CloudFlare customers were today greeted with the incredible news that the use of SSL would be coming to all current members as well as any new members that wish to join. Currently SSL is being rolled out to all of the current members of CloudFlare. The team behind this stated that yesterday there were almost 2 million websites that are encrypted using SSL. By the end of today that number will have doubled.
For a new member of CloudFlare signing up with a free account, your Universal SSL will be activated 24 hours after the process. For any paying members of the CloudFlare service you will be able to access these Universal SSL settings instantaneously.
For those of you who use CloudFlare but are unaware, the uses of SSL (or properly termed TLS) are to enable a secured and encrypted connection to be made. For any free users of CloudFlare you will get defaulted to a flexible SSL setup where the connection between a browser and CloudFlare servers will be encrypted but from the Cloudflare server to the origin of your website will not be encrypted. CloudFlare is urging all users to install a certificate, even if only self signed, on their web servers so that further encryption can be made. This will allow users to access the full and strict SSL mode for a higher level of security. Strict mode requires a verified key, while full only requires self signed or better.
There are other benefits and features being added such as allowing more users to utilize SPDY, which allows for a site to be run faster, encouraging users to upgrade their browsers if they aren’t using one that is current.
If you want to read more about this from CloudFlare then here is the original blog post that they made.
For CloudFlare users who need a bit more help setting up their servers we recommend using the following guide about configuring TLS on servers.