At which point is the MITM happening? What I mean is: browser → Cloudflare server → cloudflared on my server → web service. Is TLS only from browser to Cloudflare server, or is it browser to cloudflared?
>Is TLS only from browser to Cloudflare server, or is it browser to cloudflared?
It's encrypted between the browser and Cloudflare, but you can also create a cert and encrypt between Cloudflare and your origin server. (but that isn't mandatory)
