All Products
Search

This Product

    Edge Security Acceleration:Specify the origin SNI for each origin

    Document Center

    Edge Security Acceleration:Specify the origin SNI for each origin

    Last Updated:Jun 17, 2026

    When your accelerated domain name has multiple origin server addresses, uses HTTPS for back-to-origin requests, and each origin serves a different domain, you can specify a distinct Server Name Indication (SNI) value for each origin. Each origin server then returns the correct SSL certificate to the requesting point of presence (POP), allowing the POP to establish an SSL connection with the intended origin.

    Prerequisites

    You have obtained the permissions to specify an SNI for each origin. This feature is not available by default. To request access,submit a ticket.

    Differences between a specified origin SNI and the default origin SNI

    • Specified origin SNI: You assign a distinct SNI to each origin server.

    • Default origin SNI: A single SNI applies to all origin servers. For more information, see Configure origin SNI.

    • If both are configured, the specified SNI takes precedence over the default SNI.

    Procedure

    1. Log on to the DCDN console.

    2. In the left-side navigation pane, click Domain Names.

    3. On the Domain Names page, find the target domain name and click Configure.

    4. In the left-side navigation tree of the domain name, click Origin Fetch.

    5. On the Origin Fetch tab, click Add in the Specify Origin SNI section.

    6. In the Specify Origin SNI dialog box, configure the following parameters.

      Parameter

      Description

      Origin Server Address

      The origin server address for which to specify an SNI.

      SNI HOST

      • Follow Origin Address:

        • The SNI value is the origin server address.

        • Use this option when the origin server address is a domain name and the origin server requires that domain name for SNI verification.

      • Follow Origin Host:

        • The SNI value is the origin host.

        • Use this option when the origin server requires the origin host for SNI verification.

      • Custom:

        • Specify a custom SNI value.

        • Use this option when the origin server does not require the origin server domain name or origin host for SNI verification.

      Keep-Alive

      • On: POPs use separate persistent connections for requests with different SNI values, preventing SNI conflicts over a shared connection.

      • Off: A persistent connection between a POP and an origin server carries only one SNI value.