Cloudflare Dedicated SSL Certificates provides a cost effective fully managed SSL solution, eliminating the burden of generating private keys, creating certificate signing requests (CSR), renewing certificates, and many of the other maintenance tasks associated with traditional SSL certificates.
Cloudflare Dedicated Domain-Validated SSL
- Dedicated SSL Certificate
- Dedicated to your domain
- Common Name (CN) is your fully qualified domain name (example.com)
- Automatically renewed on your behalf
- Protects example.com and *.example.com
Reduce Latency and Optimize Performance
Shorter physical distance between your certificate and your visitors results in enormous performance gains. Cloudflare distributes your certificates to our edge servers around the globe to significantly reduce the latency incurred during the TLS handshake.
Cloudflare has been a major contributor of emerging encryption technologies like the Transportation Layer Security (TLS) 1.3 protocol. TLS 1.3 provides unparalleled privacy and performance compared to previous versions of TLS, and Cloudflare is the first to offer TLS 1.3 on a global scale. The secure web is now more performant than any other previous version and non-secure HTTP.
Cloudflare has also been a leader in the global implementation of networking technologies like HTTP/2 and Server Push, which have been designed to improve page load times. A secure connection over HTTPS is required in order to take advantage of HTTP/2 and Server Push.
Optimal Compatibility Across Browsers and Devices
Cloudflare issued certificates are trusted by all common browsers, email clients, operating systems, and mobile devices.
For utmost compatibility, each Dedicated SSL Certificate includes three versions of the certificate SHA-2/ECDSA, SHA-2/RSA, SHA-1/RSA. When a browser attempts to connect to your domain, Cloudflare will serve the optimal certificate version to establish the connection.
The SHA-2/RSA and SHA-1/RSA certificates utilize a 2048-bit private key to secure data transmission where SHA-2/ECDSA certificates uses the P-256 curve. ECDSA results in smaller key sizes making TLS faster and more scalable while providing better security than the default cryptography in use on the web.