SSL Certificates
SSL certificates are unique digital signatures of your website, which are necessary for establishing a secure connection between the user and the server. It is particularly important when dealing with sensitive information and conducting financial transactions (HTTPS protocol).
When using the «default domain», the domain is protected by a Common Certificate, and distribution is carried out via the HTTPS protocol. You must upload your personal SSL certificate if you use a personal domain and the HTTPS protocol.
Please note that you cannot use your own certificates in Akamai.
Content distribution through the «default domain» will use the HTTP protocol when you connect your own SSL certificate, because only one certificate can be active at the same time.
Types of SSL Certificates in the Selectel Control Panel
| - | Service | Custom | Let’s Encrypt |
|---|---|---|---|
| Available for these providers | Akamai Selectel |
Selectel | Selectel |
| Domains | For the default domain | For custom domains | For all resource domains |
| Managing | Cannot be managed | Disable Activate Delete |
Issue Update Delete |
| Updating | Automatically | Manually | Automatically |
Service SSL Certificate
For the CNAME-records in the ***.selcdn.net or ***.akamaized.net zones, a free service SSL certificate is available. The certificate is issued by the provider and applies to the default domain.
The common SSL certificate is not available when using a custom domain.
The common SSL certificate cannot be changed.
Custom SSL Certificate
To attach a personal SSL certificate to the CDN resource:
- Go to the Certificates tab in the CDN resource card.
- Click Add certificate.
- Go to the Custom tab in the new window.
- Enter the SSL certificate data and a private key.
- You can mark a checkbox to activate the certificate right after it is added.
- Click Add a custom SSL certificate.
The certificate will be attached to the resource and added to the list of custom certificates under Certificates.
Let’s Encrypt
You can issue a Let’s Encrypt certificate after creating the CDN resource. Follow these steps to issue a Let’s Encrypt certificate:
- Check that the CNAME record for the domains attached to the resource is correct.
- Go to the Certificates tab in the CDN resource card.
- Click Add certificate.
- Click Issue a Let’s Encrypt certificate on the Let’s Encrypt tab in the new window. It usually takes about 15 minutes to issue a certificate. In some cases, it can take up to two hours.
Let’s Encrypt Limitations
Only one Let’s Encrypt certificate can be issued for each CDN resource at a time. A certificate is issued for all domains attached to the CDN resource.
Let’s Encrypt certificates cannot be disabled like custom ones. You cannot reactivate a Let’s Encrypt certificate after deleting it or activating another certificate. You must issue a new one.
If you activate another certificate, the current Let’s Encrypt certificate will be deleted automatically. For Let’s Encrypt certificates, all limitations apply as described in the documentation on the official Let’s Encrypt website.