We accelerate websites

15 days free trial Sign up

Media Acceleration Stream to the world

15 days free trial Sign up

Extensive Network Excellent world coverage

Creating CDN services with an SSL enabled

Introduction

Secure Sockets Layer (SSL) support of CDN Static and CDN Static Push services allows you to access CDN services over HTTPS protocol.

Please note that you can always access CDN Static and CDN Static Push services over both HTTP and HTTPS protocols. But if SSL is not enabled for the CDN service then access over HTTPS protocol will throw an SSL error because the CDN domain will not match the SSL certificate used for the HTTPS connection.

We provide the following four SSL solutions.

Shared SSL We provide you a shared SSL certificate for our *.r.worldssl.net domain for free and we enable it for your CDN service for free.
SNI SSL You provide us an SSL certificate for your domain and we enable it for your CDN service for free.
SNI LE SSL We provide you a custom SSL certificate (issued by the Let's Encrypt certificate authority) for your domain for free and we enable it for your CDN service for free.
SNI Cloud SSL We provide you a custom SSL certificate for your domain for $660 / year and we enable it for your CDN service for an installation fee of $39.

Please refer to the notes below for more details.

Shared SSL

The steps are identical for both CDN Static and CDN Static Push services. The Shared SSL can be enabled during a CDN service creation (in advanced settings) or on the Services/Settings page.

How to enable Shared SSL

  • Enable Shared SSL - select "Enabled" from the Shared SSL select box.
  • Fill in "special" Service Domain - your Service Domain has to be of the format ONEWORD.r.worldssl.net, so for example mycompany.r.worldssl.net. No other formats are supported.
Create CDN

Custom SSL - SNI / SNI LE / SNI Cloud SSL

The steps are identical for both CDN Static and CDN Static Push services.

How to enable SNI / SNI LE / SNI Cloud SSL

  1. Create a CDN Static service with Shared SSL set to Disabled.
  2. Create CDN
  3. Go to Services → Certs.
  4. Select your desired SSL type and CDN service as in the picture below.
    Add SSL certificate - choose type
  5. (For SNI SSL only)
    • Please note that every SSL certificate contains a Common Name (CN) and alternatively also Subject Alternative Names (SANs). If you want to use your certificate for your CDN service then your CDN Service Domain must match your certificate Common Name or it must be contained in your certificate Subject Alternative Names. Please use our SSL certificate viewer to check your certificate details. If your CDN Service Domain would not match your certificate Common Name and also it would not be contained in your certificate Subject Alternative Names then browsers would throw an SSL error when accessing your CDN service via https://. In the following examples let's assume that your CDN Service Domain is static.mycompany.com.

      Examples

      CN:mycompany.com
      SANs:mycompany.com, www.mycompany.com
      You can not use this SSL certificate.
      CN:static.mycompany.com
      SANs:N/A
      You can use this SSL certificate.
      CN:mycompany.com
      SANs:mycompany.com, www.mycompany.com, static.mycompany.com
      You can use this SSL certificate.
      CN:*.mycompany.com
      SANs:N/A
      You can use this SSL certificate.
    • Please use our SSL certificate viewer to check your certificate details and then on the Services → Certs page fill in your certificate in the PEM format. It can be a single domain or a wildcard certificate. Fill in also all intermediate certificates required for a valid certificate chain. Append them below your certificate as in the following example.
      -----BEGIN CERTIFICATE-----
      MIIDXTCCAkWgAwIBAgIJAJC1HiIAZAiIMA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNV
      BAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBX
      aWRnaXRzIFB0eSBMdGQwHhcNMTExMjMxMDg1OTQ0WhcNMTIxMjMwMDg1OTQ0WjBF
      C3Fayua4DRHyZOLmlvQ6tIChY0ClXXuefbmVSDeUHwc8YufRAERp2GfQnL2JlPUL
      B7xxt8BVc69rLeHV15A0qyx77CLSj3tCx2IUXVqRs5mlSbq094NBxsauYcm0A6Jq
      vA==
      -----END CERTIFICATE-----
      -----BEGIN CERTIFICATE-----
      qJ6A0mcYuasxBN490qbSlm5sRqVXUI2xCt3jSLC77xyq0A51VHeLr96cVB8txx7B
      LUPlJ2LnQfG2pREARfuY8cwHUeDSVmbfeuXXlC0YhCIt6QvlmLOZyHRD4auyaF3C
      FBjW0QTO1gDMwMjMxITMNchW0QTO1gDMxMjMxETMNchHwQGdMBSe0BFIzRXanRWa
      XBCdl5mclRnbJhBDKQQVDYwHwESMlRXY0NVLl12bTpADIQQVDYQEwMRMVFkATYAB
      VNgBJAzCxUEMAUQBBEQD3bISGqSCG0AMIiAZAIiH1CJAJIgABIwAgWkACCTXDIAv
      IM==
      -----END CERTIFICATE-----
      
