Cloudflare Docs
Visit SSL/TLS on GitHub
Set theme to dark (⇧+D)

Opportunistic Encryption

Opportunistic Encryption allows browsers to access HTTP URIs over an encrypted TLS channel. It’s not a substitute for HTTPS, but provides additional security for otherwise vulnerable requests.

Use HTTPS when both strong encryption and authentication are required. HTTP Opportunistic Encryption provides a means of enabling TLS when needed for other protocols such as HTTP/2. It does not provide the same indications of security as HTTPS (the green lock icon in most browser address bars).

​​ Availability




​​ Enable Opportunistic Encryption

To enable Opportunistic Encryption in the dashboard:

  1. Log in to your Cloudflare account and go to a specific domain.
  2. Go to SSL/TLS > Edge Certificates.
  3. For Opportunistic Encryption, switch the toggle to On.
To adjust your Opportunistic Encryption settings with the API, send a PATCH request with the value parameter set to your desired setting ("on" or "off").