In a managed CNAME setup, you get an Acquia-managed domain that
acts as the DNS target for your hostnames. This domain takes the
form [codebase].acquiaedge.net
where [codebase]
is
the name of the codebase for your application protected by Acquia
Edge. You can use any hostnames specified as the Fully-Qualified
Domain Name for any domains served by your application.
Note
Managed CNAME setups are available only to new customers who started with Acquia Edge after January 1, 2021. To reference setups for pre-existing deployments, see Getting started with Acquia Edge.
[codebase].acquiaedge.net
for the specific domain that Acquia supplied to you for your application.The DNS tab is not used to manage any hostnames that you can use with Acquia Edge. You will see several Acquia-defined records resolving to your application.
Note
Do not modify any records defined on the DNS tab unless the elastic IP addresses for your application change.
To add a hostname to your managed CNAME setup, do the following:
On the SSL/TLS tab, navigate to the Custom Hostnames section.
Select Add a Custom Hostname.
In the Custom Hostname field, enter the fully-qualified domain name.
This can be a bare domain or subdomain. Use of the Enable Wildcard option may introduce DNS resolution issues if you have domains on another Cloudflare account. This option is not allowed with Acquia Edge.
Note
The minimum TLS version is defined based on the hostname.
You can only add hostnames that are defined as valid domains for your application on Acquia Platform.
You can view the status of any hostnames in the Custom Hostnames section of the SSL/TLS tab.
After the validation is complete, a single dedicated SSL certificate is issued for each hostname that you add. By default, the validation is performed over HTTP.
For SSL to validate for a hostname:
With the HTTP validation, there are several minutes of downtime following the DNS cutover for any hostnames. To avoid this downtime, you must do the pre-validation of certificates.
If you use the TXT validation method, your certificates are issued before modifying DNS for any hostnames.
To change the validation method, select TXT Validation from the Validation Method drop-down menu when adding or modifying a custom hostname. Acquia does not recommend you to use email validation unless you are a publicly listed administrator or webmaster in WHOIS for your domains.
You can also upload a certificate by providing the certificate file and private key. To do so, select Custom Certificate when adding a custom hostname.
Acquia Edge only accepts the following three types of publicly trusted certificates:
If you attempt to upload a self-signed certificate or a certificate of another type, it is rejected.
Warning
The use of any wildcard certificates is not permitted if you also maintain any of the domains covered by the SAN in a third-party Cloudflare subscription.
Note
The Edge Certificates section of the SSL/TLS tab is not used to view or manage any certificates for your domain in a managed CNAME setup.
Prior to launch, Acquia strongly recommends testing Acquia Edge.
After you have configured your hostnames and defined any other caching or security settings for your domains, you are ready to launch.
To launch a domain using the managed CNAME setup for Acquia Edge, complete the following steps:
Plan your CNAME records for launch. In this step, you do not update your DNS, but instead confirm that you have the correct CNAME records for your DNS update on your scheduled launch date.
For each hostname, create a record in your authoritative DNS
resolving to the acquiaedge.net
domain for your application.
For example, for the hostname www.example.com
with the codebase mysite
:
For any bare domains, you can use a record resolving the IP addresses returned when performing a DNS lookup against the [codebase].acquiaedge.net domain corresponding to your application.
Sign in to your DNS provider.
Add the planned records for your desired domain to your authoritative DNS provider.
Verify whether the traffic is going through Acquia Edge.
For more information, see Confirming traffic is going through Acquia Edge.