SSL. Add SSL certificate to your DDoS protection resource

To add an SSL certificate to your domain or subdomains go to the resource Settings -> SSL -> Edit


There are three options:

  • None
  • Let's Encrypt
  • Custom.


There is no SSL certificate, the content is delivered via HTTP.

Let's Encrypt 

It is a paid option, to activate it, please, contact the Support Team. 

If you choose this option we will request an SSL certificate for your domain name and will be regularly renewing it automatically. To obtain the certificate we have to show to the certificate authority that our server controls your domain. One of the ways to do that is an A-record. So for us to have a certificate issued for your domain you have to change an A-record in your DNS settings and point your domain name to the protected IP address. Keep in mind that once the A-record has been changed it takes time for the DNS servers to renew their cache (depends on the TTL setting). If some old records are still circulating the certificate authority might not see that your domain name is pointed to our IP and deny the certificate issue. The disadvantage is that for the time spent on issuing the certificate the website would only be available via HTTP.

Once the SSL certificate is issued we will automatically renew it if you keep the Let's Encrypt option enabled in the Control Panel.

If you decide to stop using Let's Encrypt certificate and switch settings to None, we will stop renewing the certificate but the previously issued one will stay active until its expiration date.


You can add any SSL certificate by adding a certificate in PEM format and a private key. It will be your responsibility to timely update such certificates.

How to start using Let's Encrypt right away?

To avoid a period when your website will only be available via HTTP use these guideline:

  1. Create a resource in the Control Panel but don't change the A-record. Issue a Let's Encrypt certificate by yourself
  2. Add this certificate as a Custom one to the Contol Panel
  3. Change the A-record in your DNS settings
  4. Wait untill the old DNS records will get removed (keep in mind the TTL value)
  5. In the SSL settings change the value from Custom to Let's Encrypt and save the new settings.

Once you change the settings we will issue a new Let's Encrypt certificate for your resource and will regularly renew it.

Was this article helpful?
Recently viewed articles