Each property needs at least one property hostname assigned to it so that the Akamai servers know what configuration to apply while delivering your content. Property hostnames are basically the domains your end users see, indicated by the Host header in their requests. While assigning hostnames to a property, you specify an edge hostname for each. That, coupled with mapping the property hostname to the edge hostname in your DNS record, redirects the traffic to your site from your origin to the Akamai servers.
Create new edge hostnames
Edge hostnames provide the DNS-based mechanism that maps each user request from the originally requested property hostname—your domain—to the optimal Akamai edge server. Edge hostnames add extra segments as suffixes, making them slightly longer than the original hostnames on which they're based.
You can create a new edge hostname:
-
automatically, if you have Default Domain Validation (DV) certificates enabled in your contract. This simplified workflow creates either Standard TLS or Enhanced TLS edge hostnames with Default DV certificates just as you activate the property version. It's enough to specify all the details when you assign the edge hostname to a property.
-
manually, if you prefer to use more customized settings.
Manually create edge hostnames
You can create three different types of Akamai edge hostnames, depending on the level of security you need for your traffic. Some types need to be enabled on your Akamai contract. Each requires a different procedure to form request data for the Create a new edge hostname operation:
Standard TLS
Use Standard TLS edge hostnames for HTTP-only traffic, or for HTTPS traffic that doesn't need to be PCI compliant. Standard TLS edge hostnames use the edgesuite.net
domain suffix, so that an original hostname of www.example.com
results in an edge hostname of www.example.com.edgesuite.net
.
Enhanced TLS
Use Enhanced TLS edge hostnames for PCI-compliant HTTPS traffic. Unless you want to use Default DV certificates that automatically create an edge hostname upon activation, this option requires the ID for a TLS certificate deployed over the Certificate Provisioning System API (CPS). Enhanced TLS edge hostnames use the edgekey.net
domain suffix, so that an original hostname of www.example.com
results in an edge hostname of www.example.com.edgekey.net
. Support for Enhanced TLS needs to be included in your contract.
Shared Certificate
This alternative to Standard TLS allows you to apply an existing *.akamaized.net
shared certificate to HTTP-only or non-PCI compliant HTTPS traffic. In this case, the property hostname needs to match the edge hostname, both using the akamaized.net
domain. For the wildcard to work, you can specify a single subdomain such as mywebsite.akamaized.net
, but no further subdomains such as my.website.akamaized.net
. Support for a shared certificate needs to be included in your contract.
Option 1: Assign hostnames to a property version
For every property version, you specify property hostnames that are identical to your domains. To redirect the traffic for your domain to the Akamai servers, each property hostname needs to have an edge hostname assigned. If you decided to securely serve your content over HTTPS, you need an edge certificate that is verified between the client and the edge server. There are two types of edge certificates for you to choose from:
- a
DEFAULT
certificate that requires Default DV certificates enabled in your contract. In your request, simply set thecnameTo
parameter either to a Standard TLS (edgesuite.net
suffix) or Enhanced TLS (edgekey.net
suffix) edge hostname that doesn't exist yet, and PAPI creates it automatically when you activate a property version.
- a
CPS_MANAGED
certificate that requires a newly created or an already existing edge hostname. You manage these certificates with the Certificate Provisioning System API (CPS).
Option 2: Add hostnames to the property's hostname bucket
While creating a property, you can configure it so that it supports hostname buckets. Hostname buckets let you assign tens of thousands of hostnames directly to a property, without incrementing the property version. This feature is especially useful for SaaS/PaaS providers who need one common set of rules applied to thousands of custom domains.
See Add hostnames to the hostname bucket for a complete workflow.
Enable traffic for a new hostname
After assigning a hostname to a property and activating the property, you can test the hostname on Akamai servers. Then modify your DNS configuration to direct end user traffic to the new edge hostname.
Edge hostnames are formed from the combined domainPrefix
, that is your domain that the end users see, and domainSuffix
that depends on the security level you chose for the edge hostname, in this case custom.example.com.edgesuite.net
to indicate standard HTTP traffic:
{
"productId": "prd_PPP",
"domainPrefix": "custom.example.com",
"domainSuffix": "edgesuite.net",
"secure": true,
"ipVersionBehavior": "IPV4",
"slotNumber": 12345
}
HTTPS typically uses an edgekey.net
suffix. The requests that create the edge hostnames tell Akamai 's network of DNS servers to map it to local server names, but for the hostname to ultimately activate, you need to update your own DNS record to map your property hostname to the edge hostname. A resulting DNS resolution looks like this:
$ host -v custom.example.com
Trying "custom.example.com"
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 14682
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;custom.example.com. IN A
;; ANSWER SECTION:
custom.example.com. 300 IN CNAME custom.example.com.edgekey.net.
custom.example.com.edgekey.net. 3701 IN CNAME e79.x.akamaiedge.net.
e79.x.akamaiedge.net. 11 IN A 72.246.8.105
The first CNAME entry maps your custom.example.com
domain to the custom.example.com.edgekey.net
edge hostname, allowing traffic to flow to Akamai 's edge servers. Creating the new edge hostname implements the second CNAME, which in this case maps the edge hostname to the local e79.x.akamaiedge.net
hostname, and in turn to a local IP address.