- Release Notes and Announcements
- Product Introduction
- Purchase Guide
- Description of 14-day Trial Plan Experience Benefits
- Billing Overview
- Basic Service Fees
- Value-added Service Fees
- Related Tencent Cloud Services
- Extra Package Description (Prepaid)
- Subscriptions
- Renewals
- Overdue and Expiration Policies
- Refund Policy
- Usage Cap Policy
- EdgeOne Plan Upgrade Guide
- Comparison of EdgeOne Plans
- Billing Usage
- About "clean traffic" billing instructions
- Getting Started
- Domain Service
- Site Acceleration
- Origin Configuration
- Edge Functions
- Overview
- Getting Started
- Operation Guide
- Runtime APIs
- Sample Functions
- Example Overview
- 301 Redirect
- Obtaining Client URL Information
- Customization Based on Client Geo Location
- Obtaining Client Geo Location Information
- Batch Redirect
- Returning an HTML Page
- Returning a JSON Object
- Fetch Remote Resources
- Authenticating a Request Header
- Modifying a Response Header
- Performing an A/B Test
- Setting Cookies
- Performing Redirect Based on the Request Location
- Using the Cache API
- Caching POST Requests
- Responding in Streaming Mode
- Merging Resources and Responding in Streaming Mode
- Protecting Data from Tampering
- Rewriting a m3u8 File and Configuring Authentication
- Adaptive Image Resize
- Image Adaptive WebP
- Customize Referer restriction rules
- Remote Authentication
- HMAC Digital Signature
- Naming a Downloaded File
- Obtaining Client IP Address
- Practical Tutorial
- Security Protection
- Overview
- DDoS Protection
- DDoS Protection Overview
- Exclusive DDoS Protection Usage
- Configuration of Exclusive DDoS protection Rules
- Web Protection
- Rules Template
- IP Groups
- Origin Protection
- Custom Response Page
- Alarm Notification
- Rule Engine
- L4 Proxy
- Data Analysis&Log Service
- Tool Guide
- Practical Tutorial
- EdgeOne Anti-fraud Practice Tutorial
- EdgeOne Implementation of Session Persistence Based on Client IP Addresses
- EdgeOne Implementation of Origin-Pull Based on Client's Geo Location
- EdgeOne Hotlink Protection Practical Tutorial
- EdgeOne initiates Automatic Warm-up
- Cross-regional Secure Acceleration (Oversea Sites)
- Scheduling Traffic to EdgeOne by Performing Canary Switching
- Quickly Enabling HTTPS Access with EdgeOne Free Certificate
- Through traffic orchestration to multiple service providers
- API Documentation
- History
- Introduction
- API Category
- Making API Requests
- Site APIs
- Acceleration Domain Management APIs
- Site Acceleration Configuration APIs
- Alias Domain APIs
- Security Configuration APIs
- Layer 4 Application Proxy APIs
- CreateL4Proxy
- ModifyL4Proxy
- ModifyL4ProxyStatus
- DescribeL4Proxy
- DeleteL4Proxy
- CreateL4ProxyRules
- ModifyL4ProxyRules
- ModifyL4ProxyRulesStatus
- DescribeL4ProxyRules
- DeleteL4ProxyRules
- CreateApplicationProxy
- ModifyApplicationProxy
- ModifyApplicationProxyStatus
- DescribeApplicationProxies
- DeleteApplicationProxy
- CreateApplicationProxyRule
- ModifyApplicationProxyRule
- ModifyApplicationProxyRuleStatus
- DeleteApplicationProxyRule
- Content Management APIs
- Data Analysis APIs
- Log Service APIs
- Billing APIs
- Certificate APIs
- Load Balancing APIs
- Custom Response Page APIs
- Diagnostic Tool APIs
- Version Management APIs
- Data Types
- Error Codes
- FAQs
- Agreements
- TEO Policy
- Contact Us
- Glossary
- Release Notes and Announcements
- Product Introduction
- Purchase Guide
- Description of 14-day Trial Plan Experience Benefits
- Billing Overview
- Basic Service Fees
- Value-added Service Fees
- Related Tencent Cloud Services
- Extra Package Description (Prepaid)
- Subscriptions
- Renewals
- Overdue and Expiration Policies
- Refund Policy
- Usage Cap Policy
- EdgeOne Plan Upgrade Guide
- Comparison of EdgeOne Plans
- Billing Usage
- About "clean traffic" billing instructions
- Getting Started
- Domain Service
- Site Acceleration
- Origin Configuration
- Edge Functions
- Overview
- Getting Started
- Operation Guide
- Runtime APIs
- Sample Functions
- Example Overview
- 301 Redirect
- Obtaining Client URL Information
- Customization Based on Client Geo Location
- Obtaining Client Geo Location Information
- Batch Redirect
- Returning an HTML Page
- Returning a JSON Object
- Fetch Remote Resources
