Universal SSL (CloudFlare) vs Paid SSL


Universal SSL certificates are limited by:

  • the hostnames they cover, and
  • the client browsers they support.

Hostname coverage

Universal SSL certificates only support SSL for the root or first-level subdomains such as example.com and www.example.com. To enable SSL support on second, third, and fourth level subdomains such as dev.www.example.com or app3.dev.www.example.com, you need to purchase a paid SSL.

Browser support

Universal SSL uses Server Name Indication (SNI) certificates with Elliptic Curve Digital Signature Algorithm (ECDSA).  It is possible for Cloudflare Support to enable non-SNI support for domains on Pro, Business, or Enterprise plans for Universal, Dedicated, Custom, or Custom Hostname certificates.  SNI and ECDSA certificates work with the following modern browsers:

Desktop Browsers installed on Windows Vista or OS X 10.6 or later:

  • Internet Explorer 7
  • Firefox 2
  • Opera 8 (with TLS 1.1 enabled)
  • Google Chrome v5.0.342.0
  • Safari 2.1

Mobile Browsers:

  • Mobile Safari for iOS 4.0
  • Android 3.0 (Honeycomb) and later
  • Windows Phone 7

Getting Paid SSL Certificates

For paid SSL certificates, you may refer to https://www.apc.sg/ssl-certificates.

Did you find it helpful? Yes No

Send feedback
Sorry we couldn't be helpful. Help us improve this article with your feedback.