If you do not have your own SSL certificate, you can activate the free Let's Encrypt certificate in your account. Let's Encrypt certificates can only be issued for resources with a custom domain name.
On the Set up initial configuration step, navigate to the SSL section, and turn on the toggle for Enable HTTPS. Then, select Get free Let's Encrypt certificate.
The certificate issuance may take up to 30 minutes after the resource is created. During this time, please do not:
1. Go to CDN and select the CDN resource you want to configure.
2. In the navigation panel, under the General section, click SSL.
3. In the SSL section, turn on the toggle for Enable HTTPS, select Get free Let's Encrypt certificate, and click on Save changes.
http://<CNAME>/.well-known/acme-challenge/<TOKEN>
and making HTTP requests to this file. Before adding a Let's Encrypt certificate, make sure that your CDN resource does not have any rules that block these requests. Examples of such rules include:You can check your resource rules using the service regex. If you find a rule that blocks Let's Encrypt certificate issuance, delete the rule or change its pattern. The next time Let's Encrypt sends a request, the certificate issuance should be successful.
If an error occurs during certificate issuance, the Enable HTTPS toggle will be disabled and a notification will be sent to your email.
While the resource is active, the certificate is renewed automatically. An attempt to reissue the certificate will be made 30 days before the expiration of the current certificate. There is only one attempt to reissue the certificate. If the certificate is not reissued, a notification will be sent to your email.
In the event of an unsuccessful attempt to reissue a certificate, the current certificate will remain active for another 30 days. After the certificate's end date, the content will become unavailable via HTTPS.
To avoid interruption of content delivery, please reissue the certificate yourself. To do this, revoke the Let's Encrypt certificate in your account and then .
To revoke a certificate, go to the Resource Settings and click Revoke Let's Encrypt certificate in the SSL section.
Note: You can also use an API request to replace the Let's Encrypt certificate with your own certificate without having to revoke it.
Was this article helpful?
Learn more about our next-gen CDN