Knowledge Base
medianova.comSupportLog in
  • Welcome to the Medianova Knowledge Base
  • Getting Started
    • Concepts
    • Start your Free Trial
  • Products
    • Security
      • DDoS Protection
      • SSL/TLS Encryption
        • How to upload and manage SSL Certificates?
        • How to Extract CRT and KEY Files from a PFX Certificate
        • How can I use Free SSL?
        • FAQ
      • Web Application Firewall (WAF)
        • How to activate WAF?
        • Analytics
      • Rate Limiting
      • Hotlink Protection
      • IP Restriction
      • Geoblocking
      • FAQs
    • Performance / CDN
      • Static Content Delivery
        • Create Small Resource
        • Create Large Resource
        • Integrating Static CDN Resource
        • Configuration Basics
          • Medianova IP Blocks
        • Advanced Configuration
          • Origin Settings
            • Advanced Origin Settings
            • Rewrite Origin URLs
            • Origin SNI Request
            • Redirect Handle From Origin
            • Origin Response Timeout
          • CNAME
          • Caching
            • Edge Cache Expiration
            • Browser Cache Rule
            • Query String Caching
            • Etag Verification
            • Error Status Code Cache Expiration
            • Shared Cache
            • Stale Cache
            • Robots.txt file
            • Range Based Caching
          • Headers
            • CORS Header
            • Custom Header
            • X-CDN Header
            • Origin Host Header
            • HTTP Strict Transport (HSTS) Protection
            • X-Frame Options
            • X-XSS Protection
            • X-Content Type Options
          • Purge
          • Prefetch
          • Page Rules
            • Manage Page Rules
            • Page Rules Settings
          • Compression
            • How to Configure Gzip and Brotli
        • Website Framework Integrations
          • Magento CDN Integration
          • Wordpress CDN Integration
          • Phalcon CDN Integration
          • CakePHP CDN Integration
        • Analytics
      • Dynamic Content Acceleration
        • Create Dynamic Resource
        • Integrating Dynamic CDN Resource
        • Aksela Test Steps
        • Advanced Configuration
          • Origin Settings
            • Advanced Origin Settings
            • Rewrite Origin URLs
            • Origin SNI Request
            • Redirect Handle From Origin
            • Origin Response Timeout
          • Caching
            • Edge Cache Expiration
            • Browser Cache Rule
            • Query String Caching
            • Etag Verification
            • Error Status Code Cache Expiration
            • Shared Cache
            • Stale Cache
            • Disallow Cookie Base Cache
            • Cookie Base Cache
            • Header Base Cache
            • Header Value Base Cache
            • MNUID Cookie Base Cache
            • Mobile Redirect
          • Headers
            • CORS Header
            • Custom Header
            • X-CDN Header
            • Origin Host Header
            • HTTP Strict Transport (HSTS) Protection
            • X-Frame Options
            • X-XSS Protection
            • X-Content Type Options
          • Purge
          • Prefetch
          • Page Rules
          • Compression
        • Analytics
      • Streaming Content Delivery
        • Create Streaming Resource
        • Advanced Configuration
          • Origin Settings
            • Redirect Handle From Origin
            • Origin Response Timeout
          • Headers
            • CORS Header
            • Custom Header
            • X-CDN Header
            • Origin Host Header
          • Stream Management
        • Analytics
      • API Caching
      • Private CDN
      • Image Optimization and WebP
        • What is Image Optimization and How Does It Work?
        • What is WebP and How Does It Work?
        • How to Activate Image Optimization and WebP?
        • Analytics
      • FAQs
    • Object Storage / Stook
      • What is Stook?
      • How to Create Stook?
      • How to Connect Bucket?
      • Access Key Management
      • Stook Integration and Usage Guides
        • Migrating Data to Stook Using Rclone
        • Data Transfer to Stook with Cyberduck
        • How to use the AWS SDK for Laravel with Stook?
        • How to use the AWS SDK for PHP with Stook?
        • How do I use the AWS SDK for .NET with Stook?
        • Stook Storage User Guide for AWS CLI
        • How to use AWS SDK for JavaScript with Stook?
        • How do I use Stook with the AWS Java SDK?
        • Using Pre-Signed URL PHP with Stook
        • Using Pre-Marked URL NODEJS With Stook
    • Analytics (MN Logz)
      • Real-Time Logpush
      • Raw Logs
  • Account & Billing
    • Managing Account and Organizations
      • Create new organization
      • Invite user
      • Changing Cloud Panel password
      • Access Controls and Authentication
    • Subscription and Billing
      • Packages
        • Free Trial
        • Starter
        • Growth
        • Enterprise
        • Add-ons
      • Policy
      • Upgrade & Downgrade Procedures
      • Changing your subscription package
      • Payment Info
      • Invoices
  • API Documentation
    • Authentication
    • Security
      • Web Application Firewall (WAF)
      • SSL/TLS
      • Always Use HTTPS Settings
      • Origin Basic Authentication
      • Secure Token
      • Bot Protection
      • Hotlink Protection
      • User Agent ACL
      • IP Restriction ACL
      • Geoblocking
    • Performance / CDN
      • Resources
      • Origin Settings
      • CNAME & SSL
      • Caching
      • Headers
      • Image Optimization & WebP
      • Page Rule
      • Purge
      • Prefetch
      • Stream Management
    • Object Storage / Stook
    • Analytics
      • WAF Analytics
  • Support and Troubleshooting
    • Common Issues and Solutions
      • Troubleshooting Common Setup Issues
      • Troubleshooting Performance Problems
    • Contacting Customer Support
  • Glossary
    • Definition of Important CDN Terms
    • Acronyms and Abbreviations
    • Definition of HTTP Status Error Codes
Powered by GitBook
LogoLogo

© 2025 Medianova. All rights reserved.

