Show search and navigation.
Set up support for HTTPS content delivery through the following procedure:
Configure the CDN to communicate with your web servers over HTTPS.
Alternatively, content may be served from an Azure block blob container.
PCI Only: Setting up a customer origin group for a site whose traffic must be served over a Payment Card Industry-certified (PCI) network requires assistance. Contact our technical customer support prior to setup.
Accelerate HTTP traffic by serving it through one or more of the following platforms:
Based on the following questions, choose the first platform that fits your traffic profile.
Do you plan on serving content that varies by user?
This type of content is typically generated using a scripting language (e.g., PHP).
If so, use ADNThe Application Delivery Network platform has been optimized to deliver dynamic content (e.g., login credentials, account information, etc.) over HTTP or HTTPS. Typically, user-specific and database-driven content are served over this platform..
Support for HTTPS content delivery requires that a TLS certificate be installed on our network.
Request a TLS certificate from your CDN account manager.
Be prepared to provide the following information:
Platform (i.e., ADN
TLS certificate type
Identify a Fully Qualified Domain Name (FQDN) or a wildcard hostname that will be assigned to the certificate.
Wait until your CDN account manager informs you that a TLS certificate has been installed on our network before proceeding beyond this point.
Before the CDN may serve HTTPS traffic from your web servers, it must be informed where they are located via a
Your account is configured to support either customer origin groups or the legacy method for creating customer origin configurations.
From the main menu, navigate to
If your account supports customer origin groups, it should look similar to the following illustration:
If it still uses the legacy method for customer origin configuration and therefore doesn't support customer origin groups, it will look like the following illustration:
Customer origin groups allow you to leverage our built-in support for connecting to new or preexisting Azure block blob containers. Contact your CDN account manager to upgrade your account to support customer origin groups.
Load the Customer Origin Page
A customer origin configuration allows the CDN to serve traffic
Upon navigating to the Origins page, it will immediately show a blank page.
Customer Origin Group Type
A customer origin group can
Click Customer Origin.
Customer Origin Group Name
Create a customer origin group by assigning it a unique name. This name will be incorporated into the CDN URLA system-defined URL that points to a CDN hostname. A CDN URL allows content delivery via our network. Simplify your CDN setup by also creating an edge CNAME configuration which potentially allows you to deliver traffic via the CDN using the same links as your current setup. generated for this customer origin group.
The following CDN URLs are based on a sample account number (i.e., 0001) and a directory name of "marketing."
Click within the Group option, type an alphanumeric word or phrase (e.g., marketing), and then press ENTER.
Origin Entry Name
A customer origin group consists of one or more origin entries. Each origin entry identifies one or more web server(s). Assign a name to the origin entry being created.
In the Name option, type originentry1.
The CDN service must be informed where to find each web server associated with this customer origin group. This step involves providing one or more IP addresses or hostnames that point to your web servers.
Set the Protocol Type option to HTTPS Only.
Set the Hostname or IP Address option to the hostname or IP address of the server where your data resides.
Set the Port option to the port over which our network will serve traffic to the above hostname or IP address.
HTTP Large & HTTP Small: Please proceed to the Saving Changes step.
An ADN Gateway server optimizes the communication path between the edge of our network and your web servers (i.e., customer origin servers). Setting up ADN Gateway servers requires testing connectivity between each ADN Gateway server and the servers associated with the customer origin configuration (as defined in the Web Server Information step).
Upload this sample asset to each web server associated with this customer origin configuration.
Multiple Servers: Make sure to upload the above sample asset to the same location on each web server.
Click ADN Gateway from the Group Settings section.
In the Validation Path option, type a URL that points to the asset uploaded in the previous step. Make sure that the hostname specified in this URL matches the value defined in the HTTP Host Header option.
Click Validate. If the result returns 200 OK for all hostnames/IP addresses, then proceed to the next step.
Create the customer origin group by saving your changes.
The next step is to ensure that a firewall doesn't block the flow of traffic between your web servers and the CDN.
Configure your firewall to allow all of our IP blocks access to your server(s).
View our IP blocks by navigating to the Whitelist IP Blocks page.
HTTPS traffic may only be served via an edge CNAME URLThis type of URL takes advantage of an edge CNAME configuration and a CNAME record to provide a friendlier alternative to a CDN URL. An edge CNAME URL is specific to the platform from which it was configured.. Do not attempt to serve HTTPS traffic using the CDN URL generated for the customer origin created in this tutorial.
Create an edge CNAMERefers to the mapping of a CNAME record to a directory on a CDN or customer origin server. The purpose of this mapping, which is only used by our CDN, is to establish a user-friendly alias for content served through the CDN. It relies upon your CNAME record being mapped to a CDN hostname via a DNS service provider. configuration that will direct traffic to the customer origin created in this tutorial. This setup allows traffic to be shifted to the CDN by simply updating a CNAME recordA Canonical Name (CNAME) record is used to indicate that a hostname is an alias of another hostname. A CNAME record must be registered on a Domain Name System (DNS). This term should not be confused with edge CNAME. to point to a CDN hostnameRefers to a system-defined hostname that is specific to your customer account and a CDN service..
Navigate to Edge CNAME Settings
An edge CNAME configuration must be created on the same platform as the customer origin that was created earlier in this tutorial.
Name an Edge CNAME
An edge CNAME configuration should be named after the hostname defined in the requested TLS certificate.
This name should be specified in lower-case letters and should not include a protocol (i.e., https://).
In the New Edge Cname option, type the hostname defined in the requested TLS certificate.
Identify a Customer Origin
This step defines the customer origin from which requests to this edge CNAME will be served.
In the Points to option, verify that "Customer Origin" is selected.
In the Origin Directory option, select the recently created customer origin configuration.
Create an edge CNAME by saving your changes.
An edge CNAME that points to a customer origin configuration should appear at the top of the Edge CNAMEs page.
Wait an hour to allow your changes to be applied before proceeding beyond this point.
Switching traffic over to our CDN service requires updating a CNAME record to point to an edge CNAME .
Load your DNS service provider's portal.
Find the CNAME record corresponding to the edge CNAME created above (e.g., cdn1.mydomain.com).
Update the CNAME's value to resolve to your TLS certificate's target CNAME.
Your DNS service provider should provide settings similar to those shown below.
Once this DNS change takes effect, traffic will shift to our CDN service.