Subscribe
    Behavior

    HTTP to HTTPS Upgrade

    zaiveeBy No Comments2 Mins Read

    Convert HTTP (non-secure) requests from your clients to use secure HTTPS for the remainder of the request flow. This improves the security of the data transferred between the edge and your origin server.

    How it works

    A complete request flow involves three total entities:

    • The client making the request.
    • The ​Akamai edge server, where your property is read, and target content may be cached.
    • The origin where the target content is actually hosted.

    With this behavior added, all requests in the flow between the ​Akamai edge and your origin are converted to HTTPS to secure them. Since TCP is stateful, an HTTP request from a client must be answered with an HTTP response. If you require a complete HTTPS connection end-to-end, consider implementing a redirect from the original HTTP URL to an HTTPS one.

    You need to set up your origin to support HTTPS

    This behavior doesn’t include any options. Adding it to your property enables the conversion. However, you need to:

    • Prepare your origin server. This covers the various types of secure origin and how to set them up.
    • Add an origin server to your property. You need to use the Origin Server behavior to properly configure your origin in your property.

    Additional considerations

    • The upgrade is to Standard TLS (HTTPS L1). If you want to use more secure Enhanced TLS to transfer personally identifiable information (PII), you need to prepare an Enhanced TLS certificate and apply it to your Property Hostname. There are multiple ways to do this:
      • The Custom Certificate method (Default). Here, you’ll use ​Akamai’s Certificate Provisioning System (CPS) to prepare the certificate, wait for it to provision, then you can apply it when you add a new property hostname.
      • The Default Certificate method (Limited Availability, only). This process lets you select this level of security when you add a property hostname, and ​Akamai automatically creates the certificate for you, in the background.
    • This behavior uses 443 as the forward port for all products other than Adaptive Media Delivery (AMD), Download Delivery, and Object Delivery.

    Related Posts

    Add A Comment

    Leave A Reply