3 matches found
EUVD-2026-41207
Description: To issue and renew TLS certificates on behalf of customers, Cloudflare's Universal SSL feature automatically manages the CAA RRset for the customer's zone. This auto-managed RRset is permissive by design e.g. 'issue "letsencrypt.org"' without parameters. On Universal SSL zones,...
CVE-2026-14440
Summary: CVE-2026-14440 concerns Cloudflare’s Universal SSL: automatic, permissive CAA RRset management on Universal SSL zones supersedes customer CAA records. When customers push stricter CAA via RFC 8657 accounturi or validationmethods, CAs do not observe those parameters during RFC 8659 evalua...
CloudFlare Rolls Out Free SSL
In a move that will essentially double the number of SSL-protected sites on the Web in the space of 24 hours, CloudFlare on Monday said that it was enabling SSL for all of its more than two million customers for free. The new service is called Universal SSL, and the company is making it available...