Configuration Method
You can enable HTTPS secure acceleration to protect your live resources.
Context
Force HTTPS: If a user initiates an HTTP request, the server returns a 302 status code and the request is forcibly redirected to HTTPS.
- HTTPS is a network protocol constructed based on SSL and HTTP for encrypted transmission and identity authentication. It is more secure than HTTP and prevents data from being stolen or changed during transmission to ensure data integrity.
- Key user information is encrypted to prevent session IDs or cookies from being captured by attackers.
Prerequisites
- The ingest domain name and streaming domain name have been added and associated.
- You have configured CNAME records at your domain names' DNS provider.
- An HTTPS certificate is available. If not, buy one in SSL Certificate Manager (SCM).
- The HTTPS certificate format must meet the requirements. If your certificate is not in PEM format, convert the certificate to the PEM format.
Enabling HTTPS
- Log in to the Live console.
- In the navigation pane, choose Domains.
- Click Manage in the Operation column of the desired streaming domain name.
- In the navigation pane, choose Templates > HTTPS Certificates.
- Click Create. The page of creating certificate settings is displayed, as shown in Figure 1.
- Click Add Certificate. The settings of certificate 1 are displayed, as shown in Figure 2.
Table 1 describes the parameters. You can add a certificate only when:
- There is only one international standard certificate.
- There is only one Chinese (SM) certificate.
- There is one international standard certificate and one Chinese (SM) certificate.
Table 1 Parameters Parameter
Description
Certificate Standard
Standard of the HTTPS certificate.
Options:
- International
- Chinese (SM)
Certificate Source
Source of the HTTPS certificate.
Options:
- My certificate: a certificate obtained from a compliant channel
- SCM certificate: a certificate purchased from Huawei Cloud SCM
International > My certificate
Open the obtained certificate file and private key file using a text tool, and copy the certificate body and private key content to the text boxes.
Certificates issued by different organizations have the following differences:- If your certificate is issued by the root CA, the certificate is a complete one. Copy the certificate body.
Figure 3 HTTPS certificate
- If your certificate is issued by an intermediate CA, the certificate file contains multiple certificates. You need to combine all the certificates into a single certificate.
Chinese (SM) > My certificate
International > SCM certificate
Click Create SCM Certificate on the right of Certificate Name to go to the SCM console and purchase a certificate as prompted.
After the certificate is issued, it will be automatically displayed in the Certificate Name drop-down list box.
Chinese (SM) > SCM certificate
- Determine whether to enable Force HTTPS.
If this option is enabled, all requests for your website are converted to HTTPS requests.
- Click OK.
- Verify whether HTTPS secure acceleration has taken effect.
Use an HTTPS streaming URL to play a live video. If the playback is successful, HTTPS secure acceleration has taken effect.
Updating a Certificate
If your certificate has been changed, you need to synchronize the new certificate body to the HTTPS settings. The procedure for updating a certificate is the same as that for enabling HTTPS.
If the certificate is your own one, the content in the Private Key text box is empty by default to ensure the security and confidentiality of the private key. You need to enter and submit the content again.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
