Introduction
Secure Sockets Layer (SSL) support of CDN Static and CDN Static Push services allows you to access CDN services over HTTPS protocol.
Please note that you can always access CDN Static and CDN Static Push services over both HTTP and HTTPS protocols. But if SSL is not enabled for the CDN service then access over HTTPS protocol will throw an SSL error because the CDN domain will not match the SSL certificate used for the HTTPS connection.
We provide the following three SSL solutions.
Shared SSL | We provide you a shared SSL certificate for our *.r.worldssl.net domain for free and we enable it for your CDN service for free. |
---|---|
SNI SSL | You provide us an SSL certificate for your domain and we enable it for your CDN service for free. |
SNI LE SSL | We provide you a custom SSL certificate (issued by the Let's Encrypt certificate authority) for your domain for free and we enable it for your CDN service for free. |
Please refer to the notes below for more details.
Shared SSL
The steps are identical for both CDN Static and CDN Static Push services. The Shared SSL can be enabled during a CDN service creation (in advanced settings) or on the Services/Settings page.
How to enable Shared SSL
- Enable Shared SSL - select "Enabled" from the Shared SSL select box.
- Fill in "special" Service Domain - your Service Domain has to be of the format ONEWORD.r.worldssl.net, so for example mycompany.r.worldssl.net. No other formats are supported.

Custom SSL - SNI / SNI LE
The steps are identical for both CDN Static and CDN Static Push services.
How to enable SNI / SNI LE
- Create a CDN Static service with Shared SSL set to Disabled.
- Go to Services → Certs.
-
Select your desired SSL type and CDN service as in the picture below.
- (For SNI SSL only)
-
Please note that every SSL certificate contains a
Common Name (CN) and alternatively also
Subject Alternative Names (SANs).
If you want to use your certificate for your CDN service then
your CDN Service Domain
must match your certificate Common Name or it
must be contained in your certificate Subject Alternative Names.
Please use our SSL certificate viewer
to check your certificate details.
If your CDN Service Domain would not match your certificate Common Name
and also it would not be contained in your certificate Subject Alternative Names
then browsers would throw an SSL error when accessing your
CDN service via https://. In the following examples let's assume
that your CDN Service Domain is static.mycompany.com.
Examples
CN: mycompany.com SANs: mycompany.com, www.mycompany.com You can not use this SSL certificate. CN: static.mycompany.com SANs: N/A You can use this SSL certificate. CN: mycompany.com SANs: mycompany.com, www.mycompany.com, static.mycompany.com You can use this SSL certificate. CN: *.mycompany.com SANs: N/A You can use this SSL certificate. - Please use our SSL certificate viewer
to check your SSL certificate details and if your certificate matches your CDN service then
on the Services / Certs page
fill in your certificate in the PEM format.
To avoid inserting unwanted white symbols (spaces, new lines, etc.)
it is recommended to first copy-paste your certificate to a text editor and then
copy-paste it from the editor to our form otherwise you can receive an error that
the format of your certificate is not supported.
Your certificate can be a single domain certificate or it can be a wildcard certificate.
Make sure to fill in also all intermediate certificates
required for a valid certificate chain.
Append them below your certificate as in the
following example.
-----BEGIN CERTIFICATE----- MIIDXTCCAkWgAwIBAgIJAJC1HiIAZAiIMA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNV BAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBX aWRnaXRzIFB0eSBMdGQwHhcNMTExMjMxMDg1OTQ0WhcNMTIxMjMwMDg1OTQ0WjBF C3Fayua4DRHyZOLmlvQ6tIChY0ClXXuefbmVSDeUHwc8YufRAERp2GfQnL2JlPUL B7xxt8BVc69rLeHV15A0qyx77CLSj3tCx2IUXVqRs5mlSbq094NBxsauYcm0A6Jq vA== -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- qJ6A0mcYuasxBN490qbSlm5sRqVXUI2xCt3jSLC77xyq0A51VHeLr96cVB8txx7B LUPlJ2LnQfG2pREARfuY8cwHUeDSVmbfeuXXlC0YhCIt6QvlmLOZyHRD4auyaF3C FBjW0QTO1gDMwMjMxITMNchW0QTO1gDMxMjMxETMNchHwQGdMBSe0BFIzRXanRWa XBCdl5mclRnbJhBDKQQVDYwHwESMlRXY0NVLl12bTpADIQQVDYQEwMRMVFkATYAB VNgBJAzCxUEMAUQBBEQD3bISGqSCG0AMIiAZAIiH1CJAJIgABIwAgWkACCTXDIAv IM== -----END CERTIFICATE-----
-
Fill in your certificate key in the non-encrypted format.
You can use this
online SSL certificate key matcher
to check if your certificate and key match.
-----BEGIN PRIVATE KEY----- Wbo6CjdgoKVCKGKD+iZGmwKBgQCUOdvnYwFln0zH3nXiboV/zVhCSWt8ujcTqyQ2 tMefgCt7XYjCjg7OehHHAfdjASTg9H7vv8iktK/glIno2yRY1ACZw1xqrnGK5Bid wSwftoJRVnCSMHvXeax7HvLzM9oGkSM0xzwef+xNtbZyPgEffVWVkYLvycxmxcIu YmKrKNa51G/ia73CSECCuVq4zKKRelMF6HW6AnTXAXVYhiej5rLwFE3zrB1tA/fn kOFHmdqSpXvgJEWvhCuxE9QxXDuqSxW52h0WhPKyMpw9yCSw7dFR -----END PRIVATE KEY-----
-
Please note that every SSL certificate contains a
Common Name (CN) and alternatively also
Subject Alternative Names (SANs).
If you want to use your certificate for your CDN service then
your CDN Service Domain
must match your certificate Common Name or it
must be contained in your certificate Subject Alternative Names.
Please use our SSL certificate viewer
to check your certificate details.
If your CDN Service Domain would not match your certificate Common Name
and also it would not be contained in your certificate Subject Alternative Names
then browsers would throw an SSL error when accessing your
CDN service via https://. In the following examples let's assume
that your CDN Service Domain is static.mycompany.com.
- Click on the Add Certificate button.
- That's all.

Notes
- You can use this online SSL certificate checker to check if your certificate has been correctly installed.
- Currently SNI LE SSL can be enabled only for CDN Static Push services, it can not be enabled for CDN Static services.
- If you need to convert your SSL certificate from a non-PEM format to the (required) PEM format you can use this online SSL converter.
- Read more about SNI SSL on the Wikipedia or check SNI Let's Encrypt example page.
- There is a limit on number of requests to issue Let's Encrypt certificate - every account can request at most one Let's Encrypt certificate within 2 hours.
- Please note that you can manage your SNI SSL certificates via our CDN API.