How do I enable HTTP Opportunistic Encryption?

What is HTTP Opportunistic Encryption?

Opportunistic encryption allows clients to use traditionally insecure protocols over secure channels like TLS, similar to STARTTLS for SMTP. HTTP Opportunistic Encryption allows clients to access URIs with the http scheme over an encrypted TLS channel.

Is HTTP Opportunistic Encryption a replacement for HTTPS?

No. HTTPS should still be used when both strong encryption and authentication are required. HTTP Opportunistic Encryption enables a means of using TLS when needed for other protocols--in this case, the primary driver for needing TLS is that HTTP/2 requires it. It does not provide the same indications of security as HTTPS (the green lock icon in most browser address bars).

How do I enable HTTP Opportunistic Encryption in Cloudflare?

In the Crypto section of your dashboard, toggle HTTP Opportunistic Encryption on:

Do I need to configure anything at my origin to use HTTP Opportunistic Encryption?

No. HTTP Opportunistic Encryption is handled entirely by Cloudflare's edge.

Which browsers support HTTP Opportunistic Encryption?

Firefox has support for HTTP Opportunistic Encryption as of version 37.0.1.

Still not finding what you need?

The CloudFlare team is here to help. 95% of questions can be answered using the search tool, but if you can’t find what you need, submit a support request.

Powered by Zendesk