Tencent Cloud CDN supports the HTTPS acceleration service. You can upload certificates to deploy them or directly deploy certificates hosted in Tencent Cloud SSL Certificate Service to the CDN platform. In this way, you can enable the HTTPS acceleration service to implement encrypted data transfer over the entire network.
Configuration Guide
Viewing the configuration
Log in to the CDN console, select Domain Management on the left sidebar, click Manage on the right of a domain name to enter its configuration page, and open the HTTPS Configuration tab.
You can select Certificate Management on the left sidebar to view all domain names configured with HTTPS acceleration under your account.
Configuring a certificate
1. Select a domain name
On the Certificate Management page, click Configure Certificate and select the acceleration domain name to be configured with a certificate:
The status of the acceleration domain name needs to be "Deploying" or "Enabled". Disabled domain names cannot be configured with HTTPS acceleration.
Domain names suffixed with .file.myqcloud.com are the default acceleration domain names of Tencent Cloud COS and can use HTTPS acceleration without configuring any certificates.
Domain names suffixed with .image.myqcloud.com are the default acceleration domain names of Tencent Cloud CI and can use HTTPS acceleration without configuring any certificates.
2. Select a certificate
If there is an existing certificate in PEM format, you can directly paste its content and private key to the corresponding fields:
You can select a certificate hosted by Tencent Cloud for quick deployment.
2. Select a domain name
Based on the uploaded or selected certificate, CDN will automatically match the domain names that allow the configuration. You can select the domain names for configuration as needed:
Changing a certificate
Modifying a certificate
Click Edit on the right of a certificate to update it for the specified domain name. You can also configure certificates in batches again to override the original certificate configurations.
Certificate updates will seamlessly take effect on nodes one by one across the entire network without affecting the HTTPS service in the production environment. You can also click Delete to cancel the HTTPS acceleration service.
Certificate expiration
Tencent Cloud will send you expiration reminders through SMS, email, and the Message Center 30, 15, and 7 days before the expiration of your certificate and on the day of its expiration. Currently, reminder recipients for SSL certificates can be customized. You can access the Message Subscription page for configuration.
Region-specific configuration
If your domain name is configured for global acceleration, the configured HTTPS certificate will take effect globally. Currently, the certificates configured for the regions in and outside the Chinese mainland must be the same.
If a domain name has different certificates in/outside the Chinese mainland, you will see Chinese mainland and outside Chinese mainland tags on the Certificate Management page, which indicate that the domain names with tags have different legacy configurations.
Under the Advanced Configuration tab of the domain name, you can also see two configurations:
