Edge Developer Platform
  • Pages
    • Product Introduction
    • Quick Start
      • Agent Development
      • Importing a Git Repository
      • Starting From a Template
      • Direct Upload
      • Start with AI
    • Framework Guide
      • Agent
      • Frontends
        • Vite
        • React
        • Vue
        • Hugo
        • Other Frameworks
      • Backends
      • Full-stack
        • Next.js
        • Nuxt
        • Astro
        • React Router
        • SvelteKit
        • TanStack Start
        • Vike
      • Custom 404 Page
    • Project Guide
      • Project Management
      • edgeone.json
      • Configuring Cache
      • Building Output Configuration
      • Error Codes
    • Build Guide
    • Deployment Guide
      • Overview
      • Create Deploys
      • Manage Deploys
      • Deploy Button
      • Using Github Actions
      • Using Gitlab CI/CD
      • Using CNB Plugin
      • Using IDE PlugIn
      • Using CodeBuddy IDE
    • Domain Management
      • Overview
      • Custom Domain
      • HTTPS Configuration
        • Overview
        • Apply for Free Certificate
        • Using Managed SSL Certificate
      • Configure DNS CNAME Record
    • Observability
      • Overview
      • Metric Analysis
      • Log Analysis
    • Functions
      • Overview
      • Edge Functions
      • Cloud Functions
        • Overview
        • Node.js
        • Python
        • Go
    • Agents
      • Overview
      • Quick Start
      • Conversation Storage
      • Observability
      • Sandbox Tool
        • Overview
        • Using the Agent Framework
        • Sandbox Atomic API
        • Network Search Tool
      • Agent Authentication
    • Models
      • Overview
      • Models and Vendors
        • Overview
        • Using Vendor Keys
          • OpenAI
          • Anthropic
          • Google AI Studio
          • DeepSeek
          • MiniMax
          • Hunyuan
          • Zhipu
          • MoonShot AI
      • FAQs
    • Storage
      • Overview
      • KV
      • Blob
    • Middleware
    • AI-Native Development
      • Skills
      • MCP
    • Copilot
      • Overview
      • Quick Start
    • API Token
    • EdgeOne CLI
    • Message Notification
    • Integration Guide
      • AI
        • Dialogue Large Models Integration
        • Large Models for Images Integration
      • Database
        • Supabase Integration
        • Pages KV Integration
      • Ecommerce
        • Shopify Integration
        • WooCommerce Integration
      • Payment
        • Stripe Integration
        • Integrating Paddle
      • CMS
        • WordPress Integration
        • Contentful Integration
        • Sanity Integration
        • Payload Integration
      • Authentication
        • Supabase Integration
        • Clerk Integration
    • Best Practices
      • Adding an AI Chat Assistant to a Website
      • AI Dialogue Deployment: Deploy Project with One Sentence Using Skill
      • Using General Large Model to Quickly Build AI Application
      • Use the DeepSeek model to quickly build a conversational AI site
      • Building an Ecommerce Platform with Shopify
      • Building a SaaS Site Using Supabase and Stripe
      • Building a Company Brand Site Quickly
      • How to Quickly Build a Blog Site
    • Migration Guides
      • Migrating from Vercel to EdgeOne Pages
      • Migrating from Cloudflare Pages to EdgeOne Pages
      • Migrating from Netlify to EdgeOne Pages
    • Troubleshooting
    • FAQs
    • Limits
    • Pricing
    • Contact Us
    • Release Notes
Docs Overview/
Edge Developer Platform/
Pages/
Domain Management/
HTTPS Configuration/
Overview/

Overview

Makers does not automatically assign an HTTPS certificate to your domain. However, we strongly recommend that you complete the HTTPS configuration due to factors such as security, credibility, and search ranking.

HTTPS configuration is for configuring the available HTTPS certificate under your current domain, which will be deployed to EdgeOne edge nodes. Based on the certificate type you own, edge HTTPS certificate supports the following two configuration modes.
Configuration Method
Scenarios
If you have not purchased an SSL certificate, EdgeOne can automatically perform free certificate application, deployment, and renewal to reduce Ops workload. The currently applied free certificate is an RSA certificate originating from Trust Asian and Let's Encrypt.
If you already owned a domain name certificate, you can upload the certificate to the Tencent Cloud SSL console and deploy it to the edge node. A maximum of one RSA, ECC, or SM2 certificate can be deployed to the EdgeOne node at the same time.

Force HTTPS Access

Force HTTPS Access is usually used for improving website security and protecting user privacy. If your business needs to protect user privacy and other sensitive information, enable this feature to ensure data encryption during transmission in order to improve security.
You can redirect client HTTP requests to HTTPS requests via 301, 302 and other methods, while client HTTPS requests remain unchanged.




Enable HSTS

To improve access security, you can use HSTS to force browsers to initiate HTTPS access directly. HSTS is a crucial security mechanism for high-security websites. After HSTS is enabled, EdgeOne Makers adds a response header, Strict-Transport-Security, when responding to HTTPS requests. This header instructs the browser to use the HTTPS protocol directly for requests within a specified period.

Note:
When a client uses the HTTP protocol to make a request to an EdgeOne node, even if force HTTPS access is enabled to redirect the request to HTTPS, the first request still uses HTTP and may be intercepted or maliciously tampered with. Hence, when enabling HSTS, it is recommended to configure force HTTPS access, set up an SSL certificate for the domain, and ensure the user's first visit is performed via an HTTPS request.

OCSP Stapling

After OCSP stapling is enabled, the OCSP query task is performed by EdgeOne Makers, and the query result is cached on the server. When a client performs a TLS handshake with the platform, the platform directly responds to the client with OCSP information and the certificate for verification. This eliminates the need for the client to send a query request to the CA, greatly improving TLS handshake efficiency, reducing user verification time, and optimizing HTTPS speed.