Add Protocol Downgrade to a new configuration

You can create a new AMD property and add the Protocol Downgrade (HTTPS Downgrade to Origin) behavior to it.

Note: This process does not cover all of the steps required to properly setup a new AMD property. It only reveals the steps necessary to add the Protocol Downgrade (HTTPS Downgrade to Origin) behavior.

Apply the proper security to the property

Protocol Downgrade (HTTPS Downgrade to Origin) is supported for use with either Standard TLS (L1) security or via the use of our Shared Certificate hostname. You need to apply these securities via a Property hostname to Edge hostname association.

  • Standard TLS (L1):
    1. Create a new Standard TLS-enabled certificate using our Certificate Provisioning System. Ensure that all of your applicable vanity domain names have been added to the certificate. (You need to wait for the certificate to provision before continuing.)
    2. Create a new AMD configuration using Property Manager.
    3. Use the Property Hostname content panel to create a Property hostname to Edge hostname association, and include all of the vanity domain names you set in the certificate.
    4. Save the configuration.
  • Shared Certificate hostname:
    1. Create a new AMD configuration using Property Manager.
    2. Use the Property Hostname functionality to set up Shared Certificate Hostname.

Add the Protocol Downgrade (HTTPS Downgrade to Origin) behavior

  1. In the Property Configuration Settings options, click Add Behavior.
  2. In the Search available behaviors field, input "Protocol Downgrade" to filter the listed behaviors. Ensure that you select Protocol Downgrade (HTTPS Downgrade to Origin) from the list.
  3. The new behavior is added to your configuration. Set the Status slider to "On."

The Cache Key Sharing behavior might be necessary

Once you enable Protocol Downgrade (HTTPS Downgrade to Origin) in your AMD property, a warning message is added to the Errors/Warnings/Notes Messages Display at the bottom of the Property Manager Editor UI. (Click the up triangle——to display messages.)

As a result of the change from HTTPS to HTTP, the cache key will change. You should add this behavior and set it to "On," if your origin cannot handle the excessive additional requests that this change may require.