Issue SSL Certificate
Last updated
Was this helpful?
Last updated
Was this helpful?
With the rising number of hackers, identity thieves, and phishing attacks, it's crucial to maintain the security and privacy of the information exchanged between your server and your customers' computers. To address this, SSL certificates are employed to establish encrypted connections, ensuring the secure transfer of sensitive data such as credit card transactions, login credentials, and so on.
Edgeport offers the issuing of custom SSL certificates in terms of all service plans with no additional charge. Upon enabling this feature, you automatically receive anycast dedicated IP addresses across all regions and a shielded connection to your project, protected by a commercial, highly secure, enterprise-grade SSL certificate.
The following steps will guide you through the process of activating SSL security for your web application:
While inside the service, go to the Settings > EdgeSSL section for your project and click on the Enable SSL button to initiate the issuing of a custom SSL certificate for your project.
You'll see an interactive step-by-step SSL deployment wizard in the opened frame. Select the Add Domain option below:
Here, input the domain name of your web application and click Add. Repeat this step for all custom ADN and CDN domains according to the CNAMEs you’ve set up for your project.
As a result, all your added domains should be listed as follows:
At the bottom of the frame, you can see the Auto Renew? option, which is enabled by default. This toggle determines whether your issued SSL certificate should be automatically refreshed when it expires ( each certificate remains valid for 1 year from the date of issuing).
If it’s enabled, a new validation token will be automatically generated 3 months prior to the expiration date. You'll just need to update it within the corresponding DNS TXT record (we'll cover this process in more detail later in this guide).
If this option is disabled, you will receive a notification when your previously validated SSL certificate is about to expire. In this case, you'll need to go through the steps outlined in this guide again to manually generate a new token.
Click Save to proceed.
The frame will be closed, and you’ll be redirected back to the Edge SSL section.
Once you initiate the DNS token generation, the appropriate status will be displayed next to the Edge SSL module.
Please be patient - this process can take up to 5 minutes.
If you’d like to track the progress of token generation, you can click on the Enable SSL option again. In the re-opened frame, you’ll notice that the process step has changed to Processing.
Also, the status in front of the corresponding domain(s) will change to Provisioning Initiated.
Once the procedure reaches the third Domain Validation (DCV) step, you’ll be able to view the newly generated token by clicking the Show Validation Token button and copy it manually:
Alternatively, you can simply click Copy to automatically save the token to your clipboard.
Now, you should navigate to your domain management service and include the appropriate DNS TXT record in its configurations.
For this tutorial, we’ll consider this procedure in the context of using Edgeport’s DNS Routing solution.
Switch to the Routing section of your service’s dashboard at the Edgeport platform and click the Add New Record in the top right corner.
In the opened frame, choose the TXT (Text) record Type and fulfill the rest of the fields as follows:
Name - point it to your project’s hostname by entering ampersand @
TTL - specify the number of seconds the record should remain cached on a server upon being requested (60 is recommended)
Value - input the validation token body you’ve copied previously
Click on Add.
Your newly added record should appear on the list.
The process of the certificate validation will be started automatically.
However, you can also initiate this process manually. For that, switch back to the EdgeSSL settings section and select the Enable SSL button.
In the opened frame, click Validate for the generated token.
In a while, you’ll get the appropriate pop-up notification informing you that the DCV validation has been completed successfully.
Now, you’ll need to wait a few more minutes for the fourth Other Validation step to be finished.
When the validation process has finished, the certificate should be activated and propagated to the edge. This process is also fully automated and can be tracked through the same frame:
Here, you can see that the SSL certificate has been issued, and the deployment has begun.
The corresponding status will also be shown within the main EdgeSSL section.
Once the propagation is finished, the status will be changed to "Certification Deployment done successfully!":
From this point forward, addressing your project with the https:// protocol will ensure that all the data transmitted between the server and your end-users is encrypted and secured from interception.
As a final step, we recommend enabling the Force HTTPS Connections toggle switch in the EdgeSSL section so that all the connections to your application will be forcibly held through the HTTPS protocol, thus being secured.
Click Save to apply the changes.