How to Customize the Spaces CDN Endpoint with a Subdomain

Spaces is an S3-compatible object storage service that lets you store and serve large amounts of data. Each Space is a bucket for you to store and serve files. The free, built-in Spaces CDN minimizes page load times, improves performance, and reduces bandwidth and infrastructure costs.

After you enable the Spaces CDN, the CDN's edge servers will begin caching and serving the contents of the Space from the default CDN endpoint, <spacename>.<region> You can also use a secure subdomain you own as an alternative endpoint, like

For security, any subdomain you use with the Spaces CDN must have an SSL certificate. If you manage your domain's DNS with DigitalOcean, you can use our Let's Encrypt integration to create a fully managed SSL certificate. You can also manually upload a certificate if you don't use DigitalOcean to manage your DNS, want to generate your own certificate, or want to upload an existing certificate.

Add a Custom Subdomain

You can add a custom subdomain to the Spaces CDN either when you create a Space with the CDN enabled or in an existing Space's CDN settings.

The create page and existing Spaces’ Settings pages have the same CDN (Content Delivery Network) section. When you open the Use a custom subdomain pulldown menu, you'll see any subdomain SSL certificates already uploaded to your account.

A Space's CDN settings with the custom subdomain pulldown menu open and one existing certificate visible

If you already have a certificate for the subdomain you want to use, select it from the menu and click Save. We'll automatically create a CNAME record for it if necessary and start serving content from that subdomain.

If you don't already have a certificate uploaded for the subdomain you want to use, click the +Add a new subdomain certificate option. This will open a window to guide you through either creating a new certificate with Let's Encrypt and DigitalOcean DNS or uploading a certificate manually.

You cannot currently create wildcard SSL certificates using DigitalOcean's Let's Encrypt integration. Instead, choose the Bring your own certificate option to add custom wildcard certificates.

If you manage your domain with DigitalOcean DNS, you can choose the Use Let's Encrypt option to create a new, fully-managed SSL certificate. If you host your domain's DNS with a provider other than DigitalOcean, you must use the Bring Your Own Certificate option.

The Spaces CDN custom endpoint Add Custom Subdomain window opened to the Use Let's Encrypt tab

Select the domain you want to use to reveal the Which subdomain would you like to use with this Space? option. You can select an existing subdomain or choose a new one.

Enter a name for the certificate, then click Generate Certificate and Use Subdomain. This will also automatically create the necessary CNAME for the subdomain and verify the SSL certificate. You'll receive a notification in the control panel when your subdomain is ready to use, which typically takes a few seconds.

You cannot secure a CDN's subdomain with a custom wildcard SSL certificate that is already being used elsewhere in your account. Instead, you'll need to add a new custom certificate during the custom subdomain set up for your CDN.

If you want to upload an existing certificate, or if you prefer to manage your DNS with another provider and want to generate your own, choose Bring your own certificate.

The Spaces CDN custom endpoint Add Custom Subdomain window opened to the Bring Your Own Certificate tab

Enter the name, certificate, private key, and certificate chain in the respective fields, then click Add Certificate and Use Subdomain.

You'll also need to add a CNAME record pointing from the subdomain to the default CDN endpoint. If you don't, you won't be able to serve content from that subdomain.

Edit or Remove a Custom Subdomain

From the Space's Settings page, in the CDN (Content Delivery Network) section, open the pulldown menu with the current subdomain.

The Spaces CDN endpoint settings with the pulldown menu open to show the Remove Subdomain option

To switch subdomains, you can choose another certificate or add a new subdomain certificate here.

To remove the subdomain entirely and serve content only from the default CDN endpoint, select click Remove Custom Subdomain, then click Save. You'll need to to confirm the removal in the window that opens by typing the name of the subdomain and clicking Remove subdomain.