[corobo]

You can use a self signed cert between CloudFlare and your server by the looks of it. The optimistic point though I agree on. Hopefully there's some way of telling if your traffic from CF to origin is secure.

Wouldn't want the next big community to be fake-secure to save a few quid

Source: https://support.cloudflare.com/hc/en-us/articles/200170416-W...

[agwa]

Thanks for the link. I'm really surprised by the presence of the "flexible" option since it provides little more than a facade of security. (A self-signed cert is also insecure, though less so, unless there's some way to pin it on the CloudFlare side.)