On Monday, September 12, 2016 at 2:43:09 PM UTC+1, Peter Kurrasch wrote: > I was thinking of more the server (cloud) side of things. I'm not familiar > enough with Cloudflare's service, but I imagine that if I have a server set > up I will also have access to my private key. If so, I now have access to the > private key of the other domains. Perhaps there are protections set up?
CloudFlare perform SSL termination for these certificates on their side before proxying, you never get access to the private key. _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
