Tls

Synopsis This chapter describes how transport security and certificate management function in a multi-CDN deployment. Topics include certificate lifecycle and automation, subject naming choices, OCSP and certificate transparency, origin authentication with mutual TLS, session behavior across providers, and controls that keep the security posture consistent while avoiding service disruption. Scope and goals The transport layer must present a uniform and reliable interface regardless of which CDN serves a connection. Users should see correct certificates, modern protocol support, stable cipher policy, and predictable session behavior. Operations should see an automated lifecycle that avoids expirations, supports rapid revocation, and provides clear observability. The origin path should authenticate CDNs in a way that cannot be replayed from the public internet. ...