SSL, CDN, and Custom Domains

Overview

In the past, setting up a CDN (Content Delivery Network) to speed up your site and an SSL Certificate (TLS) to secure it was a complex manual process.

DotSync has reimagined this by building these features directly into your DNS records. There is no separate software to install or certificates to buy. When you point your domain to a server, we automatically wrap it in a layer of global protection and high-speed delivery.

1. Quick Setup: The "Toggle" Method

Enabling security and speed is as simple as flicking a switch in your DotSync dashboard.

Create your record: Add an A, AAAA, or CNAME record for your website (e.g., www).
Enable the Features: Look for the CDN and TLS toggles next to the record entry and switch them to ON.
Automatic Provisioning: DotSync will immediately begin communicating with certificate authorities (like Let’s Encrypt) to secure your domain.
Wait for Launch: It usually takes a few minutes for the security certificate to be "signed" and for our global servers to begin caching your content.

Note: For the most seamless experience, we recommend using DotSync-managed Nameservers. This allows us to verify your security certificates instantly without you needing to add extra "Challenge" records.

2. Automatic SSL (TLS) Provisioning

DotSync uses the industry-standard ACME protocol to keep your site secure.

Hands-Free Renewals: We handle the renewal of your certificates automatically. You will never have to worry about a "Certificate Expired" warning on your website.
Wildcard Certificates: If you need to secure every possible subdomain (e.g., *.yourdomain.com), these require a specific DNS validation process. Please reach out to our support team, and we will configure this for you.

Common SSL "Hold-ups"

If your certificate hasn't appeared after an hour, check these three things:

Is it pointing to us? If your DNS record is wrong, the security authority can't verify that you own the domain.
Rate Limits: If you have deleted and recreated the same record many times in one hour, the certificate authority may temporarily "throttle" new requests.
DNSSEC: If you moved your domain from a high-security provider, old "DNSSEC" records might be blocking our ability to verify the new certificate.

3. The Built-in CDN

A CDN makes your website feel faster by storing "copies" of your images and files on servers closer to your visitors (e.g., a visitor in London fetches data from a London server instead of one in New York).

Global Caching: When the CDN toggle is ON, DotSync automatically decides which files to cache to provide the best speed.
External Origins: If your website is hosted on a different platform (like a specialized cloud host), DotSync will "fetch" the content from them, wrap it in our security, and then deliver it to your users.
Advanced Rules: If you need custom caching headers or specialized "bypass" rules, our support engineers can configure these advanced origin settings for you upon request.

4. Troubleshooting & Best Practices

The "Self-Signed" Warning

If you visit your site and see a "Not Secure" warning despite having the toggle ON, the certificate may still be in the Provisioning state. Give the system 10–15 minutes to finish the digital handshake.

Monitoring Performance

You can inspect your certificate details in any browser by clicking the Padlock icon next to your URL. This will show you the issuer (usually Let's Encrypt) and the validity period.

Need a Custom Configuration?

If you are running a complex multi-tenant app or need a custom origin setup, our infrastructure team is ready to assist.

Overview​

1. Quick Setup: The "Toggle" Method​

2. Automatic SSL (TLS) Provisioning​

Common SSL "Hold-ups"​

3. The Built-in CDN​

4. Troubleshooting & Best Practices​

The "Self-Signed" Warning​

Monitoring Performance​

Need a Custom Configuration?​