All Products
Search
Document Center

CDN:Common Name whitelist

Last Updated:Feb 07, 2024

Points of presence (POPs) compare the certificate Common Name that is returned by the origin server with the server name indication (SNI) value that is included in an HTTPS request. If the SNI value does not match the Common Name, the origin fetch request fails. After you add the certificate Common Name to the whitelist, origin fetch requests can complete even if the SNI value does not match the Common Name.

Examples

If the SNI value does not match the Common Name, the POP fails to establish a connection to the origin server, as shown in the following figure.

image

After you add domain2 to the Common Name whitelist, Alibaba Cloud CDN establishes a connection to the origin server.

image

Procedure

  1. Log on to the Alibaba Cloud CDN console.

  2. In the left-side navigation pane, click Domain Names.

  3. On the Domain Names page, find the domain name that you want to manage and click Manage in the Actions column.

  4. In the left-side navigation tree of the domain name, click Origin Fetch.

  5. In the Common Name Whitelist section, turn on Common Name Whitelist.

  6. Add domain names to the Whitelist.  Common Name白名单

  7. Click OK.