SSL Certificate

SSL certificate is a digital document outlining the identity of the website.


Secure Sockets Layer, SSL, is a protocol for establishing encrypted and authenticated links between networked computers in order to keep internet connections secure and to safeguard sensitive data.

SSL identifies information about the website such as the domain name and optionally, information about the site’s owner. SSL may be establishing links between server-to-server or server-to-client.

SSL Certificate

This document is bound to a cryptographic key pair consisting of a public and private key. The public and private key consist of a string of characters for encrypting and decrypting data.

SSL certificates contain:

  • Domain name the certificate is used for
  • Owner of the certificate (for example, organization or website owner)
  • Certificate authority issuer and their digital signature
  • Subdomains associated with the certificate
  • Expiration date of the certificate
  • Public key of the certificate
Wildcard SSL Certificate

A Wildcard SSL Certificate provides a domain with unlimited subdomains. The * is a valid and unique subdomain for the same domain. For example, * could be

MySQL, PregreSQL

Each managed database comes with an SSL certificate. You can use this SSL certificate to encrypt connections between your client applications and the database.


You can encrypt traffic to your Kubernetes cluster by using an SSL certificate with the load balancer. You have to create the SSL certificate or upload it first, then reference the certificate’s ID in the load balancer’s configuration file.

DNS and Domains

Managing domains on DigitalOcean also enables our Let’s Encrypt integration for fully managed SSL certificates, which work with custom Spaces CDN endpoints and SSL termination on DigitalOcean Load Balancers.

Load Balancers

If you use HTTPS or HTTP2, you will need an an SSL certificate or to use SSL passthrough.

DigitalOcean Load Balancer Let’s Encrypt certificates are fully managed and automatically renewed on your behalf every 60 days.


Subdomains you use with the Spaces CDN must have an SSL certificate for security reasons. If you’ve added your domain to DigitalOcean, you can use DigitalOcean’s Let’s Encrypt certificates, which are fully managed and renewed every 60 days. You also have the option to manually upload an SSL certificate if you use a different DNS provider or want to upload an existing certificate.

You cannot secure a CDN’s subdomain with a custom wildcard SSL certificate that is already being used elsewhere in your account. Instead, you’ll need to add a new custom certificate during the custom subdomain set up for your CDN.

SSL Certificate Articles

View the Uptime check dashboard for information on uptime, latency, and SSL certificates, as well as for configuring alerts.
Add read-only nodes to reduce latency for users in specific regions.
Connect to MySQL database clusters from the command line or other applications.