Go to the Configurations section in the main menu of CMv3, click add Configuration, and give it a unique name without spaces or dashes. You are now ready to add your Properties. Read on to become familiar with optional and required settings.
Add Properties to your Configuration
Click "Add property", and give it a unique descriptive name that distinguishes it from others. Giving it the same name as your Primary Alias is a useful convention to follow.
A property is composed of the following elements:
1. Origin Fill Policy Definition
An Origin Fill Policy represents the source of the content you want to be delivered by the Lumen CDN. When you create a property, you may select an existing one or create a new one from scratch. You’ll provide all the necessary details regarding accessing your source content, including but not limited to Host address, fill protocol, fill port, and authentication details if protected.
We offer two type of policies:
Single Origin: this option allows you to define a single origin host name to use as the content source.
Failover: if you have several copies of your source content, You can add up to two additional failover origins to a primary origin in case the primary isn’t reachable.
Origin Fill Policy components
Name your policy something meaningful for easy reference. Additionally, we’ll need you to provide the Fully Qualified Domain Name (FQDN) or IP address of the host members. If desired, we can also use the host header of the client request. And if needed, we can also prefix the processed request URI with the webroot you provide.
Origin Fill Policy Name: Chose a unique descriptive name, especially if you opt to reuse it in other Property Definitions. This one of many definitions you will find in the Definitions tab. (Definitions are covered in the Match Logic section.)
Origin Host (FQDN or IP address): By default, an origin is defined by its host name (Fully Qualified Domain Name) or an IP address. You can choose the “use client host header” option if you would like to use the client request’s host header as the default value. In this case, you will need to provide an IP or DNS address for the origin.
Origin Address (IP or DNS): This is required if you elected to use the client host header option for the Origin Host value.
Webroot: The webroot value will be prefixed to requests for origin content. For instance, if you use the Webroot value /mystreams content stored under myOrigin will be directly accessible through www.myalias.net/manifest.mpd.
Cache fill options
You tell us which cache fill protocol, and cache fill port to use and whether we should proceed to obtain and delivery the content if we encounter certificate errors for any origin policy member. Most importantly, we’ll need to know if and how to authenticate when requesting resources, be it through values provided in headers or via AWSv4. More authentication methods will be added in the near future.
Cache Fill Protocol: The internet protocol required to access the origin.
Ignore Invalid Certificate: If selected, origin server certificate errors will be ignored.
Cache fill port: The destination port for the origin. By default, 80 is used for HTTP and 443 for HTTPS.
Authentication: If your origin content is protected, you can add one of the authentication methods below:
Timeouts and retries: You have the option to define the following to convey when to give up trying to contact your origin host. This applies to each origin in your Origin Fill Policy.
HTTP Timeout: The time to wait in seconds for an HTTP response from the origin before it is considered failed.
Connection Timeout: The maximum time to wait, in seconds, that is allowed to establish a connection to an origin server.
Timeout Retries: The number of connection timeout retries before giving up. Each retry will follow the Connection Timeout policy. 0 indicates never retry.
Failover Conditions: Each origin member of a failover origin group has its own time out and retry settings; however, you can set up specific failover conditions instead. If you have both individual timeout and retry settings, the failover conditions will take precedence. Failover conditions are comprised of the following options. You use some or all of these options, but only one needs to evaluate to true to result in a failover.
HTTP Timeout: The time to wait in seconds for an HTTP response from the origin before failing over.
5XX: Failover if an origin request results in a 5xx response code.
4XX: Failover if an origin request results in a 4xx response code.
Expression: Using the Lumen Expression Language to create failover criteria.
Aliases are essentially host names you would like served by the Lumen CDN. You can define one or several Aliases to serve content from the same origin. You can use either your own domain names for CDN delivery or use shared Lumen CDN subdomains. If you use your own domain, you will need to connect your hostname to the CDN delivery via a CNAME record in your DNS.
Primary Alias (Required): The Primary Alias corresponds to the main hostname CDN content will be served from for this property. Its protocol settings are shared by all other aliases by default. It is also the name you see in real-time and historical usage reports. By default, all traffic to all property aliases are reported under the primary alias URL in aggregate.
Secondary Alias(es) (Optional): Add secondary aliases if you would like to be able to serve the same origin content under different mirror URLs. Secondary aliases share the same protocol and cache key, as they share the same origin.
Delivery Protocol: Choose between HTTP and HTTPS.
SSL Certificate type (HTTPS only): To use HTTPS, configure your SSL settings:
Use a protected Lumen subdomain: this option allows you to secure your content without having to create a certificate with a CA. Your content will be distributed via a Lumen subdomain (i.e., https://mysite.secure.footprint.net or http://mysite.secure2.footprint.com if you’ve enabled HTTP2). Your primary and secondary aliases must be inside one of these subdomains.
Use my own certificate (SNI): this option allows you to use your own SSL certificate you have obtained from a CA. To use this option, make sure you have already added the corresponding SSL certificate in our Certificates section.
Use my own certificate (dedicated IP): This option allows you to get a dedicated IP address for your certificate. This is a premium option; please contact Support or your Sales representative to get a quote.
Learn more about how to set up SSL in your properties and manage your SSL certificates.
Encryption levels (HTTPS only): You can modify the default server encryption settings:. We provide three encryption level options:
Risky: corresponds to Mozilla’s Modern configuration. This configuration uses the most recent cypher suites, for clients with no need for backwards compatibility. Warning: Choosing this option can break content accessibility for some of your users.
Default (recommended): corresponds to Mozilla’s Intermediate configuration. This is the recommended configuration for the vast majority of services, as it is highly secure and compatible with nearly every client released in the last five (or more) years.
Advanced: corresponds to Mozilla’s Old configuration. This configuration is compatible with a number of very old clients, and should be used only as a last resort.
We strongly recommend that you leave the Default setting to optimize content deliverability.
OCSP (HTTPS only): Select this option to activate OCSP (Learn more about Online Certificate Status Protocol).
HTTP/2 (HTTPS only): Select this option to activate HTTP/2.
Certificate: Here you can choose the corresponding certificate from the list of certs you have uploaded in the Certificates section.