Origin SNI

If your origin server IP address is bound to multiple domains and CDN visits the origin server using HTTPS, you can set the SNI to specify the domain to be visited by CDN during origin pull.

Working Principles

This diagram shows the CDN origin pull process when there is an origin SNI.

Click to enlarge

A user initiates a request.
The CDN PoP cache is not hit. The PoP carries SNI test.example.com to pull content from the origin server.
The origin server returns the certificate of domain name test.example.com to the PoP.
The PoP receives the certificate and sets up a secure connection with the origin server.
The PoP receives content from the origin server, returns it to the user, and caches it.

Constraints

The origin SNI cannot be set for domain names with whole site acceleration.
The origin SNI cannot be set for domain names with special configurations.
By default, CDN PoPs carry the SNI information when they pull origin content using HTTPS. If no origin SNI is configured, the host is used.

Procedure

Log in to the CDN console.
In the navigation pane, choose Domains.
In the domain list, click the target domain name or click Configure in the Operation column.
Click the Origin Settings tab.

Switch on Origin SNI and enter the origin SNI.

Figure 1 Origin SNI
Click to enlarge

**Table 1** Parameter description
Parameter	Description
Origin SNI	Origin domain name to be accessed by CDN during origin pull, for example, test.example.com. Wildcard domains are not supported. The value contains up to 75 characters, including letters, digits, hyphens (-), and periods (.). It cannot start with a hyphen (-) or period (.). Each label of a domain name (for example, * in .**.com) can contain up to 63 characters.