HTTPS website protection only supports TCP 443 port. If your web service needs to run on other ports such as 4433, select layer four port (non-website access) protection.
Procedure
- Log on to the Anti-DDoS Pro console.
- Go to Access > Web Service, and then click Add Domain to add the HTTPS website domain that you want to protect.
- Input Domain Name and Origin site domain or Origin site IP address accordingly.
- For HTTPS protection, select https for the Protocol option, and Port 443 will be automatically added to Origin site port.
- Click Next, and then select Anti-DDos Pro instances and ISP lines for the domain.
- Click OK. A new domain entry will be added.
- Click Upload under the HTTP/S column to enter the Upload certificate and private key page.
- Copy and paste the certificate and private key information, and click Upload.
General certificates, such as *.pem, *.cer, and *.crt certificates, can be opened in text editor tools. For other special certificate formats (for example, *.pfx, and *.p7b), you have to convert the certificate to *.pem format in advance.
Note If multiple certificate files (for example, certificate chain file) involved, you can combine the certificate information first and upload the certificate information.Certificate file sample:-----BEGIN CERTIFICATE----- 62EcYPWd2Oy1vs6MTXcJSfN9Z7rZ9fmxWr2BFN2XbahgnsSXM48ixZJ4krc+1M+j2kcubVpsE2 cgHdj4v8H6jUz9Ji4mr7vMNS6dXv8PUkl/qoDeNGCNdyTS5NIL5ir+g92cL8IGOkjgvhlqt9vc 65Cgb4mL+n5+DV9uOyTZTW/MojmlgfUekC2xiXa54nxJf17Y1TADGSbyJbsC0Q9nIrHsPl8YKk vRWvIAqYxXZ7wRwWWmv4TMxFhWRiNY7yZIo2ZUhl02SIDNggIEeg== -----END CERTIFICATE-----
Private key sample:-----BEGIN RSA PRIVATE KEY----- DADTPZoOHd9WtZ3UKHJTRgNQmioPQn2bqdKHop+B/dn/4VZL7Jt8zSDGM9sTMThLyvsmLQKBgQ Cr+ujntC1kN6pGBj2Fw2l/EA/W3rYEce2tyhjgmG7rZ+A/jVE9fld5sQra6ZdwBcQJaiygoIYo aMF2EjRwc0qwHaluq0C15f6ujSoHh2e+D5zdmkTg/3NKNjqNv6xA2gYpinVDzFdZ9Zujxvuh9o 4Vqf0YF8bv5UK5G04RtKadOw== -----END RSA PRIVATE KEY-----
- Click OK to complete the certificate upload.
Note Up to five HTTPS forwarding rules can be added. This includes configuring both HTTP and HTTPS in one forwarding rule.