English (United States) Deutsch español (España) français (France) 日本語 português (Brasil) 中文(中国)

Cloudflare Help Center

Detailed system status >

Articles in this section

Connect with the Cloudflare Community

Get answers

More on this topic: Discussions and Tips

Understanding Opportunistic Encryption

  • Updated

Learn how Opportunistic Encryption allows clients to use traditionally insecure protocols over secure channels like TLS.

Overview

Similar to STARTTLS for SMTP, HTTP Opportunistic Encryption allows clients to access HTTP URIs over an encrypted TLS channel.  HTTP Opportunistic Encryption allows use of TLS for other protocols. For instance, HTTP/2 requires TLS.

Opportunistic Encryption is not a replacement for HTTPS.  Use HTTPS when both strong encryption and authentication are required.   Opportunistic Encryption does not provide the same indications of security as HTTPS such as the green lock icon in most browser address bars.

You do not need to configure your origin web server to support Opportunistic Encryption.

Enable Opportunistic Encryption by selecting On in the Opportunistic Encryption section of the Cloudflare SSL/TLS app.

Not finding what you need?

Searching can help answer 95% of support questions. This is the quickest way to get answers.

Ask the Community Submit a request

Related articles

Not finding what you need?

Searching can help answer 95% of support questions. This is the quickest way to get answers.

Ask the Community Submit a request