undefined | Better HN

0 pointsis392y ago0 comments

While both client and origin network connections are encrypted with "Full (Strict)" SSL mode, Cloudflare proxy in the middle decrypts client traffic and then encrypts it towards the server (and vice versa). It does have access to plaintext, which is how various mitigations work. So it's indeed MITM proxy, by design.

0 comments

meowface2y ago

Ah, yeah, you're right.

j / k navigate · click thread line to collapse

0 pointsis392y ago0 comments

While both client and origin network connections are encrypted with "Full (Strict)" SSL mode, Cloudflare proxy in the middle decrypts client traffic and then encrypts it towards the server (and vice versa). It does have access to plaintext, which is how various mitigations work. So it's indeed MITM proxy, by design.

0 comments

meowface2y ago

Ah, yeah, you're right.

j / k navigate · click thread line to collapse