Show search and navigation.

 

Troubleshooting HTTPS Setup

Purpose

The purpose of this procedure is to check for common issues when setting up our CDN service for HTTPS data delivery.

TLS Certificate

A TLS certificate is required for HTTPS data delivery.

Checklist:

Verify that either of the following items was provided to your CDN account manager:

  • Authorization to purchase a TLS certificate.
  • An existing TLS certificate.

Verify the accuracy of the supporting information provided with the above request:

Fully Qualified Domain Name or wildcard domain

Verify with your account manager that the TLS certificate has been deployed on the CDN.

Edge CNAME

An edge CNAME configuration is required for HTTPS data delivery .

Checklist:

Verify that the edge CNAME configuration meets the following requirements:

  • Platform: An edge CNAME configuration must be created on the platform specified during TLS certificate submission.
  • Hostname: It must point to the hostname defined in the TLS certificate.
  • Origin Server: It should point to the desired origin server.

Verify that an hour has elapsed since setting up or modifying the above edge CNAME configuration.

Customer Origin Configuration

The customer origin selected in the edge CNAME configuration must be properly configured to support HTTPS delivery.

Checklist:

Verify that the HTTPS Edge Protocol option has been enabled and configured on the desired customer origin configuration.

DNS

A CNAME record for the hostname defined in the TLS certificate is required for HTTPS data delivery. This step must be performed from your DNS service provider.

Checklist:

Verify that a CNAME record points the desired hostnameIdentifies the hostname to which requests will be directed. This hostname is defined in the TLS certificate and in the New Edge Cname option. Example: cname.mydomain.com to the certificate's target CNAMEThis hostname is used internally by the CDN service to route requests to a specific TLS certificate..

  • Multiple TLS Certificates: There is no guarantee that all of your TLS certificates will be placed on the same hostname. Therefore, it is important to keep track of the hostnames associated with each TLS certificate.

Dig

Use Dig to verify the DNS configuration for the hostname defined in the edge CNAME configuration.

Checklist:

Dig the hostnameIdentifies the hostname to which requests will be directed. This hostname is defined in the TLS certificate and in the New Edge Cname option. Example: cname.mydomain.com associated with the edge CNAME configuration.

Verify that the edge CNAME's hostname points to the hostname defined in the welcome letter for TLS.