Overview
Menu

Configuring SSL/TLS Security

Use Cases

When HTTPS access is enabled for your website, EdgeOne supports multiple SSL/TLS versions to ensure compatibility with different user terminals by default. Normally, you do not need to modify this configuration. However, if your website requires a high level of security and you need to prevent users from accessing your website through less secure SSL/TLS versions, you can customize this configuration by specifying the required SSL/TLS versions.
Note:
For differences between different TLS versions and cipher suites, see TLS Versions and Cipher Suites.

Scenario 1: Modifying SSL/TLS Security Configuration for All Domain Names

To configure required SSL/TLS versions for all domain names used to access a site, refer to the following information.

Prerequisites

You have configured SSL certificates for all domain names used to access the current site as instructed in Certificate Configuration.

Directions

1. Log in to the EdgeOne console and click Site List in the left sidebar. In the site list, click the target site.
2. On the site details page, choose Site Acceleration > HTTPS to go to the HTTPS page.
3. On the SSL/TLS Security Configuration card, click Global settings to modify the configuration.

Default configuration:
Supported TLS versions: TLS 1.0, TLS 1.1, TLS 1.2, TLS 1.3.
Cipher suite strength: eo-loose-v2023.

Scenario 2: Modifying SSL/TLS Security Configuration for Specified Domain Names

To configure required SSL/TLS versions for specified domain names, refer to the following information.

Prerequisites

You have configured SSL certificates for the specified domain names used to access the current site as instructed in Certificate Configuration.

Directions

1. Log in to the EdgeOne console and click Site List in the left sidebar. In the site list, click the target site.
2. On the site details page, click Rule Engine.
3. On the rule engine management page, click Create rule.
4. On the page that appears, select HOST from Matching type and specify an operator and a value to match the requests of specified domain names.
5. From the Operation drop-down list, select SSL/TLS security configuration. Then, select TLS versions as needed.


6. Click Save and publish.