- English
- 日本語
Fastly TLS prerequisites and limitations
Last updated 2025-04-17
Before getting started with Fastly-managed TLS subscriptions (managed TLS) or self-managed TLS certificates (Bring Your Own Certificates), be sure to review the following prerequisites and limitations.
Prerequisites for using Fastly TLS
In order to use Fastly TLS, you must have the following in place:
- a Fastly user account assigned the role of superuser or assigned a user role with added TLS management permission
- permission to modify the DNS records on the relevant domains that appear as SAN entries on the TLS certificate
- the relevant domains added to a properly configured Fastly service
Fastly-managed certificate limitations
Fastly-managed certificates are an option for both paid and trial accounts. When you set up TLS using Fastly-managed certificates, Fastly uses the ACME protocol to procure and renew TLS certificates. You have several options for certification authorities:
NOTE
Your charges may vary based on the certification authority you select.
- Certainly, Fastly's publicly-trusted certification authority
- Let’s Encrypt, a third-party non-profit certification authority
- GlobalSign, a third-party commercial certification authority (only available for paid accounts)
No matter which certification authority you select, the following limitations apply:
- Fastly managed certificates require clients to support TLS v1.2 and Server Name Indication (SNI) by default. To discuss how you can use settings other than these defaults, contact support@fastly.com.
- Fastly TLS does not support the Triple DES (3des) cipher suite.
Trial accounts are subject to the following limitations:
- Trial accounts include up to two TLS domains for free using the Certainly or Let's Encrypt certification authorities.
- Wildcard certificates are not supported on trial accounts.
Self-managed certificate prerequisites and limitations
Self-managed certificates are an option for paid accounts. When you set up TLS using self-managed TLS certificates, you upload and deploy your own TLS certificates and private keys using the Fastly control panel or API.
To use Fastly TLS with self-managed certificates, be sure you have the following prerequisites in place:
- a paid Fastly user account (not a developer’s trial)
- a valid X.509 TLS certificate from a trusted certification authority (CA) and a matching 256-bit ECDSA private key (recommended) or 2048-bit RSA private key
- the relevant domains added as Subject Alternative Name (SAN) entries on the TLS certificate
In addition to these prerequisites, be sure you understand the following limitations about the certificate you upload and the CA you choose:
- Uploaded certificates require clients to support TLS v1.2 and Server Name Indication (SNI) by default. To discuss how you can use settings other than these defaults, contact support@fastly.com.
- If you're a DigiCert customer, be aware that upon making certificate changes, DigiCert will revoke your original certificate 72 hours after re-issuance. Be sure you upload your new certificate and switch all hostnames as soon as possible.
Each certificate you upload must have a matching private key. Private keys use cipher suites to encrypt communications through a set of algorithms and protocols, making them secure. Be sure you understand the following limitations about the private keys and cipher suites you use for Fastly TLS:
- Fastly TLS does not support the Triple DES (3des) cipher suite.
Supported cipher suites
Each certificate you upload must have a matching private key. Private keys use ciphers to encrypt communications through a set of algorithms and protocols, making them secure. Fastly supports the following cipher suites.
TLS 1.3
The following ciphers are supported on TLS 1.3, the default version of TLS used when setting up TLS for the first time.
For the highest level of security, we recommend using these ciphers.
| RFC cipher name | openssl cipher name |
|---|---|
TLS_AES_256_GCM_SHA384 | TLS13-AES-256-GCM-SHA384 |
TLS_CHACHA20_POLY1305_SHA256 | TLS13-CHACHA20-POLY1305-SHA256 |
TLS_AES_128_GCM_SHA256 | TLS13-AES-128-GCM-SHA256 |
TIP
TLS 1.3 also supports key exchanges X25519 and X25519MLKEM768.
TLS 1.2
The following ciphers are supported on TLS 1.2, the minimum standard version of TLS supported by Fastly.
| RFC cipher name | openssl cipher name |
|---|---|
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 | ECDHE-RSA-AES128-GCM-SHA256 |
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 | ECDHE-ECDSA-AES128-GCM-SHA256 |
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 | ECDHE-RSA-AES256-GCM-SHA384 |
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 | ECDHE-ECDSA-AES256-GCM-SHA384 |
TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 | ECDHE-RSA-CHACHA20-POLY1305 |
TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 | ECDHE-ECDSA-CHACHA20-POLY1305 |
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 | ECDHE-RSA-AES128-SHA256 |
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 | ECDHE-ECDSA-AES128-SHA256 |
Legacy ciphers
The following are legacy ciphers supported only on TLS versions 1.0 - 1.1 and require a dedicated IP address to create custom cipher suites. These ciphers should only be used in edge cases, such as for compatibility with older devices. Where possible, we recommend upgrading to TLS 1.3 for the highest level of security.
| RFC cipher name | openssl cipher name |
|---|---|
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA | ECDHE-RSA-AES128-SHA |
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA | ECDHE-ECDSA-AES128-SHA |
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA | ECDHE-RSA-AES256-SHA |
TLS_RSA_WITH_AES_128_GCM_SHA256 | AES128-GCM-SHA256 |
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA | ECDHE-ECDSA-AES256-SHA |
TLS_RSA_WITH_AES_128_CBC_SHA | AES128-SHA |
TLS_RSA_WITH_AES_256_CBC_SHA | AES256-SHA |
TLS_RSA_WITH_3DES_EDE_CBC_SHA | DES-CBC3-SHA |
Legacy Customer-Provided TLS Certificate Hosting Service limitations
NOTE
Fastly maintains support for its original Customer-Provided TLS Certificate Hosting Service. For information on migrating certificates from the Customer-Provided TLS Certificate Hosting Service to our current Fastly TLS offerings, contact Support.
Fastly TLS is compatible with certificates that have been uploaded as part of the Customer-Provided TLS Certificate Hosting Service with the following limitations:
- If you update previously uploaded certificates, you can continue to use the Customer-Provided TLS Certificate Hosting Service with no changes to your bill.
- Removing a previously uploaded certificate from the Customer-Provided TLS Certificate Hosting Service and uploading a new one using Fastly TLS will result in the new certificate being counted in your bill for Fastly TLS. The old certificate will continue to be billed per any contracted term for Customer-Provided TLS Certificate Hosting Service.
Next steps
Once you’ve reviewed these prerequisites and limitations, you are ready to get started with TLS. Refer to our TLS quick start guide to quickly get set up using Certainly. You can also check out our guides on Setting up TLS with certificates Fastly manages and Setting up TLS with your own certificates for more in-depth instructions.
Do not use this form to send sensitive information. If you need assistance, contact support. This form is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
