Port 80 on my origin, but SSL via cloudflare
I'd like to keep using port 80 on my non-important origin apache server, and I was under the impression if I proxied the DNS via CF, CF could provide https for the domain for client->CF communication and get CF to communicate with my origin server on port 80. I've got SSL set to flexible, but CF can't seem to connect. Is there a way to tell CF to communicate with the origin on port 80 always?
7 Replies
https should be over the port 443
so CF can connect to my origin on 443 even without a valid cert on my server without issue?
yes
as long as you dont tell cf to validate the cert its fine
ah so I still need to setup a self signed cert on the server
Cloudflare Docs
Encryption modes · Cloudflare SSL/TLS docs
Encryption modes allow you to control how Cloudflare connects to your origin web server and how certificates presented by your origin are validated.
Hoestly id just reccomend running a cloudflare tunnel from cf to the origin
this is pretty easy to setup and one of the safest ways to set it up
ah so mine is flexible which means even if the client attemps https:// CF will connect to my origin on port 80, according to that doc