Archive for May, 2018


New Content Delivery Network (CDN)

May’s been a busy month here at MIDAS HQ!

Not only have we migrated Certificate Authorities to Let’s Encrypt, but we’re also been testing a new Content Delivery Network (CDN) feature in MIDAS.

To explain what a CDN does, imagine viewing a photograph online. That photograph will be stored on a web server somewhere. If you’re in the UK and the server where the photograph resides is located in Australia, it will take your browser longer to establish a connection and download the image from the other side of the world than it would do if the server was located in the same country as the person viewing the image. Now, we may only be talking of a few fractions of a second longer, but if you’re viewing a webpage containing several photographs, that can soon add up!

A Content Delivery Network vastly improves performance by storing (or “caching”) a copy of the photograph from the source server on multiple servers all around the world. Then, when a viewer requests the photograph, the CDN serves a cached copy of the file from whichever server is geographically closest to the viewer. This greatly improves the load time for the viewer, and also reduces the load on the original server (as the photograph is served from the CDN “cache” instead).

As a CDN “caches” a source file/webpage, it is only suitable for “static” content which doesn’t change frequently (for example, images, Javascript, Cascading Style Sheets, downloads, etc). “Dynamic” content (i.e. content which changes frequently/upon each visit, files must still be served directly from the origin server, rather than via the CDN.

In MIDAS v4.18 we unofficially introduced support for serving static resources from a CDN (CloudFlare), and this has been automatically enabled for all MIDAS trials and for all new cloud-hosted customers since the start of April, whilst we closely monitored its impact and effectiveness.

As our CDN trials proved effective and exceeded our expectations, throughout May we’ve been engaged in a phased roll-out of the CDN for remaining cloud-hosted customers, and we’re pleased to announce that all cloud-hosted MIDAS systems now have CDN support enabled.

We’re currently seeing nearly 90% of all requests for static resources being served directly from CloudFlare’s global CDN network, and performance improvements and reduction in load times of customer’s hosted MIDAS systems of between 13% – 67%!

We’re sure you’ll appreciate these performance improvements, which are all part of our ongoing commitment to provide the best possible service for our customers! …and we’ve more improvements and enhancements in the pipeline too!

Let's EncryptDuring the course of May we’ve been migrating our domain’s security certificates from ones issued by GlobalSign to ones issued instead by Let’s Encrypt.

What Is A Security Certificate?

In essence, a security certificate is what allows you to connect to a website over a secure https connection (instead of traditional, insecure, http). A valid and strong security certificate is what ensures that the connection and traffic between your web browser and the website/service you’re using is encrypted.

What Is A Certificate Authority?

Put simply, a “Certificate Authority” (or CA for short) is an organization responsible for issuing and revoking security certificates for websites. Popular CA’s include Comodo, Symantec, GoDaddy, and GlobalSign to name but a few.

Which Domains Are Affected?

All mid.as domains and *.mid.as sub domains (including our cloud-hosted customer’s domains)

Why Is This Happening?

Our security certificates were due for renewal in June, and as part of our continuous commitment to provide visitors to our site and customers alike with the best possible experience, we took the opportunity to review who provides our security certificates. Let’s Encrypt provide HTTPS certificates to over 70 million domains, and switching to certificates issued by Let’s Encrypt allows us to simplify and automate the management of security certificates across our growing MIDAS network.

Will I Notice Anything Different?

In short, no!

In order to migrate our CA from GlobalSign to Let’s Encrypt, we needed to remove the previous GlobalSign (AlphaSSL) certificate from each *.mid.as domain and install a new Let’s Encrypt certificate in its place. We have being doing this in a phased transition for all *.mid.as domains during the course of May, and we’re pleased to report that this transition to Let’s Encrypt is now fully completed.

Here’s how the old and new certificate issuers now look for our *.mid.as domains:

CA Migration to Let's Encrypt

We’d also like to reassure hosted customers that no domains, URLs, or IP addresses have changed as a result of this CA migration.

If you experience any issues or have any concerns, please don’t hesitate to reach out to us and we’ll be happy to help!

A note for cloud-hosted API users

Whilst unlikely, depending upon your code and development platform/language, you may initially receive a certificate warning/error when mmaking API calls now that the security certificate for your dedicated *.mid.as subdomain has changed, which may prevent your code/app from working temporarily until you accept the new security certificate.

Also, in some rare cases, you may not be able to access the API if your platform/device is listed as incompatible in Let’s Encrypt’s certificate compatibility list.

Finally, please be aware that Let’s Encrypt issues auto-renewing certificates which are valid for fixed periods of 90 days.

[ Back to top ]