Cloudflare Docs
Visit SSL/TLS on GitHub
Set theme to dark (⇧+D)

Origin server

Learn more about SSL/TLS protection options for your origin servers:

  • Encryption modes: Encryption modes allow you to control how Cloudflare connects to your origin web server and how certificates presented by your origin are validated.
  • SSL/TLS Recommender: The SSL/TLS Recommender helps you choose which Encryption mode is best for your application.
  • Origin CA certificates: Origin Certificate Authority (CA) certificates allow you to encrypt traffic between Cloudflare and your origin web server, and reduce origin bandwidth consumption.
  • Authenticated Origin Pulls (mTLS): Authenticated Origin Pulls helps ensure requests to your origin server come from the Cloudflare network.
  • Custom Origin Trust Store: Custom Origin Trust Store allows you to upload certificate authorities (CAs) that Cloudflare will use to authenticate connections to your origin server.
  • Cipher suites: Review a list of cipher suites that Cloudflare presents to origins during an SSL/TLS handshake.