HowManyNimons@lemmy.world to Programmer Humor@lemmy.ml · 7 months agoLemmy todayi.imgflip.comimagemessage-square245fedilinkarrow-up1885
arrow-up1885imageLemmy todayi.imgflip.comHowManyNimons@lemmy.world to Programmer Humor@lemmy.ml · 7 months agomessage-square245fedilink
minus-squareSugarSnack@lemm.eelinkfedilinkarrow-up2·7 months agoDoes that mean it wouldn’t be an issue if you bring an SSL cert from say ZeroSSL but use Cloudflare for DNS, caching, DDoS protection etc?
minus-squareSirQuackTheDuck@lemmy.worldlinkfedilinkarrow-up4·7 months agoFor DNS and DDoS protection that wouldn’t directly be an issue. For caching it would be breaking. You cannot cache what you cannot read (encrypted traffic can only be cached by the decrypting party).
minus-squaremarkstos@lemmy.worldlinkfedilinkarrow-up3·7 months agoIt’s not who issues the cert that matters, it is who hosts it. Hosting it includes having the private key. You always have to trust your website host, full stop.
Does that mean it wouldn’t be an issue if you bring an SSL cert from say ZeroSSL but use Cloudflare for DNS, caching, DDoS protection etc?
For DNS and DDoS protection that wouldn’t directly be an issue.
For caching it would be breaking. You cannot cache what you cannot read (encrypted traffic can only be cached by the decrypting party).
It’s not who issues the cert that matters, it is who hosts it. Hosting it includes having the private key. You always have to trust your website host, full stop.