Use Cases
Once your website has enabled HTTPS access, EdgeOne will, by default, support a variety of SSL/TLS versions with higher compatibility for your site to adapt to different user terminal access environments. Under normal circumstances, you do not need to modify this configuration. If your website has high security requirements and you need to prevent users from accessing through lower security SSL/TLS versions, you can customize the SSL/TLS versions used by modifying this configuration.
Note:
For differences between different TLS versions and cipher suites, see TLS Versions and Cipher Suites.
Scenario 1: Modifying SSL/TLS Security Configuration for All Domain Names
To configure required SSL/TLS versions for all domain names used to access a site, refer to the following information.
Preparations
You have configured SSL certificates for all domain names used to access the current site as instructed in Certificate Configuration.
Instructions
1. Log in to the EdgeOne console. In the left-hand menu, click on Site List. Within the site list, click on the site you wish to configure.
2. On the site details page, select Site Acceleration > HTTPS to navigate to the HTTPS page.
3. In the SSL/TLS Security Configuration card, click on Site Global Settings to make modifications.
Default configuration:
Supported TLS versions:
TLS 1.0, TLS 1.1, TLS 1.2, TLS 1.3.Cipher suite:
eo-loose-v2023.Scenario 2: Modifying SSL/TLS Security Configuration for Specified Domain Names
To configure required SSL/TLS versions for specified domain names, refer to the following information.
Preparations
You have configured SSL certificates for the specified domain names used to access the current site as instructed in Certificate Configuration.
Instructions
1. Log in to the EdgeOne console. In the left-hand menu, click on Site List. Within the site list, click on the site you wish to configure.
2. On the site details page, click Rule Engine.
3. On the rule engine management page, click Create Rule to enter the rule editing page.
4. On the page that appears, select HOST from Matching type and specify an operator and a value to match the requests of specified domain names.
5. Click on Operation > Selection Box, and from the pop-up operation list, choose SSL/TLS Security Configuration.
6. Click Save and publish to complete the rule configuration.