SSL Certificate Service, also known as Server Certificate Service, offers a one-stop solution for Secure Sockets Layer (SSL) certificates. Services provided include certificate application, management and deployment. We work with leading digital certificate authorities (CAs) and agencies to provide this HTTPS solution for your websites and mobile apps.
SSL Certificate Service
A security service that offers server identity authentication and data transmission encryption for a one-stop HTTPS solution
Overview
Benefits
Get Certificates Easily
Tencent Cloud supports automatic online CSR generation and can automatically verify the ownership of domain names hosted by Tencent Cloud DNS or DNSPod, completely automating application review and the issuance of certificates.
Centralized Management
Certificates issued by any CAs can be uploaded and managed on the console. You can easily monitor the validity period of each certificate in a centralized site.
Managed Private Key
Tencent Cloud supports online CSR generation with private key/passphrase. The passphrase is stored within the certificate for guaranteed data security.
Easy Deployment
SSL supports the rapid deployment of digital certificates in Tencent Cloud resources. Currently, certificates can be quickly deployed to CLB and CDN for data security.
Features
Top CAs
Provisioned SSL certificates are issued by top CAs, comprehensively ensuring certificate security.
Encrypted Data Transfer
Data transfer between browsers/apps and servers are encrypted for added security.
100% Compatibility
Symantec root certificate supports all browsers and mobile devices.
Improved Search Ranking
HTTPS helps improve the search ranking and credibility of your website.
Scenarios
Deploying Certificates to CLB
Deploying Certificates to CDN
Automatic Authentication by Tencent Cloud DNS
CLB supports SSL encryption and decryption through HTTPS. Its backend has multiple CVM instance clusters, where one single instance in one single cluster can achieve a full handshake performance of 65,000 QPS and a persistent connection performance of about 300,000 QPS.
Under normal circumstances, the HTTPS protocol adds at least one full handshake process due to the use of the SSL protocol, leading to an added delay of 2*RTT. In addition, SSL symmetric/asymmetric encryption consumes a lot of CPU resources, while the RSA's decryption capability is a major hurdle that prevents HTTPS implementation.
In contrast, the CLB-enabled HTTPS service eliminates the need to deploy services separately for SSL encryption and decryption with no additional fees, strengthening your business sustainability while increasing defense capabilities at no cost.
Tencent Cloud CDN fully supports encrypted data transfer via HTTPS. If your domain has accessed CDN, you can apply for a certificate directly in the SSL console and deploy it to CDN quickly.
CDN will distribute the issued certificate to its nodes, and after the configuration takes effect, all requests from end users to the nodes will be encrypted through HTTPS. You can also deploy the certificate to your origin servers and select HTTPS origin-pull during configuration to achieve complete end-to-end security.
When applying for a Domain Validation certificate, DNS resolution is required for ownership verification. The CA will specify a TXT resolution record to verify the ownership of the domain name. If the domain name is hosted with Tencent Cloud DNS, the specified TXT record will be automatically added for the CA to scan and review, simplifying the certificate application process.
Pricing
SSL is billed by the number of purchased certificates and time frame. Pricing details are available in SSL's pricing documentation. View more.