- Authenticating a Request Header
- Modifying a Response Header
- Performing an A/B Test
- Setting Cookies
- Performing Redirect Based on the Request Location
- Using the Cache API
- Caching POST Requests
- Responding in Streaming Mode
- Merging Resources and Responding in Streaming Mode
- Protecting Data from Tampering
- Rewriting a m3u8 File and Configuring Authentication
- Adaptive Image Resize
- Image Adaptive WebP
- Customize Referer restriction rules
- Remote Authentication
- HMAC Digital Signature
- Naming a Downloaded File
- Obtaining Client IP Address
- Practical Tutorial
- Security Protection
- Overview
- DDoS Protection
- DDoS Protection Overview
- Exclusive DDoS Protection Usage
- Configuration of Exclusive DDoS protection Rules
- Web Protection
- Rules Template
- IP Groups
- Origin Protection
- Custom Response Page
- Alarm Notification
- Rule Engine
- L4 Proxy
- Data Analysis&Log Service
- Tool Guide
- Practical Tutorial
- EdgeOne Anti-fraud Practice Tutorial
- EdgeOne Implementation of Session Persistence Based on Client IP Addresses
- EdgeOne Implementation of Origin-Pull Based on Client's Geo Location
- EdgeOne Hotlink Protection Practical Tutorial
- EdgeOne initiates Automatic Warm-up
- Cross-regional Secure Acceleration (Oversea Sites)
- Scheduling Traffic to EdgeOne by Performing Canary Switching
- Quickly Enabling HTTPS Access with EdgeOne Free Certificate
- Through traffic orchestration to multiple service providers
- API Documentation
- History
- Introduction
- API Category
- Making API Requests
- Site APIs
- Acceleration Domain Management APIs
- Site Acceleration Configuration APIs
- Alias Domain APIs
- Security Configuration APIs
- Layer 4 Application Proxy APIs
- CreateL4Proxy
- ModifyL4Proxy
- ModifyL4ProxyStatus
- DescribeL4Proxy
- DeleteL4Proxy
- CreateL4ProxyRules
- ModifyL4ProxyRules
- ModifyL4ProxyRulesStatus
- DescribeL4ProxyRules
- DeleteL4ProxyRules
- CreateApplicationProxy
- ModifyApplicationProxy
- ModifyApplicationProxyStatus
- DescribeApplicationProxies
- DeleteApplicationProxy
- CreateApplicationProxyRule
- ModifyApplicationProxyRule
- ModifyApplicationProxyRuleStatus
- DeleteApplicationProxyRule
- Content Management APIs
- Data Analysis APIs
- Log Service APIs
- Billing APIs
- Certificate APIs
- Load Balancing APIs
- Custom Response Page APIs
- Diagnostic Tool APIs
- Version Management APIs
- Data Types
- Error Codes
- FAQs
- Agreements
- TEO Policy
- Contact Us
- Glossary
Quickly Enabling HTTPS Access with EdgeOne Free Certificate
Last updated: 2024-08-26 17:01:19
This document introduces how to use the free certificate service provided by EdgeOne, to help your website quickly achieve HTTPS access and reduce the workload of subsequent certificate updates and maintenance.
Background
HTTPS access has become a mainstream demand on the Internet. It can ensure secure data transmission for you to access websites, preventing such problems as information leakage and message hijacking. Additionally, in search engines, websites not enabling HTTPS are identified by the browser as unsecure websites and their search weights are also affected. Therefore, it is essential for websites to enable HTTPS access.
To achieve HTTPS access, you should find an appropriate free certificate authority (CA) to apply for a free certificate or purchase a more credible paid certificate. The following challenges exist:
1. Complex application process: Certificate application needs to be completed separately for each domain name and requires DNS validation or HTTP validation based on the CA's requirements. If there are a large number of domain names, DNS entries must be added for each domain name one by one to complete validation. The workload is relatively high.
2. High deployment and maintenance costs: After the certificate application is completed, you should deploy the certificate yourself on the server. If there are many certificates, you should deploy and maintain a correct certificate for each domain name to avoid HTTPS access errors. The update and maintenance workload is high.
3. Prone to expiration: Certificates must be renewed before expiration, otherwise HTTPS access alarms will occur. Especially for free certificates, the current validity period is 3 months generally, so frequent renewals are required.
