Opportunistic Encryption
Opportunistic Encryption allows browsers to access HTTP URIs over an encrypted TLS channel. It’s not a substitute for HTTPS, but provides additional security for otherwise vulnerable requests.
Use HTTPS when both strong encryption and authentication are required. HTTP Opportunistic Encryption provides a means of enabling TLS when needed for other protocols such as HTTP/2. It does not provide the same indications of security as HTTPS (the green lock icon in most browser address bars).
Availability
Free | Pro | Business | Enterprise | |
Availability | Yes | Yes | Yes | Yes |
Enable Opportunistic Encryption
You do not need to configure your origin web server to support Opportunistic Encryption. All it requires is updating your settings in the Cloudflare dashboard.
To enable Opportunistic Encryption in the dashboard:
- Log in to your Cloudflare account and go to a specific domain.
- Go to SSL/TLS > Edge Certificates.
- For Opportunistic Encryption, switch the toggle to On.
To adjust your Opportunistic Encryption settings with the API, send a
PATCH
request with the value
parameter set to your desired setting ("on"
or "off"
).