tencent cloud

Feedback

HTTPS Configuration

Last updated: 2024-11-22 11:07:28

    Overview

    The HTTPS protocol is a network protocol built based on the SSL and HTTP protocols for encrypted transfer and authentication, which is more secure than the HTTP protocol. If you want to enable HTTPS acceleration, you can do so by enabling the HTTPS feature for the playback domain name and configuring a correct and valid certificate. You can purchase a certificate from Tencent Cloud SSL Certificate Service. If you already have one, you can upload it to the CSS console for configuration. Currently, CSS only supports the PEM format. If your certificate is in another format, you need to convert it to PEM format first. The format requirements and configuration method for the certificate are as follows:

    Prerequisites

    You have logged in to the CSS console.

    Directions

    Step 1. Edit the HTTPS configuration

    1. Enter Domain Management and click the playback domain name to be configured or Manage on the right to enter the domain name details page.
    
    
    
    2. Select Advanced Configuration > HTTPS Configuration, then click
    
    to enable the HTTPS service.
    
    
    
    3. After enabling the HTTPS service, enter the HTTPS Configuration page.
    
    
    
    4. Select the source of the certificate to be configured, enter relevant information, and click Save.
    Certificate Source
    Required Configuration Items
    Self-owned certificate
    Certificate Name: enter a custom name used to identify the certificate.
    Certificate Content: enter the content of the .crt file for Nginx. For more information, please see Certificate content.
    Private Key Content: enter the content of the .key file for Nginx. For more information, please see Certificate key.
    Tencent Cloud-hosted certificate
    Certificate List: select an uploaded certificate in SSL Certificate Service.
    Note:
    The HTTPS feature will take effect approximately 2 hours after configuration is completed, please be patient.

    Certificate Description

    A certificate provided by the CA includes Apache, IIS, Nginx, and Tomcat files. The encryption service of CSS uses Nginx, so you should select the content of the Nginx files for the configuration.
    Go to SSL Certificate Service console > Certificate Management, select the target certificate, click Download in the "Operation" column, and decompress the downloaded package to get the following files:
    
    
    
    
    Certificate
    content:
    enter the entire content between -----BEGIN CERTIFICATE----- and -----END CERTIFICATE----- in the .crt file for Nginx.
    Sample content:
    
    
    
    Note:
    If your certificate is issued by an intermediate CA and contains multiple certificates, the certificate content should be spliced as follows: -----BEGIN CERTIFICATE----- -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- -----END CERTIFICATE-----
    
    Certificate
    private key:
    enter the entire content between -----BEGIN RSA PRIVATE KEY----- and -----END RSA PRIVATE KEY----- in the .key file for Nginx.
    Sample content:
    
    
    

    Step 2. Verify the configuration

    The HTTPS configuration will take effect in about 2 hours. Please visit the domain name about 2 hours after the certificate is submitted. If HTTPS is displayed in the address bar of the browser, the configuration is successful.
    
    
    

    Step 3. Modify the configuration

    The configuration can be modified if the HTTPS function is turned on. If this feature is turned off, editing will not be possible. Once it is disabled, CSS will no longer provide HTTPS service for the domain name. If the certificate has expired, it should be replaced with a new valid one.
    
    
    

    FAQs

    
    Contact Us

    Contact our sales team or business advisors to help your business.

    Technical Support

    Open a ticket if you're looking for further assistance. Our Ticket is 7x24 avaliable.

    7x24 Phone Support