Fastly TLS Encryption

Secure your services

TLS encryptionContent deliveryStreaming mediaNetwork services

Remove barriers around TLS setup and management. Our offerings allow organizations to deliver secure and private experiences, supporting needs ranging from a single domain to complex security requirements.

On this page

TLS Simplified

Trust, privacy, and security are fundamental components of modern websites and applications. While Transport Layer Security (TLS) used to be optional, it is now expected by all consumers - 94% of traffic across Google is encrypted. Beyond trust, security, and privacy, TLS can also have positive (or negative) impacts on business performance. Browsers prominently display to end users when connections are secure, and provide warnings for domains without TLS. Plus, there can be serious consequences to SEO performance like not being included in search results entirely. 

But, certificates are often hard to manage, meaning valuable resources need to dedicate time to managing them and errors can result in downtime ​​if a certificate expires or is compromised.

Our portfolio of TLS offerings allows every organization to deliver secure and  private experiences to their end users, designed to address a variety of customer types and needs — whether you just want to turn on TLS for a single domain or have detailed and complex security requirements. 

Key benefits 

Flexibility and control 

With options to use our TLS certificates or bring your own, you gain full control over your certs via our UI, API, or white-glove service. Plus, auto-renewals for Fastly-managed TLS allow you to stay focused on creating excellent user experiences, not managing certs.

Simplified management

Frictionless setup and management enables you to focus on building great websites or applications — rather than wasting cycles configuring TLS. With Fastly, you can enable TLS on a domain in minutes with just a few clicks. 

Performance and scale

Fastly provides worldwide TLS termination with powerful edge servers located closer to your users. This reduces the round trip times and the total performance costs of TLS handshakes. We’ve got you covered regardless of deployment complexity or number of web properties. 

Stay current with TLS

We provide end-to-end TLS 1.3 support that enables secure and fast experiences from the client to the origin. Plus, we support Mutual TLS (mTLS) for authenticating client certificates and securing public facing APIs, mobile apps, IOT devices and more.


Yelp would be nothing if not for our users —they’ve voluntarily contributed information to us and we have a duty to protect it; their privacy is critical to our business. By enabling us to mitigate DDoS attacks and terminate TLS at the edge, Fastly empowers us to protect our users while providing consistent and fast experiences.

Fred Hatfull

Engineering Manager

Our Offerings

Fastly TLS

Frictionless setup and management for foundational encryption needs, including: 

  • Management via UI and API 

  • Managed certificates from your choice of:

    • Our Certification Authority (Certainly)

    • A non-profit CA

    • Commercial CA

    • Unmanaged certificates (bring your own)

Concierge TLS

Our Enterprise support add-on for addressing more complex requirements including: 

  • Dedicated concierge support email address 

  • TLS configuration review and optimization 

  • Support for custom cipher suites outside our defaults (requires dedicated IP*) 

  • Fallback certificate management and provisioning 

  • Legacy TLS (1.0 and 1.1) support (requires dedicated IP*) 

  • Advanced service pinning configuration (requires dedicated IP*)

Platform TLS

Platform TLS is designed for organizations that want to maintain control of the certificate lifecycle, need to use a specific CA, or have regulatory requirements that require use of a specific CA. It includes an API for setup and can support a high-volume of domains. Platform TLS supports Domain Validated(DV), Organization Validated (OV), and Extended Validation (EV) certificates.

Web Page
See our TLS pricing information
Web Page
Enabling TLS 1.3 through Fastly
Blog Post
TLS 1.3 is faster, more robust, and now available

Meet a more powerful global network.

Our network is all about greater efficiency. With our strategically placed points of presence (POPs), you can scale on-demand and deliver seamlessly during major events and traffic spikes. Get the peace of mind that comes with truly reliable performance — wherever users may be browsing, watching, shopping, or doing business.

336 Tbps

Edge network capacity1

150 ms

Mean purge time2

>1.8 trillion

Daily requests served4

~90% of customers

Run Next-Gen WAF in blocking mode3

As of March 31, 2024

As of December 31, 2019

As of March 31, 2021

As of July 31, 2023

Ready to get started?

Get in touch.