    • Fill in your certificate key in the non-encrypted format.
      -----BEGIN PRIVATE KEY-----
      Wbo6CjdgoKVCKGKD+iZGmwKBgQCUOdvnYwFln0zH3nXiboV/zVhCSWt8ujcTqyQ2
      tMefgCt7XYjCjg7OehHHAfdjASTg9H7vv8iktK/glIno2yRY1ACZw1xqrnGK5Bid
      wSwftoJRVnCSMHvXeax7HvLzM9oGkSM0xzwef+xNtbZyPgEffVWVkYLvycxmxcIu
      YmKrKNa51G/ia73CSECCuVq4zKKRelMF6HW6AnTXAXVYhiej5rLwFE3zrB1tA/fn
      kOFHmdqSpXvgJEWvhCuxE9QxXDuqSxW52h0WhPKyMpw9yCSw7dFR
      -----END PRIVATE KEY-----
      
      Add SSL certificate
  6. Click on the Add Certificate button and in the case of SNI Cloud SSL complete the payment process.
  7. That's all.

Notes

  • The certificate for SNI Cloud SSL will be issued by GlobalSign. Currently we don't support wildcard certificates for SNI Cloud SSL, we only support single domain certificates.
  • Please note that SNI SSL (SNI LE SSL) is supported by around 92% of all browsers. It is not supported by old versions of Internet Explorer and by old mobile devices. Read more about SNI SSL on the Wikipedia or check SNI Let's Encrypt example page. Please note that SNI Cloud SSL is supported by all browsers and all devices.
  • Currently SNI LE SSL can be enabled only for CDN Static Push services, it can not be enabled for CDN Static services.
  • There is a limit on number of requests to issue Let's Encrypt certificate - every account can request at most one Let's Encrypt certificate within 72 hours.
  • If you need to convert your SSL certificate from a non-PEM format to the (required) PEM format you can use this online SSL converter.
 
  _____    _    _     _  _      ___    
 /  ___|| | || | ||  | \| ||   / _ \\  
| // __   | || | ||  |  ' ||  | / \ || 
| \\_\ || | \\_/ ||  | .  ||  | \_/ || 
 \____//   \____//   |_|\_||   \___//  
  `---`     `---`    `-` -`    `---`   
                                       
Europe
  • Amsterdam
  • Athens
  • Bucharest
  • Budapest
  • Chelyabinsk
  • Dubai
  • Frankfurt
  • Helsingborg
  • Helsinki
  • Istanbul
  • Karlskrona
  • Kharkov
  • Kiev
  • Kungalv
  • Lisbon
  • London
  • Lvov
  • Madrid
  • Milan
  • Moscow
  • Odessa
  • Oslo
  • Paris
  • Polevskoy
  • Samara
  • Stockholm
  • Tel Aviv-Yafo
  • Zagreb
America
  • Arlington
  • Atlanta
  • Chicago
  • Dallas
  • Denver
  • Green Bay
  • Los Angeles
  • Miami
  • Montreal
  • New York
  • Phoenix
  • Portland
  • Provo
  • Queretaro
  • Reston
  • Sacramento
  • San Jose
  • Sao Paulo
  • Seattle
  • Toronto
  • Washington
Contact
  • e-mail: info@cdnsun.com
  • skype: cdnsun.com
  • phone: +1 844 300 9206
  • phone: +420 776 256 872
Blog Twitter LinkedIn Facebook CrunchBase Google+ / Google plus Foursquare Pinterest