Configuration Methods

Context

Force HTTPS: If a user initiates an HTTP request, the server returns a 302 status code, and the user is redirected to HTTPS.

Prerequisites

• You have created a channel, as shown in Creating a Channel.
• CNAME records have been added to your domains' DNS records.

• The HTTPS certificate has been prepared. If no HTTPS certificate is available, buy one in SSL Certificate Manager (SCM).
• The HTTPS certificate format must meet the requirements. If your certificate is not in PEM format, convert the certificate to the PEM format.

Enabling HTTPS

1. Log in to the Live console.
2. In the navigation pane, choose Domains.
3. Find the streaming domain name whose Subservice Type is Media Live and for which HTTPS secure acceleration needs to be configured. Then click Manage.
4. In the navigation pane, choose Templates > HTTPS Certificates.
5. Click Create. The Create Certificate Setting page is displayed, as shown in Figure 1.
   Figure 1 Creating a certificate setting
   

6. Click Add Certificate. The settings of certificate 1 are displayed, as shown in Figure 2.

   See Table 1. You can add a certificate only when:

   • there is only one international standard certificate
   • there is only one Chinese (SM) certificate
   • there is one international standard certificate and one Chinese (SM) certificate.
     Figure 2 Configuring a certificate
     

     Table 1 Parameters

     Parameter	Description
     Certificate Standard	Standard of the HTTPS certificate. Options: International Chinese (SM)
     Certificate Source	Source of the HTTPS certificate. Options: My certificate: a certificate obtained from a compliant channel SCM certificate: a certificate purchased from Huawei Cloud SCM
     International > My certificate	Open the obtained certificate file and private key file using a text tool, and copy certificate body and private key content to the corresponding text boxes. Certificates issued by different organizations have the following differences: If your certificate is issued by the root CA, the certificate is a complete certificate. Copy the certificate content. Figure 3 HTTPS certificate If your certificate is issued by an intermediate CA, the certificate file contains multiple certificates. You need to combine all the certificates into a single certificate. For details, see Certificates Issued by Intermediate CAs.
     Chinese (SM) > My certificate
     International > SCM certificate	Click Create SCM Certificate on the right of Certificate Name to go to the SCM console and purchase a certificate as prompted. After the certificate is issued, it will be automatically displayed in the Certificate Name drop-down list box.
     Chinese (SM) > SCM certificate

7. Select whether to enable Force HTTPS.

   Enabling this function will convert all requests for your website to HTTPS requests.

8. Click OK.
9. Verify whether HTTPS secure acceleration has taken effect.

   Use an HTTPS streaming URL to play a Media Live video. If the playback is successful, HTTPS secure acceleration has taken effect.

Updating a Certificate

If your certificate is changed, you need to synchronize new certificate content to the HTTPS settings. The procedure to update a certificate is the same as that to enable HTTPS.

For My certificate, the Private Key text box is empty by default to ensure the security and confidentiality of the private key content. You need to enter the content again and submit it.