Akamai vs Amazon Cloud Front for CDN

Recently I was asked to host https content on our Akamai(re-branded through a partner) because clients get security warning browsing one of our secure sites with http content. After talking to the rep at akamai, I found out that it would be quite a price hike for us going from http to https with Akamai.

This made me look at Amazon Cloud Front and I was amazed that https is included with their plans. We would be switching to Amazon Cloud Front now. Goodbye Akamai!

As long as amazon’s server names are used, https is supported.

Hopefully, Amazon would add HTTPS for CNAME as well for cloud front.

Amazon is asking for feedback from its customers on this survey link: http://aws.qualtrics.com/SE/?SID=SV_9yvAN5PK8abJIFK

So take out our mouses and let the clicking begin!

Happy Holidays!

Advertisements

3 Responses

  1. @neillohit I noticed a post from June 11, 2012 that AWS had updated the survey link:

    See the post on this survey being available: https://forums.aws.amazon.com/thread.jspa?messageID=363869

    New Survey Link: http://aws.qualtrics.com/SE/?SID=SV_e4eM1cRblPaccFS

    I think it is worth the time to provide them feedback about making CNAME + SSL a supported feature.

    As I took the survey myself I noted that they added a feature ranking exercise. 1 of the 13 suggested features is:

    “CNAME support over HTTPS (custom SSL certificates) – Ability to use custom CNAMEs for SSL traffic delivered over HTTPS.”

    We are on the radar…NOW GET VOTING.

  2. SSL cert validation performed by browsers requires that the name of the site they thought they connected to is in the certificate. So this is incompatible with using your own CNAME, since then Amazon would need to add your CNAME into the SSL cert on all their servers. It would quickly get too big a problem, so I can’t see this ever happening. Just use the Amazon names for SSL, Then they can use a wild-card cert.

  3. @Adrein, another way might be to add a custom ssl certificate provided by the customer(us) for the CNAME. While they are hosting gazillion other objects for us, why not host the cert as well?

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: