Skip to main content

Configure HTTP connection with the origin

Last update:

By default, CDN requests content from the origin via HTTPS. This allows you to additionally:

  • verify the origin certificate when requesting content from the origin; ;
  • specify the SNI hostname so that the origin provides content for the required domain if multiple domains point to the same IP address. SNI (Server Name Indication) is the hostname passed in a TLS request.

If the content origin does not support encryption, you can disable the use of HTTPS. We do not recommend disabling HTTPS — this reduces security and increases the risk of MITM attacks. During a MITM attack, attackers can intercept logins, modify page content, and inject malicious code. If you disable the use of HTTPS, origin certificate verification and SNI hostname specification will not be available.

Enable origin certificate verification

Verification confirms that the certificate:

  • is issued by a trusted certification authority (CA);
  • is valid;
  • matches the origin domains;
  • matches the SNI hostname, if it is specified.

  1. In the control panel, on the top menu, click Products and select CDN.

  2. In the CDN Resources section, open the CDN resource page → the Origin.

  3. In the HTTP settings for origins block, select the Verify origin certificate.

  4. Click Apply. While settings are being applied, the CDN resource enters the PROCESSING status. You cannot apply other settings during this time. Settings take effect when the CDN resource transitions to ACTIVE.

Specify the SNI hostname

  1. In the control panel, on the top menu, click Products and select CDN.

  2. In the CDN Resources section, open the CDN resource page → Origin.

  3. In the HTTP settings for origins block, select the Specify SNI hostname.

  4. Enter the SNI hostname—a domain without a protocol, for example, example.com. This value will be passed in the SNI header when establishing a TLS connection.

  5. Click Apply. While settings are being applied, the CDN resource enters the PROCESSING status. You cannot apply other settings during this time. Settings take effect when the CDN resource transitions to ACTIVE.

Disable the use of HTTPS

  1. In the control panel, on the top menu, click Products and select CDN.

  2. In the CDN Resources section, open the CDN resource page → Origin.

  3. In the HTTP settings for origins block, clear the Use HTTPS when requesting content from origins.

  4. Click Apply. While settings are being applied, the CDN resource enters the PROCESSING status. You cannot apply other settings during this time. Settings take effect when the CDN resource transitions to ACTIVE.