SNI and CDN Configurations

1 min read SSL/TLS & Certificates

SNI and CDN Configurations

Content Delivery Networks complicate SNI handling through edge server configurations. Ensure CDN providers support SNI for your certificate setup. CloudFlare, AWS CloudFront, and similar services handle SNI automatically but require proper origin configuration.

CDN SNI considerations:

# CloudFlare Page Rules for SSL
# Flexible SSL: Edge-to-user encrypted, origin unencrypted
# Full SSL: Edge-to-user and edge-to-origin encrypted
# Full SSL (Strict): Requires valid origin certificate

# AWS CloudFront SNI
aws cloudfront create-distribution \
  --distribution-config file://config.json \
  --viewer-certificate.CloudFrontDefaultCertificate=false \
  --viewer-certificate.ACMCertificateArn=arn:aws:acm:... \
  --viewer-certificate.SSLSupportMethod=sni-only