Guide
Start typing to search…
  1. Property Hostnames

HTTPS Service Binding

The Service Binding (SVCB) resource record, defined in RFC 9461, is a DNS record type that helps improve client performance and privacy by providing information about alternative service endpoints. By configuring an SVCB record, you can guide clients on how to connect to your service, specifying available protocols and network endpoints before a connection is established. This feature is supported with API Acceleration, Ion, Dynamic Site Accelerator, Adaptive Media Delivery, Download Delivery, and Object Delivery products.

🚧

If you're interested and would like to use HTTPS Service Binding now, contact your Akamai account team to have it added to your contract.

Key features and benefits

HTTP clients traditionally resolve only A or AAAA records for the origin hostname, which provides IP addresses but limited information about the service. The HTTP-specific SVCB record type enhances this process by offering clients key details before they connect. Akamai’s HTTP Service Binding provides::

  • The Application-Layer Protocol Negotiation (ALPN) attribute that lists supported protocols, allowing clients to select HTTP/3 (QUIC), HTTP/2, or both, and reducing connection round trips.
  • An HSTS-like guarantee, signaling that "https" should be used for all HTTP requests to the host and port.

Implementation

You assign an edge hostname that supports Service Binding and select the supported protocol version while configuring your property hostname. See individual sections in Configure HTTPS hostnames for detailed instructions depending on the certificate type.

HTTP/3 protocol is supported by default and doesn't require any additional setup. To support HTTP/2 protocol, you need to enable the HTTP/2 behavior in your property. Otherwise, the edge server responds using HTTP 1.1.

Once enabled and activated on production, during the request flow:

  • The client performs a DNS lookup for the HTTPS record and receives the record with the ALPN value.
  • The client performs a standard DNS lookup for the hostname and receives the A/AAAA record after the edge hostname, instead of a CNAME record.

Caveats and limitations

The HTTPS Service Binding option needs a valid certificate to establish secure connections. Make sure you add a certificate in the hostnames panel to prevent client errors.

Updated about 2 hours ago