HowManyNimons@lemmy.world to Programmer Humor@lemmy.ml · 1 month agoLemmy todayi.imgflip.comimagemessage-square192fedilinkarrow-up11arrow-down10
arrow-up11arrow-down1imageLemmy todayi.imgflip.comHowManyNimons@lemmy.world to Programmer Humor@lemmy.ml · 1 month agomessage-square192fedilink
minus-squareSugarSnack@lemm.eelinkfedilinkarrow-up0·1 month agoDoes that mean it wouldn’t be an issue if you bring an SSL cert from say ZeroSSL but use Cloudflare for DNS, caching, DDoS protection etc?
minus-squaremarkstos@lemmy.worldlinkfedilinkarrow-up0·1 month agoIt’s not who issues the cert that matters, it is who hosts it. Hosting it includes having the private key. You always have to trust your website host, full stop.
minus-squareSirQuackTheDuck@lemmy.worldlinkfedilinkarrow-up0·1 month agoFor DNS and DDoS protection that wouldn’t directly be an issue. For caching it would be breaking. You cannot cache what you cannot read (encrypted traffic can only be cached by the decrypting party).
Does that mean it wouldn’t be an issue if you bring an SSL cert from say ZeroSSL but use Cloudflare for DNS, caching, DDoS protection etc?
It’s not who issues the cert that matters, it is who hosts it. Hosting it includes having the private key. You always have to trust your website host, full stop.
For DNS and DDoS protection that wouldn’t directly be an issue.
For caching it would be breaking. You cannot cache what you cannot read (encrypted traffic can only be cached by the decrypting party).