4. High costs of paid certificates: Although the number of paid certificates can be reduced by applying for a wildcard domain name certificate and auto-renewal is supported, paid certificates are unsuitable for small websites or businesses with many domain names due to high costs.
Solution Strengths
The free certificate service provided by EdgeOne simplifies the implementation of HTTPS access, eliminating the cumbersome process of manual application, deployment, and maintenance of certificates. You can enable HTTPS for your websites with simple operations and enjoy auto-renewal and additional access acceleration and security protection services. Compared to purchasing paid SSL certificates or applying for free certificates from other authorities, it has the following advantages:
1. Simple application: You only need to click Apply for Free Certificate in the console, and EdgeOne will automatically complete the subsequent certificate application and validation process.
2. Easy deployment: Once the certificate application is completed, the certificate will be automatically issued and deployed, without the need to manually download and deploy the certificate.
3. Auto-renewal: The free certificate can be automatically renewed, without the need for manual maintenance, so as to avoid failure of HTTPS access to websites due to certificate expiration.
4. Additional services: After accessing EdgeOne, your site not only enables HTTPS access, but also obtains access acceleration and security protection capabilities, further enhancing the website access experience.
Certificate Type | EdgeOne Free Certificate | Paid SSL Certificate | Free Certificate Applied For by Yourself |
Fees | Free | Requires additional payment. | Free |
Application method | Automatic application and validation | Requires DNS validation or HTTP validation during the application. | Requires DNS validation or HTTP validation during the application. |
Deployment mode | Automatic deployment | Supports quick deployment within the same cloud resource and requires manual deployment for other resources. | Requires manual deployment. |
Update method | Automatic update | SSL certificates purchased from Tencent Cloud can be automatically renewed/updated after hosting. Certificates from other sources require manual updates. | Method 1: Apply for a free certificate to manually update it before expiration. Method 2: Maintain a code script to achieve automatic application/update of free certificates. |
Issuance speed | Issued immediately after validation. | 1 business day or above, depending on the certificate type. | Issued immediately after validation. |
Certificate credibility | General | High | General |
Note:
The current free certificate provided by EdgeOne is issued by Let‘s Encrypt. It is valid for 3 months and will be automatically renewed before expiration.
During application for a free certificate within EdgeOne, if your site uses CNAME access, you should complete the CNAME configuration for your domain name and wait for the CNAME status to take effect. If your site uses NS access, you should complete modifying DNS servers and wait for the resolution to take effect. Then you can apply for a free certificate.
Sample Scenario
For example, the current website plans to use the services of 5 domain names including
example.com, www.example.com, api.example.com, image.example.com, and video.example.com, all of which require enabling HTTPS access. Below is a comparison of the differences in the HTTPS access implementation paths between accessing and not accessing EdgeOne.Not Accessing EdgeOne
When EdgeOne is not accessed, for implementing HTTPS access to websites, you should register a domain name, deploy the origin server services, and then choose a suitable CA to apply for the specified certificate. If there are multiple domain names, you should apply for a separate certificate for each domain name, or directly purchase a wildcard domain name certificate, and then deploy the certificate and enable the HTTPS service on each origin server separately, so as to achieve HTTPS access.
Before the certificate expires, you should renew it by applying for a new certificate from the CA in advance, and then update and redeploy it on the server. If there are a large number of domain names, HTTPS access errors may occur due to untimely certificate updates. Therefore, more maintenance work is required for HTTPS certificates.
Accessing EdgeOne for Free Certificates
After domain name access to EdgeOne, you can apply for a free certificate through EdgeOne, to automatically complete certificate application, issuance, and deployment and quickly achieve HTTPS access. Your origin server does not need to deploy an HTTPS certificate, and HTTP access can still be used for origin-pull.
Before the certificate expires, EdgeOne will automatically renew the certificate and deploy it to EdgeOne, saving you a lot of maintenance work.
Directions
1. Refer to Quick Start to complete site access and domain name access.
2. After domain name access, if your site uses CNAME access, you should complete CNAME configuration for your domain name and wait for the CNAME status to take effect; if your site uses NS access, you should complete modifying DNS servers and wait for the resolution to take effect. Then proceed to the next step.
3. In Domain Name Management, select
example.com and click Edit in the HTTPS Configuration column. In the pop-up window for HTTPS certificate configuration, select Free certificate and then click OK.
4. After the application is completed, issue and deploy the free certificate.
5. After deployment is completed, visit the current site again to achieve HTTPS access.
6. Repeat steps 2-4 for the domain names
www.example.com, api.example.com, image.example.com, and video.example.com to apply for a free certificate in a similar manner.
Yes
No
Was this page helpful?