Creating CDN services with SSL enabled

Introduction

Secure Sockets Layer (SSL) allows you to access CDN services over HTTPS protocol.

We provide the following SSL solutions for our Nginx based CDN services: CDN Static, CDN Static Push and CDN HTTP Live.

SNI LE SSL	We provide you an SSL certificate (issued by the Let's Encrypt certificate authority) for your domain for free and we enable it for your CDN service for free.
SNI SSL	You provide us an SSL certificate for your domain and we enable it for your CDN service for free.

Please refer to the Services/How-To section for more details.

How to enable SNI SSL / SNI LE SSL

Create a CDN Static (Pull/Push) or CDN HTTP Live service.
Go to Services/Certs.
Select your desired SSL type and CDN service.

This step is for SNI SSL only. For SNI LE SSL please continue to the next (final) step.

Please note that every SSL certificate contains a Common Name (CN) and, alternatively, Subject Alternative Names (SANs). If you intend to use your certificate for your CDN service, your CDN Service Domain must match your certificate's Common Name or be included in its Subject Alternative Names. You can verify your certificate details using our SSL certificate viewer. If your CDN Service Domain does not match your certificate's Common Name and is not included in its Subject Alternative Names, browsers will throw an SSL error when accessing your CDN service via https://. In the following examples, let's assume that your CDN Service Domain is static.mycompany.com.

Examples

CN:	mycompany.com
SANs:	mycompany.com, www.mycompany.com
You can not use this SSL certificate.

CN:	static.mycompany.com
SANs:	N/A
You can use this SSL certificate.

CN:	mycompany.com
SANs:	mycompany.com, www.mycompany.com, static.mycompany.com
You can use this SSL certificate.

CN:	*.mycompany.com
SANs:	N/A
You can use this SSL certificate.

You can use our SSL certificate viewer to verify your SSL certificate details. If your certificate matches your CDN service, navigate to the Services/Certs page and input your certificate in PEM format. To prevent unintended white space symbols (such as spaces or new lines), it's advisable to first paste your certificate into a text editor and then copy-paste it into our form. This ensures that the format of your certificate is supported. Your certificate may be either a single-domain certificate or a wildcard certificate. Ensure that you also include all intermediate certificates necessary for a complete certificate chain, appending them below your certificate as illustrated in the following example.
```
-----BEGIN CERTIFICATE-----
MIIF7zCCA9egAwIBAgIUPoIIvvvppIGsF9xZgJ6qQnVyQwEwDQYJKoZIhvcNAQEL
BQAwgYYxCzAJBgNVBAYTAlhYMRIwEAYDVQQIDAlTdGF0ZU5hbWUxETAPBgNVBAcM
CENpdHlOYW1lMRQwEgYDVQQKDAtDb21wYW55TmFtZTEbMBkGA1UECwwSQ29tcGFu
eVNlY3Rpb25OYW1lMR0wGwYDVQQDDBRDb21tb25OYW1lT3JIb3N0bmFtZTAeFw0y
NDAzMTAxNjM5MTdaFw0zNDAzMDgxNjM5MTdaMIGGMQswCQYDVQQGEwJYWDESMBAG
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
/f4G1mgUXQ37RNELDMBOiGbjdLjXTI3COfR4qj1O1d1iQ6JW1pfwo6BUyklZE4Dp
ByZHRuguSgvBRiWCs2lK/wPUuN5ZfkodugzIjwUE2GeMoxsOyDBnNSTkXEJ83C7e
oCoL+8YGbcchn+w/r+JKnHaPy7Vtm5S3T/TcYR0inMr4Fe/3fyzqX0pUDaj4GGZv
+zzlPluDOYKbUF/3OiK5TCoiz6/WveOviI4nQ/TN79hICy9snxICMpHHhNfbXdPj
-----END CERTIFICATE-----
```

Fill in your certificate key in the non-encrypted format. You can use this online SSL certificate key matcher to check if your certificate and key match.

Click on the Add Certificate button.
That's all.

Notes

You can use this online SSL certificate checker to check if your certificate has been correctly installed.
If you need to convert your SSL certificate from a non-PEM format to the (required) PEM format you can use this online SSL converter.
Read more about SNI SSL on the Wikipedia or check SNI Let's Encrypt example page.
Please note that you can manage your SNI / SNI LE SSL certificates via our CDN API.

Creating CDN services with SSL enabled

Introduction

How to enable SNI SSL / SNI LE SSL

Examples

Notes

Contact Us