SSL certificate is a digital document outlining the identity of the website.
Secure Sockets Layer, SSL, is a protocol for establishing encrypted and authenticated links between networked computers in order to keep internet connections secure and to safeguard sensitive data.
SSL identifies information about the website such as the domain name and optionally, information about the site’s owner. SSL may be establishing links between server-to-server or server-to-client.
This document is binded to a cryptographic key pair consisting of a public and private key. The public and private key consist of a string of characters for encrypting and decrypting data.
SSL certificates contain:
Each managed database comes with an SSL certificate. You can use this SSL certificate to encrypt connections between your client applications and the database.
You can encrypt traffic to your Kubernetes cluster by using an SSL certificate with the load balancer. You’ll have to create the SSL certificate or upload it first, then reference the certificate’s ID in the load balancer’s configuration file.
Managing domains on DigitalOcean also enables our Let’s Encrypt integration for fully managed SSL certificates, which work with custom Spaces CDN endpoints and SSL termination on DigitalOcean Load Balancers.
If you use HTTPS or HTTP2, you will need an an SSL certificate or to use SSL passthrough.
DigitalOcean Load Balancer Let’s Encrypt certificates are fully managed and automatically renewed on your behalf every 60 days.
Subdomains you use with the Spaces CDN must have an SSL certificate for security reasons. If you’ve added your domain to DigitalOcean, you can use DigitalOcean’s Let’s Encrypt certificates, which are fully managed and renewed every 60 days. You also have the option to manually upload an SSL certificate if you use a different DNS provider or want to upload an existing certificate.
Note that you cannot secure a CDN’s subdomain with a custom wildcard SSL certificate that is already being used elsewhere in your account. Instead, you’ll need to add a new custom certificate during the custom subdomain set up for your CDN.