Create edge hostnames

As summarized in PAPI concepts, edge hostnames provide the DNS-based mechanism that maps each user request from the originally requested hostname over to the optimal Akamai edge server. Edge hostnames add extra segments as suffixes, making them slightly longer than the original hostnames on which they're based.

You can create a new edge hostname:

  • automatically, if you have Secure by Default enabled in your contract. This simplified workflow creates either Standard TLS or Enhanced TLS edge hostnames with default certificates just as you activate the property version. You can skip the manual process and all the recipes listed below, as it's enough to specify all the details when you assign the edge hostname to a property.

  • manually, if you prefer to use more customized settings.


No matter what type of edge hostname you create, you may have the option to assign a use case to optimize the type of traffic deployed under the product. For details, see Assign a use case to an edge hostname.

Manually create edge hostnames

You can create three different types of Akamai edge hostnames, depending on the level of security you need for your traffic. Some types need to be enabled on your Akamai contract. Each requires a different procedure to form request data for the Create a new edge hostname operation:

Standard TLS

Use Standard TLS edge hostnames for HTTP-only traffic, or for HTTPS traffic that doesn't need to be PCI compliant. Standard TLS edge hostnames use the domain suffix, so that an original hostname of results in an edge hostname of

Enhanced TLS

Use Enhanced TLS edge hostnames for PCI-compliant HTTPS traffic. Unless you're using Secure by Default that automatically creates an edge hostname upon activation, this option requires the ID for a TLS certificate deployed over the Certificate Provisioning System API (CPS). Enhanced TLS edge hostnames use the domain suffix, so that an original hostname of results in an edge hostname of Support for Enhanced TLS needs to be included in your contract.

Shared Certificate

This alternative to Standard TLS allows you to apply an existing * shared certificate to HTTP-only or non-PCI compliant HTTPS traffic. In this case, the property hostname needs to match the edge hostname, both using the domain. For the wildcard to work, you can specify a single subdomain such as, but no further subdomains such as Support for a shared certificate needs to be included in your contract.