On this page
  • Step 1: Accessing the Panel
  • Step 2: Adding a New SSL Certificate
  • Step 3: Assigning the SSL to a CDN Resource
  • SSL Upload Methods Overview
  • Managing SSL Certificates
  • Certificate Chain Requirements

Was this helpful?

Export as PDF
  1. Products
  2. Security
  3. SSL/TLS Encryption

How to upload and manage SSL Certificates?

PreviousSSL/TLS EncryptionNextHow to Extract CRT and KEY Files from a PFX Certificate

Last updated 1 month ago

Was this helpful?

This guide explains how to install an SSL certificate on the Medianova client panel, either by using your own SSL certificate or activating a free SSL certificate issued by Let's Encrypt.

Field
Description

SSL Name

The name assigned to the certificate within your organization.

Domain Name

The domain (or wildcard domain) that the certificate will secure.

Certificate (.crt)

Upload the public certificate file (CRT). This authenticates the domain and enables secure HTTPS communication.

Private Key

The private key used in the SSL encryption process. It must match the certificate and be kept secure.

Certificate Password

If using a .pfx or encrypted private key, provide the password here. Leave blank if not applicable.

PFX Certificate

A .pfx file that includes the certificate, private key, and chain in one bundle. Used instead of separate files.

Step 1: Accessing the Panel

You can access the Medianova Cloud Panel by logging in with your username and password at .

Click on the "CDN → SSL Management" option on the left menu. SSL certificates added to your organization will be listed on this page. If you don’t own an SSL certificate, proceed directly to Step 2.5.

Step 2: Adding a New SSL Certificate

To add a new SSL certificate to your organization, click the "Add New SSL" button located at the top right of the SSL Management page.

You will then see a screen that allows you to select how you want to upload your SSL:

You can choose one of the following methods:

  • Extract from Domain: Automatically retrieve the certificate if it's already active on your domain.

  • Paste Certificate Content: Manually paste the CRT and private key.

  • Upload Files Individually: Upload .crt and .key files directly.

  • Upload a .pfx Bundle: Upload a single PFX file that contains the certificate, key, and chain.

Hint: The next screen you see will vary based on the method you choose. Make sure your private key matches the certificate to avoid upload errors.

Step 3: Assigning the SSL to a CDN Resource

To use the SSL certificate you uploaded for one of your CDN Resources or choose the “Shared SSL” option, please click on the “CDN → CDN Resources” option on the left menu of the panel. Press on the specific CDN Resource among the listed ones and navigate to the SSL tab. (This tab is named as “CNAME & SSL” for Small and Large resource types, whereas it is named as “SSL” for Streaming, VOD and Dynamic resource types.

On this SSL tab, you can either select the “SNI” option and apply the SSL certificate you uploaded to your selected CDN Resource; or you can choose the “Shared SSL” option if you don’t own an SSL certificate yourself. Select the preferred option and save changes.

SSL Upload Methods Overview

When selecting Own SSL, you will be presented with several options for uploading your certificate:

A) Extract from Domain (Auto-Fetch)

Attempts to pull the certificate from your domain if it's already serving SSL.

Hint: This method may fail if your server is not reachable over HTTPS or if port 443 is blocked.

B) Paste Certificate Content

Paste your domain certificate, intermediate CA bundle, and private key.

C) Upload Files Individually

Upload .crt and .key files separately.

Hint: Make sure your private key and certificate are a valid pair.

D) Upload a .pfx (PKCS#12) File

Upload a bundled certificate that includes the key and full chain.

Hint: If password-protected, don’t forget to fill in the password field.

Managing SSL Certificates

From the SSL Management page, you can:

  • Edit SSL Name: Rename the SSL certificate using the dedicated option shown in the edit pop-up window.

  • Replace with New SSL: Replace an existing certificate entirely with a new one.

  • Delete: Remove a certificate from your organization after confirmation.

Hint: To update the certificate or private key, select the New SSL option in the edit pop-up. This allows you to fully replace the existing certificate with a new one.

Certificate Chain Requirements

When uploading your own SSL, you must:

  • Upload the full chain (Leaf + Intermediate [+ Root])

  • Or just the leaf certificate — the system will try to complete the chain automatically

Hint:

  • The Leaf Certificate (sometimes wrongly called "lead chain") is the actual certificate for your domain.

  • Intermediate Certificates bridge your certificate to a trusted root authority.

  • Root Certificates are trusted directly by browsers and operating systems.

✅ A Full Chain includes the leaf + intermediate(s) [+ root].

✅ Always prefer uploading the full chain to avoid trust issues.

For further assistance, please contact your system administrator or .

Medianova support
cloud.medianova.com