TLS Versions

Background

TLS is a security protocol used to ensure security and data integrity for Internet communication. The most typical application is HTTPS. TLS 1.0, TLS 1.1, TLS 1.2, and TLS 1.3 are available. A later version is more secure, but is less compatible with browsers of earlier versions.

Constraints

• Before configuring the TLS versions, configure an international HTTPS certificate first. For details, see Configuring an HTTPS Certificate.
• If the domain name is bound to a certificate with Chinese cryptographic algorithm, TLS versions cannot be configured.
• If you change the certificate type from International to Chinese (SM2), TLS version settings will become invalid.
• If you configure two certificates for a domain name, TLS version settings take effect only for the international certificate.
• You can enable a single version or consecutive versions. For example, you cannot enable TLS 1.0 and TLS 1.2 but disable TLS 1.1.
• You need to enable at least one version.
• By default, TLS 1.1, TLS 1.2, and TLS 1.3 are enabled.
• TLS versions cannot be configured for domain names with special configurations.

Procedure

1. Log in to Huawei Cloud console. Choose Service List > Content Delivery & Edge Computing > Content Delivery Network.

   The CDN console is displayed.

2. In the navigation pane, choose Domains.
3. In the domain list, click the target domain name or click Configure in the Operation column.
4. Click the HTTPS Settings tab.
5. In the TLS Version area, click Edit.
   Figure 1 Configuring the TLS versions
   

6. Select one or more TLS versions and click OK.