# EdgeSSL

The **Settings >** **EdgeSSL** service menu section furnishes you with the capability to enforce end-to-end encryption for all data transactions between your end-users and your application's web servers. This is achieved through the SSL protocol, which ensures the establishment of a robust and secure HTTPS connection. 

<figure><img src="/files/rfAlleZb4aBXAWLZT8wA" alt=""><figcaption></figcaption></figure>

Such proactive security measures not only ensure the privacy and integrity of data but also fortify the protection of sensitive user information, such as personal and financial data, assuring a safe and secure online environment.

Let's take an in-depth look at the panes within this section:

* [Force HTTPS Connections](#h.c47d379wjnzs)
* [Edge SSL](#h.q787ovd7qhy0)

### Force HTTPS Connections <a href="#h.c47d379wjnzs" id="h.c47d379wjnzs"></a>

Within this section, you'll find the ‘***Redirect all visitors to use HTTPS instead of HTTP***’ toggle switch, which enables you to ensure that all connections directed to your service are securely processed through the HTTPS protocol.

<figure><img src="/files/MVzKCyv23Quayr38fTNv" alt=""><figcaption></figcaption></figure>

As a default setting, this option is deactivated. However, it is generally recommended to activate it once you've [deployed the EdgeSSL certificate](/product-docs/start-guide/issue-ssl-certificate.md) for your custom service domain(s).

You can also turn this option on even without having your dedicated SSL certificate set up, e.g.,  for testing purposes. But please be aware that in this case, HTTPS connections to your service may not be considered trusted by user agents.

{% hint style="warning" %}
Remember to click **Save** in the bottom right corner to implement the changes after adjusting this toggle's position.&#x20;

Please be patient, as it might take **up to 30 minutes** for this update to propagate fully across all regions and PoPs.
{% endhint %}

### Edge SSL <a href="#h.q787ovd7qhy0" id="h.q787ovd7qhy0"></a>

In case you haven't yet configured SSL for your service, you can initiate this process by clicking the **Enable SSL** button:

<figure><img src="/files/rW0us65suwmuozjtU8Gj" alt=""><figcaption></figcaption></figure>

{% hint style="success" %}
For step-by-step instructions on how to complete this process, please refer to the [Issue SSL Certificate](/product-docs/start-guide/issue-ssl-certificate.md) guide.
{% endhint %}

Once the SSL certificate is issued and properly deployed, it will be displayed within this section, accompanied by details regarding its parameters and the [Edit](#h.53tr2jhsm4df) option for making modifications.

<figure><img src="/files/N3VX1GQsTZpCReHeOoAA" alt=""><figcaption></figcaption></figure>

Here, you can find information about:

* **Auto-renew** option state - indicates whether certificate auto-renewal is enabled or disabled.
* **Domain** - the domain name(s) for which the SSL certificate was issued.
* **Expire date** - the date until which the issued certificate remains valid.
* **Validation Level** - the [level of certificate validation](#user-content-fn-1)[^1].

#### Edit SSL Certificate <a href="#h.53tr2jhsm4df" id="h.53tr2jhsm4df"></a>

The ***Edit*** option beneath the details on your SSL certificate allows for making adjustments to the issued certificate.

<figure><img src="/files/agZSFiSkmpsnV6FH7Jh3" alt=""><figcaption></figcaption></figure>

Upon clicking on it, you’ll access the frame that allows you to review and modify some of the related configurations:

<figure><img src="/files/sS76wSRoLWMvxQGtQRzH" alt=""><figcaption></figcaption></figure>

Within this frame, you have the ability to:

1. Review and manually copy the **Validation Token** of your deployed certificate (adding this value to your DNS settings as a TXT record is an essential part of the validation process for new or updated SSL certificates):

<figure><img src="/files/X19BmBLqKsOTbcyW9Aze" alt=""><figcaption></figcaption></figure>

2. View the list of **Domains** for which the certificate was issued, where the domain marked with “1” in the *IS COMMON NAME?* column defines the main domain name in the hierarchy.

<figure><img src="/files/udEakyUcWIVx74pxPszT" alt=""><figcaption></figcaption></figure>

By clicking the **bin**![](/files/gnMVAipZC6amaRhLMZUi)**icon** next to any of the other domains, you can remove them from the list.

3. **Add** **Domain** if you have modified the list of [CNAMEs](/product-docs/service-menu/settings/cnames.md) and need the newly added domain names to be also covered by the current SSL certificate:

<figure><img src="/files/mLE7jOnS3URMLDdW0hdD" alt=""><figcaption></figcaption></figure>

For detailed instructions on this task, please refer to the [Update SSL Certificate](/product-docs/start-guide/issue-ssl-certificate/update-ssl-certificate.md) document.

4. Change the state of the **Auto-Renew** option (located at the bottom of the frame):

<figure><img src="/files/2ULDFk5M3ODpP7fKICJj" alt=""><figcaption></figcaption></figure>

This toggle switch defines the following:

* If it is ***enabled***, a new validation token will be automatically generated 3 months prior to the expiration date. You will only need to update it within the corresponding DNS TXT record (except for Organization Validation (OV) certificates, where the system manages the renewal process automatically).
* If it is ***disabled***, you will receive a notification when your previously validated SSL certificate is about to expire. In this case, you'll need to go through the steps outlined in the [Issue SSL Certificate](/product-docs/start-guide/issue-ssl-certificate.md) guide again to manually generate a new token.

5. **Delete** the deployed SSL certificate:

<figure><img src="/files/I9mdFe2sUqFdgK0b0s7d" alt=""><figcaption></figcaption></figure>

{% hint style="warning" %}
When making any changes within this frame (except the certificate deletion), you need to click **Save** below in order to apply them.
{% endhint %}

[^1]: Currently, only Domain Validation (DV) is supported to be automatically performed through the platform dashboard. For getting Organization Validation (OV) or Extended Validation (EV) SSLs, please contact our support team at <support@edgeport.com>.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.edgeport.com/product-docs/service-menu/settings/edgessl.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.