefox 2.0
- Opera 8.0 (with TLS 1.1 enabled)
- BlackBerry 10
- Windows Phone 7
To Disable Legacy Browser Support:
1. Log in to the Cloudflare dashboard.
2. Click the appropriate Cloudflare account for your domain.
3. Ensure the proper domain is selected.
4. Click the Crypto app.
5. Scroll to the Legacy Browser Support section and click Disable SHA-1Support.
6. Read the warning messages in the modal that appears.
7. To proceed, check the I understand box and click Disable.
SSL intermediates and roots used to sign Cloudflare certificates
Universal SSL certificates are issued by Comodo or Digicert. Dedicated SSL and SSL for SaaS certificates are issued by Digicert.
Comodo
Click to expand the collapsed content below for details on the root and intermediate certificates used to sign the following Cloudflare certificates:
|
Level |
Common Name |
Serial |
SHA-1 Fingerprint |
Download |
|
Root |
AddTrust External CA Root |
1 |
02FAF3E291435468607857694DF5E45B68851868 |
|
|
Intermediate 1 |
COMODO ECC Certification Authority |
4352023FFAA8901F139FE3F4E5C1444E |
AE223CBF20191B40D7FFB4EA5701B65FDC68A1CA |
|
|
Intermediate 2 |
COMODO ECC Domain Validation Secure Server CA 2 |
5B25CE6907C4265566D3390C99A954AD |
75CFD9BC5CEFA104ECC1082D77E63392CCBA5291 |
|
Level |
Common Name |
Serial |
SHA-1 Fingerprint |
Download |
|
Root |
AddTrust External CA Root |
1 |
02FAF3E291435468607857694DF5E45B68851868 |
|
|
Intermediate 1 |
COMODO RSA Certification Authority |
2766EE56EB49F38EABD770A2FC84DE22 |
F5AD0BCC1AD56CD150725B1C866C30AD92EF21B0 |
|
|
Intermediate 2 |
COMODO RSA Domain Validation Secure Server CA 2 |
0BA2D01DCBCB7776E8AC65097AC12541 |
0BC249478F120F146D5714970A088A3A30C9ED07 |
|
Level |
Common Name |
Serial |
SHA-1 Fingerprint |
Download |
|
Root |
AddTrust External CA Root |
1 |
02FAF3E291435468607857694DF5E45B68851868 |
|
|
Intermediate |
COMODO Domain Validation Legacy Server CA 2 |
73DB4D987BA078FEBBE6973C24BE0CA9 |
A46AD6C400249EFBB4F5FC0E8C6E01A1F2256DAF |
Digicert
Click to expand the collapsed content below for details on the root and intermediate certificates used to sign the following Cloudflare certificates:
|
Level |
Common Name |
Serial |
SHA-1 Fingerprint |
Download |
|
Root |
Baltimore CyberTrust Root |
33554617 |
D4DE20D05E66FC53FE1A50882C78DB2852CAE474 |
|
|
Intermediate |
CloudFlare Inc ECC CA-2 |
0FF3E61639AA3D1A1265F41F8B34E5B6 |
6B53C3B358CEF368201F8741B9C5AEDEEA3861FA |
|
Level |
Common Name |
Serial |
SHA-1 Fingerprint |
Download |
|
Root |
Baltimore CyberTrust Root |
33554617 |
D4DE20D05E66FC53FE1A50882C78DB2852CAE474 |
|
|
Intermediate |
CloudFlare Inc RSA CA-1 |
060DD6C1D067901B5475FCFFC29E3137 |
2AA2B8A223DA08798599B54DE4121757ABA33341 |
|
Level |
Common Name |
Serial |
SHA-1 Fingerprint |
Download |
|
Root |
GTE CyberTrust Global Root |
421 |
97817950D81C9670CC34D809CF794431367EF474 |
|
|
Intermediate |
CloudFlare Inc Compatibility CA-3 |
0E9D4DA2F4273B048AB6A23D2D67210E |
CD33EF99FD9BDBD5FA550B4F07471C7D8D1627BF |