Updated on 2024-07-19 GMT+08:00

Configuration Method

You can configure HTTPS secure acceleration to protect your VOD resources. HTTPS is enabled for the domain name allocated for VOD by default. If you use your own domain name for VOD acceleration, you must enable HTTPS. Otherwise, you cannot preview and play media files on the VOD console.

Background

Forcible direction to HTTPS: If a user initiates an HTTP request, the server returns a 302 status code, and the user is redirected to HTTPS.

HTTP/2: The HTTP/2 specification was published as RFC 7540 in May 2015. The standardization effort was supported by Chrome, Opera, Firefox, Internet Explorer 11, Safari, Amazon Silk, and Edge browsers.

HTTPS has the following advantages over HTTP:
  • HTTPS is a network protocol constructed based on SSL and HTTP for encrypted transmission and identity authentication. It is more secure than HTTP and prevents data from being stolen or tampered with during transmission, ensuring data integrity.
  • Key user information is encrypted to prevent session IDs or cookies from being captured by attackers.
HTTP/2 has the following advantages:
  • Multiplexing: Multiple HTTP requests can be sent and responses can be received asynchronously via a single TCP connection.
  • Binary framing: All HTTP/2 communication is split into smaller messages and frames, each of which is encoded in binary format to replace plaintext transmission in HTTP/1.x.
  • Server push: A server can actively push responses into client caches, speeding up web page loading.
  • Header compression: HTTP/2 uses the HPACK algorithm designed for header compression. It compresses the message header and creates an index table for the message header. For the same message header, only the index number is sent, reducing the transmission of header data.

Prerequisites

Enabling HTTPS

  1. Log in to the VOD console.
  2. In the navigation pane, choose Domain Name Management.
  3. Click Settings in the row containing your domain name and then click the HTTPS Settings tab.
  4. Enable HTTPS Acceleration and set HTTPS parameters. See Figure 1.

    Figure 1 Configuring an HTTPS certificate
    Set the certificate name, use a text editor to open the obtained certificate file and private key file, and copy the content to the Certificate Body and Private Key text boxes. Certificates issued by different organizations have the following differences:
    • If your certificate is issued by the root CA, the certificate is a complete certificate. Copy the certificate content.
      Figure 2 HTTPS certificate
    • If your certificate is issued by an intermediate CA, the certificate file contains multiple certificates. You need to combine all the certificates into a single certificate. For details, see Certificates Issued by Intermediate CAs.

  5. Select whether to enable Forcible Redirection to HTTPS and HTTP2.0.

    • Forcible Redirection to HTTPS: If this function is enabled, when you access media in VOD, all requests are redirected to HTTPS.
    • HTTP2.0: If this function is enabled, all requests for accessing media in VOD comply with the HTTP/2 protocol.

  6. Verify whether HTTPS secure acceleration has taken effect.

    If the playback URL starts with https:// and you can use play video or audio via the URL, HTTPS secure acceleration has taken effect.

Updating a Certificate

If your certificate is about to expire or has been revoked, you need to synchronize the new certificate to the HTTPS settings. The procedure of updating a certificate is the same as that of enabling HTTPS.