15 Oct 2018

Why Every Website Owner Should Consider CDN SSL Support

If you’re using CDN services, you should consider enabling CDN SSL support, especially if you’re selling goods or services.

In the modern world, the internet has long become a part of our everyday lives. All operations, both personal and business, including buying goods and services and paying monthly bills, are now readily available online. This fact allows anybody to take advantage of the technology’s convenience.

However, convenience doesn’t come without risk.

During the past decade numerous unauthorized, fake websites have been trying to steal personal information (credit card details, logins, passwords, etc.) from customers, and succeeded in many instances. Naturally, this has made the public doubtful about using the services of a new website that requires any personal information.

This is where the HTTPS protocol comes into play. As a sign of trustworthiness in the online world, any website that is conducting sales over the web is highly advised to operate via the HTTPS protocol. This will help to better protect the personal information of their customers while also earn their trust.

To access your CDN services via the HTTPS protocol, you need to enable CDN SSL support for your static content.

What are SSL Certificates?

Security Socket Layer (SSL) certificates are tiny data files that digitally bind a cryptographic key to an organization’s information. When installed on a web server, they activate the padlock and the HTTPS protocol and allow to establish secure connections between your server and a web browser. It is also commonly referred to as “the green lock bar” of a website.

Similarly, when CDN SSL certificate support is enabled, it allows you to access all CDN services via the HTTPS protocol. This feature helps make sure that your website is secure for your visitors, anywhere in the world.

There are three main SSL types available on the market – DV SSL, OV SSL and EV SSL, and they all have different security levels and functionality.

Here are the main differences:

Domain Validated (DV) SSL

The DV SSL certificate is a basic SSL type that is used by websites whose web-based applications are not under the risk of phishing. The process of issuing a DV SSL is pretty straightforward, and you can obtain it by verifying domain ownership via the WHOIS record.

The DV SSL displays HTTPS and the green padlock, and looks like this:

Organization Validated (OV) SSL

The OV SSL certificate adds another security layer over the DV certificate. Here, the issuing authority verifies some business documents in addition to the domain name before approving the certification. The whole process can take up to 2-3 days.

The OV SSL displays HTTPS, the green padlock and company information, and looks like this:

OV CDN SSL example


Extended Validation (EV) SSL

EV SSL certificates provide the most amount of security out of all the available options. The EV verification guidelines require a company to provide a lot of information to the issuing authority. The authority checks and verifies the domain name plus all the details, and it can take up to 5 days to approve the certificate.

The EV SSL displays HTTPS, the green padlock and the company name directly in the address bar, and looks like this:

EV CDN SSL example


Wildcard SSL Certificates

Wildcard SSL certificates allow users to secure an unlimited number of sub-domains of their main domain through a single certificate. For instance, if you intend to secure “,” the Wildcard SSL certificate can help you also secure:


Finally, the functionality and issuance process of these certificates directly depend on your original choice of the SSL certificate. Also, here for a list of the most reliable SSL certificate providers on the market today.

What is SNI SSL?

Server Name Indication (SNI) technology is an extension of the TLS protocol, which indicates the hostname that is being contacted by the browser during the initial connection process. When a user wants to visit a website through an SSL connection, the browser requests a digital certificate from the server. Then, it compares the name on the certificate from the server with the requested page name. If they match, the website is displayed normally.

However, to avoid any mismatches and inconveniences, websites that utilize SSL certificates are required to have their IP addresses. This way, the web server can use the IP address to send the correct certificate to the browser.

Since the number of IP addresses is limited, forcing every website to have a unique IP address can be very inefficient when it comes to scalability, and this is where SNI comes into play. SNI technology allows connecting multiple SSL certificates to a single IP address.

CDN SSL Solutions

At CDNsun, we offer four types of CDN SSL solutions:

  • Shared SSL – We provide clients with a shared SSL certificate through our * domain and enable it for their CDN services, all free of charge.
  • SNI SSL – Clients provide their SSL certificate for their domain, and we enable it for their CDN services free of charge.
  • SNI LE SSL – We provide clients with a custom SSL certificate via the Let’s Encrypt (LE) authority and enable it for their CDN services for free. LE is a trusted, free, automated and open certificate authority created by Internet Security Research Group, a California based non-profit organization specializing in internet security.
  • San Cloud SSL – We provide clients with a custom SSL certificate for their domain and enable it for their CDN services for $660/per year and $39, accordingly.

CDNsun was established with the mission to provide affordable, reliable, secure and fast CDN services. We have already helped thousands of clients to bring their website optimization to the next level.

Our network consists of over 50 global data centers, and all of them are equipped with the fastest SSD drives. We offer some of the lowest costs on the market ($0.04 per GB of data spent), and most importantly, 24/7 email, phone and live chat support available to all clients regardless of their payment plan, including trial accounts.