The team at CloudFlare is excited to announce the release of Universal SSL™. Beginning today, we will support SSL connections to every CloudFlare customer, including the 2 million sites that have signed up for the free version of our service.
This morning we began rolling out the Universal SSL across all our current customers. We expect this process to be complete for all current customers before the end of the day. Yesterday, there were about 2 million sites active on the Internet that supported encrypted connections. By the end of the day today, we'll have doubled that.
For new customers who sign up for CloudFlare's free plan, after we get through provisioning existing customers, it will take up to 24 hours to activate Universal SSL. As always, SSL for paid plans will be provisioned instantly upon signup.
How does it work?
For all customers, we will now automatically provision a SSL certificate on CloudFlare's network that will accept HTTPS connections for a customer's domain and subdomains. Those certificates include an entry for the root domain (e.g., example.com) as well as a wildcard entry for all first-level subdomains (e.g., www.example.com, blog.example.com, etc.).
For a site that did not have SSL before, we will default to our Flexible SSL mode, which means traffic from browsers to CloudFlare will be encrypted, but traffic from CloudFlare to a site's origin server will not. We strongly recommend site owners install a certificate on their web servers so we can encrypt traffic to the origin. Later today we'll be publishing a blog with instructions on how to do that at no cost. Once you've installed a certificate on your web server, you can enable the Full or Strict SSL modes which encrypt origin traffic and provide a higher level of security.
Challenges
CloudFlare operates at significant scale and we're growing very quickly. To make Universal SSL work at our scale we needed to ensure it wouldn't overwhelm our resources. We had two primary concerns:
CPU load
IPv4 exhaustion
Terminating HTTPS connections requires more CPU load than terminating HTTP. The additional load varies depending on the particular cipher suite used. For instance, the cutting-edge cipher suite ECDSA imposes significantly less load on our systems as compared with a more traditional cipher suite based on RSA. As it happens, ECDSA also provides a number of performance and security benefits over older cipher suites. We've written in the past about the benefits of ECDSA including the fact that it supports Perfect Forward Secrecy and faster SSL termination (and therefore faster page load times).
IPv4 termination is the other challenge of Universal SSL. The original implementation of SSL encrypted the host header. That meant you were limited to one certificate per IP address. Given that CloudFlare controls a finite number of IP addresses, it would be impossible for us to dedicate a unique IP for every one of our millions of customers.
Solution
These challenges required that, for free customers, we limit Universal SSL support to modern browsers. Modern browsers include support for ECDSA, where many legacy browsers do not. Modern browsers also support an extension to the SSL protocol called Server Name Indication (SNI). SNI sends the web site name (the equivalent of the host header) unencrypted, which allows us to return different certificates on an IP address depending on what customer's site is requested. This allows us to serve multiple customers' sites from the same IP.
Generally, if you're running a browser that is less than 6 years old, your browser is modern and Universal SSL on CloudFlare's free plans will work. The two biggest problem children legacy browsers are:
Internet Explorer on Windows XP (or older)
Android pre-Ice Cream Sandwich
We've been studying browser traffic for the last year in order to determine what percentage of requests come from browsers that qualify as modern. The answer varies widely depending on the region. Globally, more than 80% of requests come from modern browsers, and that percentage is growing quickly.
A recent test showed the percentage of requests in countries around the world that come from modern browsers. Iran is the worst region in the world with only 52.01% of requests coming from modern browsers. Antarctica is the best region in the world with 99.44% of requests coming from modern browsers. You can mouse over different regions to see the percentage of requests that come from modern browsers.
While Universal SSL on our free service requires a modern browser, CloudFlare's paid plans have always and will always support both modern and legacy browsers. In the coming months, because of the benefits of ECDSA certificates, we plan on offering paid users the option to return ECDSA certificates if we detect a modern browser, while reverting to RSA certificate if we detect a legacy browser.
If SSL is a must-have for you, we still recommend using a paid CloudFlare plan (which start as inexpensively as $20/month). If SSL is a nice-to-have, support on the free plan is likely sufficient to serve the vast majority visitors from most regions around the world. Note finally that Universal SSL does not disable your ability to accept unencrypted traffic. HTTP will continue to work as it always has before. You can, however, now use CloudFlare's Page Rules to force all traffic to HTTPS even if you're a free customer. (PS - Going forward, also we plan to support the ability to add HSTS headers.)
Other benefits
One additional benefit of Universal SSL is it allows us to broadly support of the SPDY protocol which requires an encrypted connection. SPDY improves web performance in a number of ways we've written about before. All CloudFlare customers will, by the end of the day today, also have SPDY enabled by default — massively increasing the size of the SPDY universe.
