tencent cloud


HTTPS Configuration

Last updated: 2022-03-20 15:02:37


    The HTTPS protocol is a network protocol built based on the SSL and HTTP protocols for encrypted transfer and authentication, which is more secure than the HTTP protocol. If you want to enable HTTPS acceleration, you can do so by enabling the HTTPS feature for the playback domain name and configuring a correct and valid certificate. You can purchase a certificate from Tencent Cloud SSL Certificate Service. If you already have one, you can upload it to the CSS console for configuration. Currently, CSS only supports the PEM format. If your certificate is in another format, you need to convert it to PEM format first. The format requirements and configuration method for the certificate are as follows:



    Step 1. Edit the HTTPS configuration

    1. Enter Domain Management and click the playback domain name to be configured or Manage on the right to enter the domain name details page.
    2. Select Advanced Configuration and find the HTTPS Configuration section.
    3. Click Edit and click to enable the HTTPS service.
    4. Select the source of the certificate to be configured, enter relevant information, and click Save.
      Certificate SourceRequired Configuration Items
      Self-owned certificate
      • Certificate Name: enter a custom name used to identify the certificate..
      • Certificate Content: enter the content of the .crt file for Nginx. For more information, please see Certificate content.
      • Private Key Content: enter the content of the .key file for Nginx. For more information, please see Certificate key.
        Tencent Cloud-hosted certificate Certificate List: select an uploaded certificate in SSL Certificate Service.

      Certificate description

      A certificate provided by the CA includes Apache, IIS, Nginx, and Tomcat files. The encryption service of CSS uses Nginx, so you should select the content of the Nginx files for the configuration.
      Go to SSL Certificate Service console > Certificate Management, select the target certificate, click Download in the "Operation" column, and decompress the downloaded package to get the following files:

      • Certificate content: enter the entire content between -----BEGIN CERTIFICATE----- and -----END CERTIFICATE----- in the .crt file for Nginx.

      Sample content:


      If your certificate is issued by an intermediate CA and contains multiple certificates, the certificate content should be spliced as follows:
      -----BEGIN CERTIFICATE-----
      -----END CERTIFICATE-----
      -----BEGIN CERTIFICATE-----
      -----END CERTIFICATE-----

      • Certificate private key: enter the entire content between -----BEGIN RSA PRIVATE KEY----- and -----END RSA PRIVATE KEY----- in the .key file for Nginx.

      Sample content:

      Step 2. Verify the configuration

      The HTTPS configuration will take effect in about 2 hours. Please visit the domain name about 2 hours after the certificate is submitted. If HTTPS is displayed in the address bar of the browser, the configuration is successful.

      Step 3. Modify the configuration

      The HTTPS feature can be enabled and disabled. Once it is disabled, CSS will no longer provide HTTPS service for the domain name. If the certificate has expired, it should be replaced with a new valid one.

      Contact Us

      Contact our sales team or business advisors to help your business.

      Technical Support

      Open a ticket if you're looking for further assistance. Our Ticket is 7x24 avaliable.

      7x24 Phone Support