Archive for May, 2018

New Content Delivery Network (CDN)

Filed Under: News, Tech Insight by midas — Leave a comment
May 31, 2018

May’s been a busy month here at MIDAS HQ!

Not only have we migrated Certificate Authorities, we’ve also been testing a new Content Delivery Network (CDN) feature in MIDAS.

What does a CDN do?

To explain what a CDN does, imagine viewing a photograph online. That image will be stored on a web server somewhere. Say you’re in the UK and the server where the image resides is located in Australia. It will take your browser longer to establish a connection and retrieve the image from the other side of the world than if the server was located in the same country as you. Now, we may only be talking of a few fractions of a second longer, but if you’re viewing a web page containing several photographs, that can soon add up!

A Content Delivery Network vastly improves performance. It achieves this by storing (or “caching”) a copy of the original photograph on multiple servers all around the world. Then, when a viewer requests the photograph, the CDN serves a cached copy from whichever server is geographically closest to the viewer. This greatly improves the load time for the viewer. It also reduces the load on the original server, as the photograph is served from the CDN “cache” instead.

As a CDN “caches” a source file/web page, it is only suitable for “static” content which doesn’t change frequently, for example, images, JavaScript, Cascading Style Sheets, downloads, etc). “Dynamic” content – content which changes frequently/upon each visit – must still be served directly from the origin server, rather than via the CDN.

CDN Support in MIDAS

In MIDAS v4.18 we unofficially introduced support for serving static resources from a CDN (Cloudflare). This has been automatically enabled for all MIDAS trials and for all new cloud-hosted customers since the start of April. Since then, we’ve been closely monitoring its impact and effectiveness.

As our CDN trials proved effective and exceeded our expectations, throughout May we’ve been engaged in a phased roll-out of the CDN for remaining cloud-hosted customers. We’re pleased to announce that all cloud-hosted MIDAS systems now have CDN support enabled.

We’re currently seeing nearly 90% of all requests for static resources being served directly from Cloudflare’s global CDN network. This has led to performance improvements and reduction in load times of customer’s hosted MIDAS systems of between 13% – 67%!

We’re sure you’ll appreciate these performance improvements. They’re part of our ongoing commitment to provide the best possible service for our customers! …and we’ve more improvements and enhancements in the pipeline too!

Tags: ,

Certificate Authority Migration – May 2018

Filed Under: News, Tech Insight by midas — Leave a comment
May 31, 2018

Let's EncryptThroughout May we’ve been migrating our domain’s security certificates. We’ve transitioned from certificates issued by GlobalSign to ones issued by Let’s Encrypt instead.

What Is A Security Certificate?

In essence, a security certificate is what allows you to connect to a website over a secure https connection (instead of traditional, insecure, http). A valid and strong security certificate is what ensures that the connection and traffic between your web browser and the website/service you’re using is encrypted.

What Is A Certificate Authority?

Put simply, a “Certificate Authority” (or CA for short) is an organization responsible for issuing and revoking security certificates. Popular CA’s include Comodo, Symantec, GoDaddy, and GlobalSign to name but a few.

Which Domains Are Affected?

All mid.as domains and *.mid.as sub domains (including our cloud-hosted customer’s domains).

Why Is This Happening?

Our security certificates were due for renewal in June. As part of our continuous commitment to provide visitors to our site and customers alike with the best possible experience, we took the opportunity to review who provides our security certificates. Let’s Encrypt provide HTTPS certificates to over 70 million domains. Switching to certificates issued by Let’s Encrypt allows us to simplify and automate the management of security certificates across our expanding MIDAS network.

Will I Notice Anything Different?

In short, no!

In order to migrate our CA from GlobalSign to Let’s Encrypt, we needed to remove the previous GlobalSign (AlphaSSL) certificate from each *.mid.as domain and install a new Let’s Encrypt certificate in its place. We have being doing this in a phased transition for all *.mid.as domains during the course of May. We’re pleased to report that this transition to Let’s Encrypt is now fully completed.

Here’s how the old and new certificate issuers now look for our *.mid.as domains:

CA Migration to Let's Encrypt
Migrating to Let’s Encrypt

We’d also like to reassure hosted customers that no domains, URLs, or IP addresses have changed as a result of this CA migration.

If you experience any issues or have any concerns, please don’t hesitate to reach out to us and we’ll be happy to help!

A note for cloud-hosted API users

Whilst unlikely, you may initially receive a certificate warning/error when making API calls. This will depend upon your code and development platform/language. Now that the security certificate for your dedicated *.mid.as sub domain has changed, it may temporarily prevent your code/app from working until you accept the new security certificate.

Also, in some rare cases, you may not be able to access the API if your platform/device is listed as incompatible in Let’s Encrypt’s certificate compatibility list.

Finally, please be aware that Let’s Encrypt issues auto-renewing certificates which are valid for fixed periods of 90 days.

Tags: ,