Setting up free TLS

  Last updated October 24, 2017

Customers can use our free shared domain TLS wildcard certificate to test TLS websites or applications using a Fastly URL (e.g., https://<name>.global.ssl.fastly.net/).

Before you begin

Before you begin setting up free TLS, understand the following:

Setting up free TLS for the first time

Follow the steps below to set up free TLS:

  1. Log in to the Fastly web interface and click the Configure link.
  2. From the service menu, select the appropriate service.
  3. Click the Configuration button and then select Clone active. The Domains page appears.
  4. Click the Create domain button. The Create a domain page appears.

    the Create a domain page set up with TLS to Fastly's shared cert

  5. Fill out the Create a domain fields as follows:
    • In the Domain Name field, type <name>.global.ssl.fastly.net, where <name> is a single word that claims the domain you're creating. You cannot use a dot-separated name (e.g., www.example.org.global.ssl.fastly.net) because TLS certificates do not support nesting. If the name you choose has already been claimed, you will need to pick a different one.
    • In the Comment field, type a human-readable name for the domain. This name appears in the Fastly web interface.
  6. Click the Create button to save the domain. The new domain appears in the list of domains.
  7. Click the Activate button to deploy your configuration changes.

Once you've set up free TLS, you'll be able to access your host domain via the https://<name>.global.ssl.fastly.net/ URL. You won't need to add CNAME records to use the shared domain certificate.

Using HTTP/2 with free TLS

Your <name>.global.ssl.fastly.net domain name currently supports HTTP/1.1 and will be updated to support HTTP/2 later in 2017. To test HTTP/2 today, you can use <name>.freetls.fastly.net, which is automatically made available for all Fastly services. For example, if you originally claimed example.global.ssl.fastly.net during setup, Fastly automatically created example.freetls.fastly.net with support for HTTP/2 and HTTP/1.1.

Additional resources:

Back to Top