检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
All QUIC traffic is encrypted, improving transmission security. It reduces the transmission and connection delay and prevents network congestion. Supported Version IETF-v1 (H3) Prerequisites An international HTTPS certificate has been configured.
Figure 3 RSA private key If the certificate chain of a private key file contains the following information: -----BEGIN PRIVATE KEY----- and -----END PRIVATE KEY-----, or -----BEGIN ENCRYPTED PRIVATE KEY----- and -----END ENCRYPTED PRIVATE KEY-----, you need to use the OpenSSL tool
Accelerating Downloads of Files Encrypted by KMS By default, CDN cannot read encrypted files in OBS buckets. If such files exist in your OBS bucket, enabling CDN acceleration may cause leakage of encrypted objects.
Table 1 CDN data protection measures Measure Description Encrypted transmission Huawei Cloud CDN supports HTTPS and HTTP/2 on the entire network. For details, see HTTPS Settings. Certificate management Huawei Cloud CDN supports batch SSL certificate configuration.
If files in your OBS bucket are encrypted using KMS, assign the kms:cmk:get and kms:dek:crypto policies to the CDNAccessPrivateOBS agency so that CDN can read and accelerate delivery of the encrypted files.