Posts by Nick Sullivan

Introducing CFSSL - CloudFlare's PKI toolkit

Published on July 10, 2014 06:00AM by Nick Sullivan.

Today we’re proud to introduce CFSSL—our open source toolkit for everything TLS/SSL. CFSSL is used internally by CloudFlare for bundling TLS/SSL certificates chains, and for our internal Certificate Authority infrastructure. We use this tool for all our TLS certificates.

Creating a certificate bundle is a common ...

The Heartbleed Aftermath: all CloudFlare certificates revoked and reissued

Published on April 17, 2014 02:44AM by Nick Sullivan.

Eleven days ago the Heartbleed vulnerability was publicly announced.

Last Friday, we issued the CloudFlare Challenge: Heartbleed and simultaneously started the process of revoking and reissuing all the SSL certificates that CloudFlare manages for our customers.

That process is now complete. We have revoked and reissued every single certificate we ...