HowManyNimons@lemmy.world to Programmer Humor@lemmy.ml · 5 months agoLemmy todayi.imgflip.comimagemessage-square193fedilinkarrow-up11arrow-down10
arrow-up11arrow-down1imageLemmy todayi.imgflip.comHowManyNimons@lemmy.world to Programmer Humor@lemmy.ml · 5 months agomessage-square193fedilink
minus-squareSugarSnack@lemm.eelinkfedilinkarrow-up0·5 months agoDoes that mean it wouldn’t be an issue if you bring an SSL cert from say ZeroSSL but use Cloudflare for DNS, caching, DDoS protection etc?
minus-squaremarkstos@lemmy.worldlinkfedilinkarrow-up0·5 months agoIt’s not who issues the cert that matters, it is who hosts it. Hosting it includes having the private key. You always have to trust your website host, full stop.
minus-squareSirQuackTheDuck@lemmy.worldlinkfedilinkarrow-up0·5 months agoFor DNS and DDoS protection that wouldn’t directly be an issue. For caching it would be breaking. You cannot cache what you cannot read (encrypted traffic can only be cached by the decrypting party).
Does that mean it wouldn’t be an issue if you bring an SSL cert from say ZeroSSL but use Cloudflare for DNS, caching, DDoS protection etc?
It’s not who issues the cert that matters, it is who hosts it. Hosting it includes having the private key. You always have to trust your website host, full stop.
For DNS and DDoS protection that wouldn’t directly be an issue.
For caching it would be breaking. You cannot cache what you cannot read (encrypted traffic can only be cached by the decrypting party).