Certificate Authority

How Cloudflare is helping domain owners with the upcoming Entrust CA distrust by Chrome and Mozilla

2024-09-19

Chrome and Mozilla will stop trusting Entrust’s public TLS certificates issued after November 2024 due to concerns about Entrust’s compliance with security standards. In response, Entrust is partnering with SSL.com to continue providing trusted certificates. Cloudflare will support SSL.com as a CA, simplifying certificate management for customers using Entrust by automating issuance and renewals....

Dina Kozlov

How Cloudflare is helping domain owners with the upcoming Entrust CA distrust by Chrome and Mozilla

How we ensure Cloudflare customers aren't affected by Let's Encrypt's certificate chain change

2024-04-12

Security Application Services TLS SSL Certificate Authority Deep Dive

Let’s Encrypt’s cross-signed chain will be expiring in September. This will affect legacy devices with outdated trust stores (Android versions 7.1.1 or older). To prevent this change from impacting customers, Cloudflare will shift Let’s Encrypt certificates upon renewal to use a different CA...

Dina Kozlov

A tour through Merkle Town, Cloudflare's Certificate Transparency dashboard

2018-03-24

SSL TLS HTTPS Security Dashboard Certificate Authority

The success of Certificate Transparency rests on the existence of a robust ecosystem of logs and log operators. Without logs that CAs can depend on, it’s not practical for browsers to require that SSL certificates have been logged to be trusted—as Chrome plans to do on April 30....

Patrick R. Donahue

Introducing Certificate Transparency and Nimbus

2018-03-23

Certificate Authority Security HTTPS SSL Research Cryptography

Certificate Transparency (CT) is an ambitious project to help improve security online by bringing accountability to the system that protects HTTPS. Cloudflare is announcing support for this project by introducing two new public-good services....

Nick Sullivan

CAA of the Wild: Supporting a New Standard

2017-12-07

Product News SSL DNS Security TLS 1.3 TLS Reliability Universal SSL Certificate Authority

One thing we take pride in at Cloudflare is embracing new protocols and standards that help make the Internet faster and safer. Sometimes this means that we’ll launch support for experimental features or standards still under active development, as we did with TLS 1.3....

Max Nystrom

July 06, 2017 1:35 PM

How to make your site HTTPS-only

The Internet is getting more secure every day as people enable HTTPS, the secure version of HTTP, on their sites and services....

Nick Sullivan

HTTPS

, SSL

, Automatic HTTPS

, Certificate Authority

, HTTP2

May 10, 2016 3:21 PM

How we built Origin CA: Web Crypto

At CloudFlare we strive to combine features that are simple, secure, and backed by solid technology. The Origin CA is a great example of this. You no longer need to go to a third-party certificate authority to protect the connection between CloudFlare and your origin server....

Nick Sullivan

Certificate Authority

, JavaScript

, API

, Security

, Cryptography

December 22, 2015 4:43 PM

Why it’s harder to forge a SHA-1 certificate than it is to find a SHA-1 collision

It’s well known that SHA-1 is no longer considered a secure cryptographic hash function. Researchers now believe that finding a hash collision (two values that result in the same value when SHA-1 is applied) is inevitable and likely to happen....

Nick Sullivan

Certificate Authority

, Reliability

, Programming

, RSA

June 24, 2015 1:57 PM

How to build your own public key infrastructure

A major part of securing a network as geographically diverse as CloudFlare’s is protecting data as it travels between datacenters. Customer data and logs are important to protect but so is all the control data that our applications use to communicate with each other. ...

Nick Sullivan

TLS

, HTTPS

, Encryption

, Certificate Authority

, SSL

February 24, 2015 8:15 PM

Universal SSL: Encryption all the way to the origin, for free

Last September, CloudFlare unveiled Universal SSL, enabling HTTPS support for all sites by default. All sites using CloudFlare now support strong cryptography from the browser to CloudFlare’s servers....