Subscribe to receive notifications of new posts:

Easiest SSL Ever, Now Included Automatically with Every Paid Plan

2011-11-04

2 min read
Easiest SSL Ever, Now Included Automatically with Every Paid Plan

SSL today is too hard. While it's something every website should support, even for the technically savvy, getting a SSL certificate properly installed on your web server can be daunting. Moreover, several platforms like Google AppEngine don't fully support SSL so it's not a possibility. Up until now CloudFlare, unfortunately, didn't make it any easier.

The way SSL worked on CloudFlare in the past was that you had to upgrade to a PRO account, select the subdomains that you wanted to have SSL on, pay us $1/month for each of those subdomains, and then pick an email address that was either a valid role account (like [email protected]) or included in the whois record to which our certificate authority partner could send a vetting email. That began a complicated process that, in the best case, would have SSL working across our network about 2 hours later. In the worst case, it could take days. And none of that removed you having to buy a certificate and install it on your site.

We knew there was a better way and for the last 6 months we've been working on it with Globalsign, our certificate authority partner, to build it. I think we've finally nailed it. SSL is now included automatically with every paid CloudFlare account at no additional cost. If you're a paid user, you now have SSL on your site automatically. If you were paying before, we've removed the SSL charge from your future bill. You don't need to pick the subdomains (it'll work on any subdomains that are marked as "CloudFlare enabled") and you don't need to wait around for a vetting email.

Easiest SSL Ever, Now Included Automatically with Every Paid Plan

What's cool is even if you didn't previously have SSL now you do. To make this happen, we're introducing a "flexible" SSL mode which will encrypt traffic from your visitors to CloudFlare's network, protecting your visitors from the most common types of eavesdropping and attacks like FireSheep. What's awesome is this allows you to run SSL in front of services where you can't install a certificate. It literally makes SSL one-click easy.

Easiest SSL Ever, Now Included Automatically with Every Paid Plan

If you're a paid CloudFlare user, you're already setup -- even if you didn't have SSL before. Give it a try by visiting the HTTPS version of your site. We've intelligently defaulted you to flexible or end-to-end mode depending on what your backend server supports. You can override the default, or turn SSL off if you don't want it for some reason, from your CloudFlare Settings page.

We're going to be rolling out some more options to make SSL even more wide spread in the coming weeks. It's all part of our mission to make a faster, safer Internet.

Cloudflare's connectivity cloud protects entire corporate networks, helps customers build Internet-scale applications efficiently, accelerates any website or Internet application, wards off DDoS attacks, keeps hackers at bay, and can help you on your journey to Zero Trust.

Visit 1.1.1.1 from any device to get started with our free app that makes your Internet faster and safer.

To learn more about our mission to help build a better Internet, start here. If you're looking for a new career direction, check out our open positions.
HTTPSSSLProduct NewsSecurity

Follow on X

Matthew Prince|@eastdakota
Cloudflare|@cloudflare

Related posts

October 08, 2024 1:00 PM

Cloudflare acquires Kivera to add simple, preventive cloud security to Cloudflare One

The acquisition and integration of Kivera broadens the scope of Cloudflare’s SASE platform beyond just apps, incorporating increased cloud security through proactive configuration management of cloud services. ...

October 06, 2024 11:00 PM

Enhance your website's security with Cloudflare’s free security.txt generator

Introducing Cloudflare’s free security.txt generator, empowering all users to easily create and manage their security.txt files. This feature enhances vulnerability disclosure processes, aligns with industry standards, and is integrated into the dashboard for seamless access. Strengthen your website's security today!...

October 02, 2024 1:00 PM

How Cloudflare auto-mitigated world record 3.8 Tbps DDoS attack

Over the past couple of weeks, Cloudflare's DDoS protection systems have automatically and successfully mitigated multiple hyper-volumetric L3/4 DDoS attacks exceeding 3 billion packets per second (Bpps). Our systems also automatically mitigated multiple attacks exceeding 3 terabits per second (Tbps), with the largest ones exceeding 3.65 Tbps. The scale of these attacks is unprecedented....