You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/cdn/cdn-custom-ssl.md
+8-7Lines changed: 8 additions & 7 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -6,10 +6,10 @@ author: halkazwini
6
6
ms.author: halkazwini
7
7
ms.service: azure-cdn
8
8
ms.topic: tutorial
9
-
ms.date: 03/31/2025
9
+
ms.date: 08/07/2025
10
10
ms.custom: mvc
11
-
#Customer intent: As a website owner, I want to enable HTTPS on the custom domain of my CDN endpoint so that my users can use my custom domain to access my content securely.
12
11
ROBOTS: NOINDEX
12
+
13
13
# Customer intent: As a website owner, I want to configure HTTPS for my custom domain on a CDN endpoint, so that I can ensure the secure delivery of sensitive data to my users.
14
14
---
15
15
@@ -63,12 +63,12 @@ To enable HTTPS on an Azure CDN custom domain, you use a TLS/SSL certificate. Yo
63
63
# [Option 1 (default): Enable HTTPS with a CDN-managed certificate](#tab/option-1-default-enable-https-with-a-cdn-managed-certificate)
64
64
65
65
Using a certificate managed by Azure CDN allows you to enable HTTPS with a few settings changes. Azure CDN handles all certificate management tasks, including procurement and renewal. This is supported for custom domains with direct CNAME to Azure CDN endpoint.
66
-
> [!IMPORTANT]
67
66
68
-
> - As of May 8, 2025, DigiCert no longer supports the WHOIS-based domain validation method. Hence, if your domains with indirect CNAME to Azure CDN endpoint, you must use the Bring your own certificate feature.
69
-
> - Due to the WHOIS-based domain validation, managed certificate issued using WHOIS-based domain validation can't be auto renewed until you have direct CNAME pointed to Azure CDN.
70
-
> - CDN-managed certificates are not available for root or apex domains. If your Azure CDN custom domain is a root or apex domain, you must use the Bring your own certificate feature.
71
-
> - Managed certificate autorenewal requires that your custom domain be directly mapped to your CDN endpoint by a CNAME record.
67
+
> [!IMPORTANT]
68
+
> - As of May 8, 2025, DigiCert no longer supports the WHOIS-based domain validation method. If your domain uses an indirect CNAME mapping to Azure Front Door Classic endpoint, you must use the **Bring Your Own Certificate (BYOC)** feature.
69
+
> - Due to changes in WHOIS-based domain validation, managed certificates issued using WHOIS-based domain validation can't be autorenewed until you have a direct CNAME pointing to Azure Front Door Classic.
70
+
> - CDN-managed certificates aren't available for root or apex domains. If your Azure CDN custom domain is a root or apex domain, you must use the **Bring Your Own Certificate (BYOC)** feature.
71
+
> - Managed certificate autorenewal requires that your custom domain be directly mapped to your Azure CDN endpoint using a CNAME record.
72
72
73
73
To enable HTTPS on a custom domain, follow these steps:
74
74
@@ -159,6 +159,7 @@ Your CNAME record should be in the following format:
159
159
For more information about CNAME records, see [Create the CNAME DNS record](./cdn-map-content-to-custom-domain.md).
160
160
161
161
If your CNAME record is in the correct format, DigiCert automatically verifies your custom domain name and creates a certificate for your domain. The certificate is valid for one year and will be autorenewed before it expires. Automatic validation typically takes a few hours. If you don't see your domain validated in 24 hours, open a support ticket.
162
+
162
163
Continue to [Wait for propagation](#wait-for-propagation).
0 commit comments