HowManyNimons@lemmy.world to Programmer Humor · 6 个月前Lemmy todayi.imgflip.comimagemessage-square199fedilinkarrow-up1888arrow-down131
arrow-up1857arrow-down1imageLemmy todayi.imgflip.comHowManyNimons@lemmy.world to Programmer Humor · 6 个月前message-square199fedilink
minus-squareSugarSnack@lemm.eelinkfedilinkarrow-up2·6 个月前Does that mean it wouldn’t be an issue if you bring an SSL cert from say ZeroSSL but use Cloudflare for DNS, caching, DDoS protection etc?
minus-squareSirQuackTheDuck@lemmy.worldlinkfedilinkarrow-up4·6 个月前For DNS and DDoS protection that wouldn’t directly be an issue. For caching it would be breaking. You cannot cache what you cannot read (encrypted traffic can only be cached by the decrypting party).
minus-squaremarkstos@lemmy.worldlinkfedilinkarrow-up3·6 个月前It’s not who issues the cert that matters, it is who hosts it. Hosting it includes having the private key. You always have to trust your website host, full stop.
Does that mean it wouldn’t be an issue if you bring an SSL cert from say ZeroSSL but use Cloudflare for DNS, caching, DDoS protection etc?
For DNS and DDoS protection that wouldn’t directly be an issue.
For caching it would be breaking. You cannot cache what you cannot read (encrypted traffic can only be cached by the decrypting party).
It’s not who issues the cert that matters, it is who hosts it. Hosting it includes having the private key. You always have to trust your website host, full stop.