TLS, HTTPS & Certificate Management on the CDN
Learn how CDNs terminate TLS at the edge, manage certificates, and enable modern secure transport features like HTTP/2 and HSTS.
Why TLS at the Edge
Modern CDNs terminate TLS at the edge, meaning the encrypted HTTPS handshake completes at the nearby PoP rather than at your distant origin.
- Shorter handshake round trips equals faster secure connections
- Offloads CPU-heavy crypto from your origin
- Enables edge-level features like HTTP/2 and 0-RTT
The TLS Handshake Briefly
A TLS handshake negotiates encryption keys before any data flows. It costs round trips, so doing it at a nearby edge is far faster than at a remote origin. Session resumption can skip steps on repeat visits.
All lessons in this course
- CDN Cache Control Headers
- CDN Security Features
- Measuring CDN Performance
- TLS, HTTPS & Certificate Management on the CDN