These days the best available transport layer security (TLS) can be acquired at no cost. And purchasing a certificate is no longer necessary. Here’s how we do encryption correctly using CloudFlare Free FULL Strict SSL on this blog!
Running your website forum or blog under CloudFlare provides the best available speed through caching and unbeatable firewall in the business. It’s as easy as going to cloudflare.com and registering your account. After registering your webmaster account click add website and follow the prompts.
After your domain is active on cloudflare click the Crypto Tab.
The following choices are:
- Flexible SSL:
- SSL is terminated at the Cloudflare edge servers. Everything between your client and Cloudflare is encrypted, but between Cloudflare and your origin server is not encrypted. You would not need a certificate directly installed on your server for full encryption.
- SSL Full:
- SSL is terminated at the Cloudflare edge server. Then it is encrypted again, and sent back to your servers all encrypted. You would need an SSL certificate installed directly on your server for this option. You can also use a self-signed certificate for this option.
- SSL Full (strict):
- Same as SSL Full, but you must have a certificate that is signed by a CA (Certificate Authority.)