MORE POSTS
March 14, 2024 2:00 PM
Upcoming Let’s Encrypt certificate chain change and impact for Cloudflare customers
Let’s Encrypt’s cross-signed chain will be expiring in September. To prepare for the change, after May 15th, 2024, Cloudflare will start issuing certs from Let’s Encrypt’s ISRG X1 chain. This change will impact legacy devices with outdated trust stores (Android versions 7.1.1 or ...
September 04, 2023 1:00 PM
Connection coalescing with ORIGIN Frames: fewer DNS queries, fewer connections
In this blog we’re going to take a closer look at “connection coalescing”, with specific focus on manage it at a large scale...
August 09, 2023 1:00 PM
Introducing per hostname TLS settings — security fit to your needs
Starting today, customers that use Cloudflare’s Advanced Certificate Manager can configure TLS settings on individual hostnames within a domain...
July 11, 2023 1:00 PM
Bring your own CA for client certificate validation with API Shield
API shield customers can now upload their own CA to use for client certificate validation. This ensures that only authorized clients and devices can make requests to your API endpoint or application. ...
April 03, 2023 1:00 PM
mTLS client certificate revocation vulnerability with TLS Session Resumption
This blog post outlines the root cause analysis and solution for a bug found in Cloudflare’s mTLS implementation...
March 23, 2023 1:00 PM
Out now! Auto-renew TLS certificates with DCV Delegation
Cloudflare will now allow customers that are managing DNS externally to auto-renew certificates through DCV Delegation...
March 13, 2023 1:00 PM
Mutual TLS now available for Workers
Mutual TLS is used to secure a range of network services and applications: APIs, web applications, microservices, databases and IoT devices. With mTLS support for Workers you can use Workers to authenticate to any service secured by mTLS directly!...
December 15, 2022 2:00 PM
A new, configurable and scalable version of Geo Key Manager, now available in Closed Beta
We’re excited to announce a new version of Geo Key Manager — one that allows customers to define boundaries by country, by a region, or by a standard, such as “only store my private keys in FIPS compliant data centers” — now available in Closed Beta....
November 16, 2022 2:00 PM
Bringing authentication and identification to Workers through Mutual TLS
We’re excited to announce that Workers will soon be able to send outbound requests through a mutually authenticated channel via mutual TLS authentication!...
October 06, 2022 6:00 PM
Total TLS: one-click TLS for every hostname you have
Today, we’re excited to announce Total TLS — a one-click feature that will issue individual TLS certificates for every subdomain in our customer’s domains...
August 04, 2022 1:00 PM
Experiment with post-quantum cryptography today
The future is post quantum. Enable post-quantum key agreement on your test zone today and get a headstart...
March 14, 2022 12:59 PM
Introducing: Backup Certificates
We are excited to introduce backup certificates to increase reliability of our service for anyone using the Cloudflare platform in the event of key compromises or related issues...
November 08, 2021 3:39 PM
Sizing Up Post-Quantum Signatures
How much room does TLS have for the big post-quantum signatures? We had a look: it’s tight....
October 22, 2021 3:31 PM
Cloudflare for SaaS for All, now Generally Available!
We are very excited to announce that Cloudflare for SaaS is generally available, so that every customer, big and small, can use Cloudflare for SaaS to continue scaling and building their SaaS business. ...
October 13, 2021 12:59 PM
Exported Authenticators: The long road to RFC
Learn more about Exported Authenticators, a new extension to TLS, currently going through the IETF standardisation process....