Secure your services
Remove barriers around TLS setup and management. Our offerings allow organizations to deliver secure and private experiences, supporting needs ranging from a single domain to complex security requirements.
On this page
TLS Simplified
Trust, privacy, and security are fundamental components of modern websites and applications. While Transport Layer Security (TLS) used to be optional, it is now expected by all consumers - 94% of traffic across Google is encrypted. Beyond trust, security, and privacy, TLS can also have positive (or negative) impacts on business performance. Browsers prominently display to end users when connections are secure, and provide warnings for domains without TLS. Plus, there can be serious consequences to SEO performance like not being included in search results entirely.
But, certificates are often hard to manage, meaning valuable resources need to dedicate time to managing them and errors can result in downtime if a certificate expires or is compromised.
Our portfolio of TLS offerings allows every organization to deliver secure and private experiences to their end users, designed to address a variety of customer types and needs — whether you just want to turn on TLS for a single domain or have detailed and complex security requirements.
Key benefits
Flexibility and control
With options to use our TLS certificates or bring your own, you gain full control over your certs via our UI, API, or white-glove service. Plus, auto-renewals for Fastly-managed TLS allow you to stay focused on creating excellent user experiences, not managing certs.
Simplified management
Frictionless setup and management enables you to focus on building great websites or applications — rather than wasting cycles configuring TLS. With Fastly, you can enable TLS on a domain in minutes with just a few clicks.
Performance and scale
Fastly provides worldwide TLS termination with powerful edge servers located closer to your users. This reduces the round trip times and the total performance costs of TLS handshakes. We’ve got you covered regardless of deployment complexity or number of web properties.
Stay current with TLS
We provide end-to-end TLS 1.3 support that enables secure and fast experiences from the client to the origin. Plus, we support Mutual TLS (mTLS) for authenticating client certificates and securing public facing APIs, mobile apps, IOT devices and more.
Yelp would be nothing if not for our users —they’ve voluntarily contributed information to us and we have a duty to protect it; their privacy is critical to our business. By enabling us to mitigate DDoS attacks and terminate TLS at the edge, Fastly empowers us to protect our users while providing consistent and fast experiences.
Fred Hatfull
Engineering Manager
Our Offerings
Fastly TLS
Frictionless setup and management for foundational encryption needs, including:
Management via UI and API
Managed certificates from your choice of:
Our Certification Authority (Certainly)
A non-profit CA
Commercial CA
Unmanaged certificates (bring your own)
Concierge TLS
Our Enterprise support add-on for addressing more complex requirements including:
Dedicated concierge support email address
TLS configuration review and optimization
Support for custom cipher suites outside our defaults (requires dedicated IP*)
Fallback certificate management and provisioning
Legacy TLS (1.0 and 1.1) support (requires dedicated IP*)
Advanced service pinning configuration (requires dedicated IP*)
Platform TLS
Platform TLS is designed for organizations that want to maintain control of the certificate lifecycle, need to use a specific CA, or have regulatory requirements that require use of a specific CA. It includes an API for setup and can support a high-volume of domains. Platform TLS supports Domain Validated(DV), Organization Validated (OV), and Extended Validation (EV) certificates.
Related resources
Meet a more powerful global network.
Our network is all about greater efficiency. With our strategically placed points of presence (POPs), you can scale on-demand and deliver seamlessly during major events and traffic spikes. Get the peace of mind that comes with truly reliable performance — wherever users may be browsing, watching, shopping, or doing business.
377 Tbps
Edge network capacity1
150 ms
Mean purge time with Instant Purge™
>1.8 trillion
Daily requests served4
~90% of customers
Run Next-Gen WAF in blocking mode3
As of March 31, 2024
As of December 31, 2019
As of March 31, 2021
As of July 31, 2023