Use Enhanced TLS

If you want to use an Enhanced TLS secure certificate—either one you provide to us, or one you create in Control Center using the CPS tool—you need to create a Property Hostname to Edge Hostname association using all applicable vanity domains, and select the appropriate certificate.

You should have your Enhanced TLS certificate ahead of time

  • If you're providing your own certificate: Generate it and work with your Account Representative to get it provisioned for use.
  • If you're generating a certificate using Certificate Provisioning System (CPS): We recommend that you create this certificate before creating your base configuration. Certificate provisioning via the CPS can take a considerable amount of time, especially with Enhanced TLS.

Let's set up Enhanced TLS

  1. Ensure that Enhanced TLS or Shared Cert is selected in Security Options.

  2. In the Property Hostnames content panel, click the Add button (or click the down arrow and select Add Hostname(s)).
  3. Input your vanity domain in the Add Hostname(s) field.
    • Are you creating a certificate using our CPS tool in Control Center? Enter your applicable vanity domain, but substitute hyphens for dots. For example, if your vanity domain is www.mymedia.com, enter www-mymedia-com.
      • Have you already generated the certificate in CPS? (This is the recommended process.) You need to input the vanity domain that matches what you've set up in that certificate (as either the Common Name (CN) or a SAN (Subject Alternate Name)).
      • Do you need to Create a New Certificate? Input your vanity domain.
    • Are you providing your own custom certificate? If so, you need to enter the exact vanity domain associated with the certificate you've provided to us for use.
    Note: Only alphanumeric (a-z, A-Z, 0-9) and hyphen ("-") characters are supported, with a length 4-60 characters. This value cannot begin or end with a hyphen.
  4. Repeat Step 3 to add more vanity domains, if applicable. Otherwise, click the Next button to continue.
  5. Select the appropriate IP Version, based on what your application or site can support, and then click Next to continue.
    • IPv4 only: Support for IP addresses using version 4, only.
    • IPv4 + IPv6 (dual stack): Support for both address formats.
      Note: If you select IPv4 + IPv6 (dual stack) as your IP version, your site or application must support IPv6 in HTTP request headers and delivered log lines.
  6. Select the certificate to be used to secure the configuration (and click Next to continue):
    • Have you already generated the certificate in CPS? (This is the recommended process.) Click the Select Certificate field to choose the applicable one.
    • Are you providing your own custom certificate? If so, you should have already worked with your Account Representative to provision it. Click the Select Certificate field to select it.
    • Do you need to create a new certificate? Click Create New Certificate to access a separate UI to create the certificate. You need to input all of the vanity domains you've set in this Property Hostname in either the Common Name (CN) or a SAN (Subject Alternative Name) fields in the certificate. Usage instructions for this tool are available via the “?” help buttons in that UI.
      Note: If you create a certificate at this point, you have to wait for the certificate to provision before you can continue with creation of the base configuration.
  7. Verify settings for the association. The vanity domain you've set as your Property Hostname is automatically added as the prefix for the Edge hostname, and revealed here. (For example: <Property Hostname>.edgekey.netwww.mymedia.com.edgekey.net). Verify that this is the appropriate Property hostname to Edge hostname association and click Submit.
  8. Review information in the Success window and apply its instructions as required.

What's next?

From here, you continue setting up the base configuration (apply rules and behaviors), and then save it.

Ultimately, when you're ready to move forward and go live with the configuration, you need to update the existing DNS record for your site or application to be a CNAME record that points to this Edge hostname.