Understanding Opportunistic Encryption

Avatar
traines
Follow

Learn how Opportunistic Encryption allows clients to use traditionally insecure protocols over secure channels like TLS.

Overview

Similar to STARTTLS for SMTP, HTTP Opportunistic Encryption allows clients to access HTTP URIs over an encrypted TLS channel.  HTTP Opportunistic Encryption allows use of TLS for other protocols. For instance, HTTP/2 requires TLS.

Opportunistic Encryption is not a replacement for HTTPS.  Use HTTPS when both strong encryption and authentication are required.   Opportunistic Encryption does not provide the same indications of security as HTTPS such as the green lock icon in most browser address bars.

You do not need to configure your origin web server to support Opportunistic Encryption.

Enable Opportunistic Encryption by selecting On in the Opportunistic Encryption section of the Cloudflare Crypto app.

Was this article helpful?
1 out of 1 found this helpful
Not finding what you need?
Ask the Community   Submit a request

95% of questions can be answered using the search tool. This is the quickest way to get a response.

Popular questions: Why is my site slow, 522 errors, I'm expecting a spike in traffic

Powered by Zendesk