Opportunistic Encryption allows browsers to access HTTP URIs over an encrypted TLS channel. It’s not a substitute for HTTPS, but provides additional security for otherwise vulnerable requests.
Use HTTPS when both strong encryption and authentication are required. HTTP Opportunistic Encryption provides a means of enabling TLS when needed for other protocols such as HTTP/2. It does not provide the same indications of security as HTTPS (the green lock icon in most browser address bars).
Enable Opportunistic Encryption
To enable Opportunistic Encryption in the dashboard:
- Log in to your Cloudflare account and go to a specific domain.
- Go to SSL/TLS > Edge Certificates.
- For Opportunistic Encryption, switch the toggle to On.
To adjust your Opportunistic Encryption settings with the API, send a
PATCHrequest with the
valueparameter set to your desired setting (