HowManyNimons@lemmy.world to Programmer Humor@lemmy.ml · 1 month agoLemmy todayi.imgflip.comimagemessage-square198fedilinkarrow-up1884arrow-down131
arrow-up1853arrow-down1imageLemmy todayi.imgflip.comHowManyNimons@lemmy.world to Programmer Humor@lemmy.ml · 1 month agomessage-square198fedilink
minus-squareSugarSnacklinkfedilinkarrow-up2·1 month agoDoes that mean it wouldn’t be an issue if you bring an SSL cert from say ZeroSSL but use Cloudflare for DNS, caching, DDoS protection etc?
minus-squareSirQuackTheDuck@lemmy.worldlinkfedilinkarrow-up4·1 month agoFor DNS and DDoS protection that wouldn’t directly be an issue. For caching it would be breaking. You cannot cache what you cannot read (encrypted traffic can only be cached by the decrypting party).
minus-squaremarkstos@lemmy.worldlinkfedilinkarrow-up3·1 month agoIt’s not who issues the cert that matters, it is who hosts it. Hosting it includes having the private key. You always have to trust your website host, full stop.
Does that mean it wouldn’t be an issue if you bring an SSL cert from say ZeroSSL but use Cloudflare for DNS, caching, DDoS protection etc?
For DNS and DDoS protection that wouldn’t directly be an issue.
For caching it would be breaking. You cannot cache what you cannot read (encrypted traffic can only be cached by the decrypting party).
It’s not who issues the cert that matters, it is who hosts it. Hosting it includes having the private key. You always have to trust your website host, full stop.