Use a shared cert hostname (HTTPS)
The Akamai shared certificate ("shared cert") enables secure delivery over HTTPS using a proprietary certificate that Akamai maintains.
How Edge IP Binding works with a shared cert hostname
You define a prefix value and enable Edge IP Binding in a secure property hostname. The prefix is automatically combined with a fixed domain value,
akamaized.net to form your secure edge hostname. Once your property is activated, you have an edge hostname that points directly to Akamai edge servers and several Edge IP Binding IP addresses that you use as follows:
Use the edge hostname directly in access URLs. Provide them to your end users to directly access your content via HTTPS, using Akamai's proprietary shared certificate.
Provide the Edge IP Binding IP addresses to your third party. They use them for zone-rated billing. HTTPS requests to these IP addresses access your property in the same way the edge hostname does.
Understand the connections
There are two connections involved in a request using the Akamai platform:
The client to Akamai edge server. This is the initial HTTPS connection between the end user and the edge server to get your property. The property determines how to deliver the requested content. This is the connection you're configuring here, in the property hostname to support Edge IP Binding.
The Akamai edge server to origin. This is the connection between the edge server and your designated origin, to get your content and deliver it to the end user. To configure this connection, you set options in the Origin Server behavior in your property. More on this later.
Follow these steps to add Edge IP Binding in a shared cert hostname.
- Ensure that Enhanced TLS or Shared Cert is selected in Security Options.
In the Property Hostnames content panel, click the dropdown menu next to the Add button and select Shared Certificate Hostname.
Enter your desired prefix value in the Edge Hostname field. Use alphanumeric or hyphen characters, with a total length of 4-60 characters. You can't start this prefix with a hyphen.
Select the appropriate IP version, based on what your application or site can support, and click Next.
Select Edge IP Binding as the Mapping Solution and click Next.
If you're using Adaptive Media Delivery or Download Delivery, you'll also have access to the Use Case option, Segmented Media Mode or FOREGROUND, respectively. These are not supported for use with Edge IP Binding.
Verify status and finish your property
The status of your new Edge IP Binding configuration is shown in the Property Hostnames panel:
The Status icon is gray. Activation of your Edge IP Binding addresses is pending.
The Status icon is green. Your addresses have been provisioned and are ready. You can use them after your property has been activated on Akamai's staging (testing) or production (live) networks.
It can take from 30 - 40 minutes to generate your Edge IP Binding addresses.
Perform these steps to complete the process:
You can optionally add variables.
You need to define property configuration settings that include rules to match requests and the behaviors that should be applied. Available rules and behaviors vary, based on the product you're using:
There are two connections in a request. The process here addressed the first connection between the end user and Akamai edge servers. You need to configure the second connection between an edge server and the origin server to get content. Set up this connection using the Origin Server behavior in a rule in your property.
Activate the property on the staging network where you can test it, and then activate it on production.
Optionally, you can create the following alerts:
- DNS does not contain an authorized certificate authority.
- Domain validation failed.
- Certificate’s domain is blocked.
- Expired default certificate.
- Expired default certificate removal.
Updated 6 months ago