Last update:2024-07-02 14:40:43
CDNetworks offers a one-click free SSL/TLS certificate application feature, allowing you to quickly and conveniently upgrade your website to HTTPS. This automated feature eliminates the complexities of manual certificate application and deployment. You can obtain a free HTTPS certificate from Let’s Encrypt or ZeroSSL with just one click in the CDNetworks Console. The certificate is automatically deployed to the CDN platform, enhancing your website’s security and credibility.
Before proceeding, grant CDNetworks permission to apply for and deploy the free certificate on your behalf. The default option is a rapid-issue RSA DV SSL/TLS certificate.
Choose a Certificate Service Provider: CDNetworks defaults to offering certificates from Let’s Encrypt. If the Let’s Encrypt certificate application fails, is unsuccessful, we’ll automatically attempt to request a certificate via ZeroSSL.
Enter the Acceleration Domain: Input the accelerated domain for which you want to request a certificate. Ensure that this domain has been correctly created and is active in your account.
Choose the Domain Validation Method and Submit: CDNetworks offers automatic file validation and manual DNS validation options. Confirm the information, then click the One-Click Certificate Application button to submit your request.
Comparison of the two validation methods
Feature | Automatic File Validation | Manual DNS Validation |
---|---|---|
Validation Principle | Places a specific file on your web server for validation via HTTP protocol | Adds a DNS TXT record at your DNS provider for validation |
Requires CNAME Configuration Before Application | Yes, your domain must be CNAME-pointed to CDNetworks | No |
Steps | 1. Configure your website to avoid caching the certificate file validation path. The default path is https://<domain>/.well-known/acme-challenge/ . 2. CDNetworks will obtain and place the verification file automatically, triggering validation. |
1. CDNetworks retrieves the TXT validation record value from the certificate authority. 2. A prompt will appear asking you to manually add the TXT record at your DNS provider. 3. After adding the record, click Validate to check if the record has been correctly added. Note: Do not delete the TXT record until the certificate application is successful. |
Supports Auto Renewal | Yes | No |
Supports Wildcard Certificate | No | Yes |
Validation Speed | Depends on the certificate provider, usually within 1 to 24 hours | Depends on the DNS provider, usually within 10 minutes to 24 hours |
Certificate Status | Definition |
---|---|
Applying | The application task has been successfully submitted, and interaction with the certificate provider is in progress. |
Application Successfully | The certificate has been obtained from the certificate provider but has not yet been deployed. |
Application Failed | There was an error interacting with the certificate provider, and the certificate was not issued. |
Deployed Successfully | The certificate has been deployed, and the certificate is associated with your domain. |
Deployment Failed | An error occurred during deployment. Please contact technical support. |
Application Canceled | You canceled the certificate request. |
Successfully issued certificates are valid for 90 days. You can view the expiration date in the application records.
For certificates issued via file verification and with the status Deployed Successfully
, you can enable the auto-renewal feature. CDNetworks will automatically request a new certificate 30 days before expiry and deploy it seamlessly.
Note:
If the corresponding certificate provider starts charging for free certificates in the future, the auto-renewal setting will automatically become invalid.
The auto-renewal certificate application will follow the usage restrictions of the initial application. Please refer to the notes section below for details.
Domain CNAME Configuration: If you use the automatic file validation method, ensure that your domain is active on the CDNetworks platform and correctly configured with CNAME resolution, and your web server is not caching the certificate validation path.
Domain Restrictions: Domains containing “test”, “pay”, “bank”, “trust”, “iran”, or starting with www.
(e.g., www.example.com
or root domain example.com
) are not eligible.
Subdomain Limit: Up to 50 free certificates per week can be applied for subdomains under the registered domain (e.g., example.com
as a registered domain and a.example.com
as its subdomain). Exceeding limits across all platforms (including other providers) for Let’s Encrypt certificates may lead to application failure.
Above notes and restrictions are primarily due to the characteristics of DV certificates and the mechanisms of certificate authorities.
If you have other questions about the one-click certificate feature, please contact CDNetworks technical support team for assistance. You can also explore purchasing a paid certificate for additional features and flexibility.