You are viewing the legacy StackPath SecureCDN Help Center. Please use if you signed up after July 1, 2018 or log in through

StackPath Support

SSL Options Explained

The article describes the current SSL options available to StackPath Secure CDN customers. 

Shared SSL

Shared SSL is free, enabled by default, and is a good option to provide protection for assets being delivered through the StackPath Secure CDN.  When using Shared SSL, the URL's of assets being delivered through the StackPath SecureCDN will look like and is available via http and https. Please note that the certificate for this domain only covers the * hostname and does not cover a CNAME to this domain.

Only assets served by the StackPath Secure CDN are protected with a Shared SSL certificate. 

Some customers prefer to hide the CDN url of assets on their website and use a namespace that is tied to their domain. For these customers the SNI SSL option is a better option. 


SNI SSL allows you to install your own custom SSL certificate using a shared IP address. SNI is widely supported in modern browsers, but can potentially cause compatibility issues with old browsers versions and some mobile devices (IE6 on Windows XP or older).

​This option will allow you to install your own SSL Certificate, Private Key, and CA/Chain-Bundle (if you have one). You need to click on each option to open the text box in which you will paste the data; whether it is the SSL Certificate, the Private Key, and the CA/Chain-Bundle. It will take about a minute or less, then the SSL certificate will be installed.

SNI is widely supported in modern browsers, but older versions and some mobile devices might encounter compatibility issues. Shared IP addresses are used with SNI SSL.

The image below provided a quick description of how SNI SSL works:

How SNI SSL works

Return to top