ByteArk Documentation

# Managing SSL Certificates for HTTPS

The default CDN omains (ending with *.cdn.byteark.com) come with HTTPS enabled. For custom domains, you'll need to configure SSL certificates using one of these methods:

  • Use SSL Certificates from Fleet Cert Manager (issued by Let's Encrypt, ZeroSSL, Google Public CA)
  • Use your own SSL Certificates

TIP

SSL Certificate updates take effect within approximately 1-2 minutes after changes

# Using SSL Certificates from Fleet Cert Manager

ByteArk Fleet (CDN)'s Web CDN can generate SSL certificates via Let's Encrypt, ZeroSSL, or Google Public CA using the ACME Protocol:

  1. Login to ByteArk Fleet (https://fleet.byteark.com (opens new window)) and select your target Web CDN Service
  2. Navigate to SSL/TLS menu under the Service and click Create from CertManager(ACME)
    • Enter domain name(s) or subdomain(s) and email (use commas to separate multiple domains)
    • Select desired certificate authority
      • For Google Public CA, you'll need to enter EAB Secret on first use with that email. Get EAB Secret details from Google tutorial (opens new window), then enter HMAC(b64MacKey) and Key ID(keyId)
    • Click Get Certificate and wait for SSL certificate generation. Once complete, it will appear in SERVICE'S CERTIFICATES list
  3. In SERVICE'S CERTIFICATES list, click Attach on the newly created certificate

# Using Your Own SSL Certificates

To import existing SSL certificates into ByteArk Fleet (CDN) Web CDN:

  1. Login to ByteArk Fleet (https://fleet.byteark.com (opens new window)) and select your target Web CDN Service
  2. Navigate to SSL/TLS menu and click Import in the SSL CERTIFICATES section
  3. Enter your certificate's Key and Certificate data
  4. Click Submit to import
  5. In SERVICE'S CERTIFICATES list, click Attach on the newly imported certificate

TIP

Multiple certificates can be created or imported per Service. Active certificates appear in CURRENT SSL/TLS CERTIFICATE list

# Requesting SSL Certificates from Fleet Cert Manager using DNS-01 Challenge

By default, Fleet Cert Manager uses HTTP-01 challenge for certificate requests. In some cases (e.g., wildcard certificates), DNS-01 challenge may be required. Currently, only Cloudflare DNS Provider is supported:

  1. Login to ByteArk Fleet (https://fleet.byteark.com (opens new window)) and select your target Web CDN Service
  2. Navigate to SSL/TLS menu and click Create from CertManager(ACME)
  3. Enter initial SSL Certificate details as described in Using SSL Certificates from Fleet Cert Manager
  4. Click Validation Method (ACME Challenge) Setting to show additional settings
    • Select Cloudflare from DNS-01 options
    • Create an API token in Cloudflare with Zone/Zone/Read and Zone/DNS/Edit permissions for the target domain's zone
    • Enter the API token in DNS API Token field
  5. Click Get Certificate and wait for SSL certificate generation. Once complete, it will appear in SERVICE'S CERTIFICATES list

Adjusting Cache Behavior Settings

Pricing Contact Terms of Service