We also have plans to expand the universe of supported browsers slightly by taking advantage of connections that arrive over IPv6 for browsers that don't support SNI. About 16% of unique IP addresses that connect to CloudFlare do so via IPv6 (note: that calculation takes only the first 8 bytes as unique in any IPv6 address connecting to our network). Since IPv6 addresses are virtually infinite, we don't have the same limitations as we do with IPv4 and can therefore return a unique certificate for every IPv6 address.
Our bigger hope, however, is that Universal SSL will be yet another reason, along with Google and Firefox deprecating SHA-1-signed certs and Microsoft ceasing support for Windows XP, to encourage people to upgrade to a modern browser running on a modern OS. Sometimes progress requires sacrificing some backward compatibility. The good news here is that none of CloudFlare's current free customers supported any version of SSL previously, so the encrypted web tomorrow is only better and no worse.
Encouraging Modern Browser Use
To that end, CloudFlare customers can help encourage the remaining users of old browsers to upgrade using a CloudFlare App. The A Better Browser app can be installed with one click on any web site that uses CloudFlare. It automatically detects if the visitor is using an old browser and adds a banner at the top of the page suggesting that they upgrade.
The Internet is a Belief System
Last Wednesday we had a CloudFlare Board meeting. We went over our plans for launching Universal SSL and how doing so may hurt our revenue given that SSL is one of the reasons people upgrade to a paid plan. But everyone on CloudFlare's Board was unanimous: even if it does hurt revenue in the short term, it's the right thing to do.
Brad Burnham, who is the partner at Union Square Ventures who led our last round of financing, reminded me during the meeting of the Joi Ito essay about how the Internet is a belief system. Inherent to Joi's point is that small groups of people, working together, can create great things. That, fundamentally, is the Internet.
The team behind Netscape first introduced SSL back in February 1995, originally intended to facilitate ecommerce online. As the Internet grew in importance, governments, ISPs, and hackers began to intercept, throttle, and censor traffic as it flowed across the network to serve their ends. In response, SSL's importance expanded beyond ecommerce to help ensure a free and open web. As Google and the IETF work on the next generation Internet protocols like SPDY and HTTP/2, it's no wonder encryption is at their heart. And so, in order for CloudFlare to fulfill its mission of helping build a better Internet, we knew one of the most important things we could do was enable Universal SSL for all our customers — even if they don't pay us.
Having cutting-edge encryption may not seem important to a small blog, but it is critical to advancing the encrypted-by-default future of the Internet. Every byte, however seemingly mundane, that flows encrypted across the Internet makes it more difficult for those who wish to intercept, throttle, or censor the web. In other words, ensuring your personal blog is available over HTTPS makes it more likely that a human rights organization or social media service or independent journalist will be accessible around the world. Together we can do great things.
The Internet is a belief system. At CloudFlare, we're proud today that we're playing a part in helping advance that belief system. And, having proven that Universal SSL is possible at our scale, we hope many other organizations will follow in turning SSL on for all their customers and at no additional cost.
#savetheweb
If you are already a CloudFlare customer, we're rolling out Universal SSL throughout the day today. We expect it will be fully provisioned for most current customers within the next 24 hours. If you're a new customer, note that it will take up to 24 hours from when you sign up to provision SSL for our free service (and, again, if you're in a hurry, it's still instant for all paid plans).
One final note: if you signed up for CloudFlare through one of our hosting partners, it will be a bit longer before we can enable Universal SSL. This is due to a technical limitation on how we need to provision the Universal SSL certificates. We think we can solve the technical limitation and expect that we'll be able to support Universal SSL through partners before the end of the year. Until then, hang tight.
Thanks
This is a day the CloudFlare team has been looking forward to for the last three years. It took a ton of work. We couldn't have done it without the help of a number of great people both on our own team and at other organizations that provided assistance. Special thanks to Globalsign, Comodo, Ryan Hurst, Christopher Soghoian (ACLU), Peter Eckersley (EFF), and Adam Langley (Google).
Over the next few days, we'll be posting a series of articles about the details behind how we made Universal SSL a reality. There were a number of hard technical, business, and legal challenges we had to overcome to make today possible. The people that worked on solving them are excited to share their stories. Stay tuned.
Update: It's taking us a bit longer to provision Universal SSL for all our customers than we'd originally anticipated. We're now expecting the provisioning process to be complete on Thursday, October 2 @ 0700 UTC. We've published a new blog post on how you can track our progress and what errors you may see if you try and visit your site over HTTPS before the provisioning process is complete.