Client Certificates
You can configure a client certificate to enforce mutual certificate authentication between the clients and CDN PoPs, securing website communication.
Prerequisites
- You have configured an international HTTPS certificate. For details, see Configuring an HTTPS Certificate.
- You have applied for a client CA certificate.
Precautions
- A client certificate cannot be configured for domain names with special configurations.
Procedure
-
Log in to Huawei Cloud console. Choose .
The CDN console is displayed.
- In the navigation pane, choose .
- In the domain list, click the target domain name or click Configure in the Operation column.
- Click the HTTPS Settings tab.
- In the Client Certificate area, click Edit. The Configure Client Certificate dialog box is displayed.
Figure 1 Configuring a client certificate
Table 1 Parameters Parameter
Description
Certificate
Content of the client CA certificate. Only the PEM format is supported.
Domain Names (Optional)
Domain names specified in the client CA certificate.
- Leave this parameter blank to allow all requests from clients that hold the CA certificate.
- Enter up to 100 domain names. Separate them by commas (,) or enter one domain per row.
- Enable the Status switch, enter the certificate content, and click OK.
- After the configuration is complete, a CDN PoP verifies the client certificate when a client requests resources using HTTPS. If the verification is successful, the PoP returns the resource to the client. If the verification fails, the access is rejected.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot