How to Configure Custom Domain, SSL, and CDN on App Platform

In today’s digital-first world, providing a seamless, secure, and high-performance user experience is critical to staying ahead of the competition. Whether launching a SaaS platform, content-driven site, or e-commerce solution, the strength of your infrastructure can directly influence user satisfaction, engagement, and overall business success. It’s no longer optional to simply launch an app; it must be fast, secure, and easily accessible.

At DigitalOcean, the App Platform empowers us to seamlessly integrate key features that are essential for delivering a world-class user experience. Configuring custom domains, SSL certificates, and a Content Delivery Network (CDN) ensures that our applications are not only easy to find and trust but also fast and secure, no matter where our users are located. These features go beyond technical necessities; they are integral to establishing brand credibility, protecting user data, and optimizing global performance.

This tutorial will walk you through how to set up these essential elements on the DigitalOcean App Platform, ensuring your app is positioned for success with the right infrastructure in place. With the right configuration, you’ll not only enhance the user experience but also support your business’s growth objectives in today’s highly competitive digital landscape.

Why Configure Custom Domains, SSL, and CDN?

Before diving into the technical steps, it’s important to understand the critical role that custom domains, SSL certificates, and CDNs play in the success of any modern web application. These features are not just technical add-ons—they are foundational to your app’s credibility, security, and global reach.

Custom domains allow you to present a professional, branded identity to your users. Instead of relying on a generic or platform-provided URL, a custom domain (like www.yourcompany.com) signals legitimacy and trustworthiness. This is especially important for customer-facing applications, as users are far more likely to engage with and trust a site that reflects a consistent brand. Additionally, custom domains are favored by search engines, which can improve your site’s ranking and discoverability.

SSL certificates are essential for securing data transmitted between your users and your application. By enabling HTTPS, SSL encrypts sensitive information—such as login credentials, payment details, and personal data—protecting it from interception or tampering by malicious actors. Beyond security, SSL is now a baseline expectation for users and is a ranking factor for search engines like Google. Browsers also flag non-HTTPS sites as “Not Secure,” which can deter potential users and damage your reputation.

Content Delivery Networks (CDNs) dramatically enhance your app’s performance and reliability by distributing static assets (like images, scripts, and stylesheets) across a global network of edge servers. This means users around the world experience faster load times, reduced latency, and greater resilience against traffic spikes or outages. CDNs also help offload traffic from your origin server, improving scalability and reducing infrastructure costs. For dynamic applications, proper CDN configuration can further optimize delivery by caching frequently accessed data and intelligently routing requests.

Configuring custom domains, SSL, and a CDN is about more than just technical compliance—it’s about building a secure, high-performing, and trustworthy application that can scale with your business and deliver a seamless experience to users everywhere.

By following this tutorial, you will:

• Learn how to configure custom domains, SSL certificates, and CDNs on DigitalOcean App Platform.
• Understand the impact of these features on your app’s security, speed, and reliability.
• Discover how these configurations can enhance your app’s SEO and overall user experience.

Before we dive in, let’s make sure you’re all set to follow along:

• A DigitalOcean Account: If you haven’t already, create an account on DigitalOcean to get started.
• A Deployed App on DigitalOcean’s App Platform: This guide assumes you’ve already deployed your app using DigitalOcean App Platform. If not, we’d recommend following the Getting Started tutorial first.
• Custom Domain: You’ll need to own a domain. For example, instead of using a subdomain like myapp.ondigitalocean.app, we’ll set up something like www.myapp.com.
• Access to Your DigitalOcean App Platform Dashboard: You should have full access (Owner or Member role) to your app’s settings on the platform.

DigitalOcean’s App Platform

DigitalOcean’s App Platform is a fully managed solution for deploying and scaling applications. From managing your app’s lifecycle to integrating essential features like custom domains, SSL, and CDNs, DigitalOcean allows teams to focus on building their product instead of managing infrastructure.

And since DigitalOcean manages the heavy lifting, these features come with excellent defaults out of the box. You won’t be spending hours configuring or maintaining servers; it’s all handled for you, which is a huge win for product teams with limited resources.

Why a Custom Domain?

A custom domain is more than just a URL. It is an essential step in establishing your brand. When you go live with your product, using your own domain, for example www.myapp.com, signals professionalism and helps with credibility. It builds trust, something especially important if you’re handling sensitive data or driving any kind of transaction.

Plus, from an SEO perspective, having a custom domain is a must. Search engines, including Google, give preference to custom domains over subdomains when ranking sites, so this isn’t just about branding, it’s also about visibility.

Why SSL (Secure Sockets Layer)?

Security is no longer optional. Users expect their data to be protected, especially when dealing with login credentials, credit card info, or other sensitive data. Enabling SSL not only ensures that all traffic between your app and its users is encrypted, but also that your users can trust your app.

DigitalOcean’s App Platform automatically provisions and manages SSL certificates for your custom domains, so you don’t have to worry about manual setup or renewal.

In fact, SSL has become a trust signal for Google. They flag sites without HTTPS as not secure, which can hurt your traffic and reputation. So, enabling SSL isn’t just a security measure; it’s a business necessity.

What Is a CDN and Why Does It Matter?

A Content Delivery Network (CDN) speeds up your app by caching and serving content, like images, videos, and other static files, from servers that are closer to your users. So, whether they’re in New York, Sydney, or Tokyo, your app’s content loads faster, which means quicker load times and a better experience overall.

With DigitalOcean’s App Platform, static content is automatically cached on CDN servers, helping your app perform better for users all around the world. For dynamic apps, you can enable caching by setting the Cache-Control header in your app’s responses, which helps deliver frequently requested data more quickly.

To put it simply, a CDN takes the strain off your origin server, helps your app scale as more users come on board, and makes sure your global audience has a smooth, fast experience.

Let’s dive into the setup process. In this section, we’ll walk through how to configure a custom domain, enable SSL, and set up a CDN on DigitalOcean’s App Platform.

Set Up a Custom Domain

We will walk you through how to connect your custom domain (e.g., www.myapp.com) to your DigitalOcean App Platform app. This step ensures your app is accessible via a branded URL, enhancing trust, SEO, and professionalism

Depending on how you manage your domain’s DNS, you have the following options for setting up your domain with DigitalOcean:

Option 1: DigitalOcean-Managed DNS Setup

This option is for domains registered with an external registrar but delegated to DigitalOcean’s nameservers (ns1.digitalocean.com, ns2.digitalocean.com etc.).

In this setup, you delegate DNS management to DigitalOcean by updating your domain’s nameservers at your registrar. DigitalOcean then manages all DNS records, including those needed to point your domain to your app. This approach minimizes manual DNS configuration.

1. Log in to your domain registrar (where you purchased your domain).

2. Update your domain’s nameservers to:

   • ns1.digitalocean.com
   • ns2.digitalocean.com
   • ns3.digitalocean.com

3. Go to your App Platform Dashboard, open your app’s Settings → Domains → Edit, and click Add Domain.

4. Enter your domain name (e.g., www.myapp.com) and then Select We manage your domain.

5. Confirm and click Add Domain.

6. DigitalOcean will automatically create the necessary DNS records for your app.

Option 2: Manual DNS Setup with External DNS Provider

This option is for domains with DNS hosted by an external provider (e.g., GoDaddy, Cloudflare) where you do not delegate nameservers to DigitalOcean.

You will manually add DNS records at your DNS provider to point your domain or subdomain to your DigitalOcean app.

1. In your App Platform Dashboard, go to Settings → Domains → Edit, and click Add Domain.

2. Enter your domain (e.g., www.myapp.com) and then select You manage your domain.

3. DigitalOcean will provide a CNAME record target (e.g., your-app.ondigitalocean.app).

4. Log in to your DNS provider’s dashboard.

5. Add a CNAME record:

   • Host: www (or your subdomain)
   • Value: your-app.ondigitalocean.app

6. Save the DNS record.

7. Return to DigitalOcean and confirm domain addition.

8. DigitalOcean will verify the DNS record.

Option 3: Automation via CLI or API (Advanced)

This option is suitable for Developers or teams automating deployments via CLI (doctl) or API.

You can add a domain to an app using the CLI’s app update command or the API’s app update endpoint. To add a domain, update the app’s spec with the domain’s specifications and submit the spec using the following command or endpoint. The app spec must completely define all of your app’s configurations. We recommend downloading your current app spec from the control panel, API, or CLI, and modifying it to include the domain.

Example using doctl

The following example updates an app with the ID f81d4fae-7dec-11d0-a765-00a0c91e6bf6 using an app spec located in a directory called /src/your-app.yaml. Additionally, the command returns the updated app’s ID, ingress information, and creation date:

doctl apps update f81d4fae-7dec-11d0-a765-00a0c91e6bf6 --spec src/your-app.yaml --format ID,DefaultIngress,Created

Example using API

curl -X PUT \
-H "Content-Type: application/json" \
-H "Authorization: Bearer $DIGITALOCEAN_TOKEN" \
"https://api.digitalocean.com/v2/apps/{id}" \
-d '{"alerts":[{"rule":"DEPLOYMENT_FAILED"},{"rule":"DOMAIN_FAILED"}],"domains":[{"domain":"example.com","type":"PRIMARY","zone":"example.com"}],"envs":[{"key":"API_KEY","scope":"RUN_AND_BUILD_TIME","type":"SECRET","value":"EV[1:zqiRIeaaYK/NqctZDYzy6t0pTrtRDez8:wqGpZRrsKN5nPhWQrS479cfBiXT0WQ==]"}],"features":["buildpack-stack=ubuntu-22"],"ingress":{},"name":"example-app","region":"nyc","services":[{"autoscaling":{"max_instance_count":4,"metrics":{"cpu":{"percent":70}},"min_instance_count":2},"git":{"branch":"main","repo_clone_url":"https://github.com/digitalocean/sample-nodejs.git"},"internal_ports":[8080],"log_destinations":[{"name":"your_log_consumer_name","open_search":{"endpoint":"logs.example.com:12345","basic_auth":{"user":"doadmin","password":"1234567890abcdef"},"index_name":"example-index","cluster_name":"example-cluster"}}],"name":"sample-nodejs","run_command":"yarn start","source_dir":"/"}]}'

SSL for Your Custom Domain

Once your custom domain is properly configured on DigitalOcean’s App Platform, SSL/TLS is automatically provisioned via Let’s Encrypt. This means you don’t have to manually acquire or install an SSL certificate and DigitalOcean handles it for you.

Additionally, App Platform automatically upgrades all incoming HTTP requests to HTTPS, meaning any traffic sent over HTTP will be redirected to HTTPS, ensuring secure connections for all users.

You’ll know SSL is active when:

• Your app is accessible via https, such as https://www.myapp.com.
• A padlock icon appears in the browser’s address bar.
• Your connection is marked as secure by the browser.

Apps hosted on the default .ondigitalocean.app domain behave as if HSTS is enabled because the .app TLD is included in the HSTS preload lists. This built-in HSTS enforcement does not apply to custom domains unless you explicitly add the necessary headers.

This automatic SSL provisioning not only encrypts all communication between your users and your app, safeguarding sensitive data, but also enhances your site’s trustworthiness and search engine ranking since HTTPS is a recognized SEO signal.

Configuring a CDN for Your App

DigitalOcean App Platform includes a built-in CDN (Content Delivery Network) powered by Cloudflare, which is automatically enabled. You can configure its behavior by setting appropriate HTTP caching headers in your application’s responses.

Default Caching Behavior

App Platform handles caching differently depending on how your app is structured:

• Static Sites: Cached by default on CDN edge servers for 24 hours and in the browser for 10 seconds. No additional configuration is needed unless you want to customize this behavior.
• Dynamic Services (APIs, Web Servers): No caching is applied by default. To enable caching, you must add appropriate Cache-Control headers in your server responses.

This default behavior balances performance and freshness for static sites while ensuring dynamic content is served as expected.

Customizing Caching with Cache-Control Headers

You can control how long assets are cached, both by browsers and the CDN, by setting the Cache-Control header.

Examples:

• Cache static assets for 7 days:

Cache-Control: public, max-age=604800

• Avoid caching dynamic content:

Cache-Control: no-store

Common Use Cases

You’ll need to configure this in your application’s code. For example:

• Node.js (Express):

res.set('Cache-Control', 'public, max-age=86400'); // 1 day

• Go:

w.Header().Set("Cache-Control", "public, max-age=86400")

• Flask (Python):

@app.after_request
def add_header(response):
    response.headers['Cache-Control'] = 'public, max-age=86400'
    return response

These headers give you precise control over how different resources are handled by both browsers and edge caches.

Disabling Edge Caching

In some cases, such as APIs or real-time data, you may want to completely disable CDN caching. This can be done in your app’s spec file using the disable_edge_cache option.

Example:

services:
  - name: your-service-name
    disable_edge_cache: true

Setting this disables all edge caching for the specified service, ensuring every request is served fresh from the origin.

To re-enable caching later, either remove this line or set it to false.

Note: If you’re not using YAML directly, you can export your app spec from the control panel, make this change, and redeploy using doctl apps update.

Monitoring and Optimization

Once configured, verify that your cache headers are working by:

• Checking response headers in your browser’s DevTools or via curl.
• Looking for headers like Cache-Control, CF-Cache-Status, and Age.
• Using tools like PageSpeed Insights, GTmetrix, or Pingdom.

These tools help evaluate your cache effectiveness and loading speed globally.

For more details on CDN caching, please refer to this documentation on How to Cache Content to Improve App Performance.

Configuring a custom domain, SSL certificates, and a CDN on DigitalOcean’s App Platform ensures your app is secure, fast, and professional. These features help build trust, improve SEO, and deliver a better user experience—without the hassle of manual server management. Apply these best practices to set your app up for success.

Further Reading and Related Tutorials

To deepen your understanding and explore more ways to leverage DigitalOcean App Platform, check out these related tutorials from the DigitalOcean Community:

• DigitalOcean App Platform vs DOKS vs Droplets
• Sending DO App Platform Logs to DO Managed OpenSearch
• Best Practices for App Platform Multi-Environment
• Troubleshooting Latency Issues on App Platform

For more tutorials and guides, visit the DigitalOcean Community Tutorials.