Convert HTTP (non-secure) requests from your clients to use secure HTTPS for the remainder of the request flow. This improves security of the data transferred between the edge and your origin server.
A complete request flow involves three total entities:
- The client making the request.
- The Akamai edge server, where your property is read, and target content may be cached.
- The origin where the target content is actually hosted.
With this behavior added, all requests in the flow between the Akamai edge and your origin are converted to HTTPS to secure them. Since TCP is stateful, an HTTP request from a client must be answered with an HTTP response. If you require a complete HTTPS connection end-to-end, consider implementing a redirect from the original HTTP URL to an HTTPS one.
This behavior doesn't include any options. Adding it to your property enables the conversion. However, you need to:
Prepare your origin server. This covers the various types of secure origin and how to set them up.
Add an origin server to your property. You need to use the Origin Server behavior to properly configure your origin in your property.
The upgrade is to Standard TLS (HTTPS L1). If you want to use more secure Enhanced TLS to transfer personally identifiable information (PII), you need to prepare an Enhanced TLS certificate and apply it to your Property Hostname. There are multiple ways to do this:
The Custom Certificate method (Default). Here, you'll use Akamai's Certificate Provisioning System (CPS) to prepare the certificate, wait for it to provision, then you can apply it when you add a new property hostname.
The Default Certificate method (Limited Availability, only). This process lets you select this level of security when you add a property hostname, and Akamai automatically creates the certificate for you, in the background.
This behavior uses 443 as the forward port for all products other than Adaptive Media Delivery (AMD), Download Delivery, and Object Delivery.
Updated 6 months ago