Streaming live at 10am (PST)

How to avoid "SSL certificate warning"


There are several posts stating that WebFlow doesn’t support HTTPS (SSL):

There is also a tutorial explaining how to enable (free) SSL using CloudFlare:

Although we have a wildcard SSL certificate for our domain, we don’t necessarily need HTTPS for the main website hosted on WebFlow right now. There is just one issue when users try to access the page via “https://…” the browser shows a warning that this seems to be a malicious website, as the SSL certificate provided by WebFlow is just for the WebFlow domain.

What options do we have to fix this (beside CloudFlare)?
Is it possible to setup a redirect from HTTPS to HTTP on WebFlow?
What other CDNs like Amazon CloudFront are supported by WebFlow?

Thanks in advance

Below, how the warning looks like:

The best way I’ve found to do this through Webflow right now is to host the site with Webflow, pass it through a free Cloudflare account, and set up a page rule on Cloudflare to force HTTPS. In this case, you would get rid of the SSL certificate for your domain as it would be provided for free by Cloudflare.

Thanks for your reply!

I’d prefer having our site in some Amazon infrastructure though. Is there anyone having experience using CloudFront for example?

It’s a pity that WebFlow doesn’t offer the ability for automatic export…

Agreed with you completely. I just posted a question earlier today regarding the hosting options: Clarifying Hosting Marketing on Webflow's Site

If it is indeed done through Amazon, it sure would be nice to have the option to check a box to enable SSL and force HTTPS.

Just as a note, you should enable SSL publish when you use CloudFront with Webflow:

Also @ADDN2X - your website’s assets are automatically hosted on Amazon Cloudfront CDN when you host with Webflow.

Thanks for the link @mbrannon47 - interesting to know that WebFlow not only serves via CloudFront, but also via Fastly. Curious if this has some effect on the case, when pulling the whole site (origin pull) from my own CloudFront instance.

JFYI: I don’t want to enforce HTTPS, just the opposite - as WebFlow doesn’t allow custom SSL certificates, i want to disable HTTPS, avoiding the warning in the browser concerning some invalid SSL certificate.

Thanks for the reply @brryant. Yes, this button is enabled in WebFlow, but I’m not sure how your answer affects my original problem. I want to avoid invalid SSL certificate warnings on my custom domain, which is serving the SSL certificate from

Is there some way to solve that? (without using CloudFlare)

1 Like

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.