In my account, I have a test domain which is to be pointed to x.sni.global.fastly.net . However, I want to change this ‘map’ to [j.sni.global.fastly.net](javascript:addhost(‘j.sni.global.fastly.net.’)) . What is the process or steps for that please?
1 Like
The CNAME target is based on the TLS Configuration you have chosen for your service. If you want to have a different CNAME target, you’ll need to enable an additional TLS Configuration. You can review the various configuration options which are available in your account to decide which one offers the set of features you desire.
You have been helping me a lot , so first of all a big thanks 
Secondly, I did check the TLS config and I see x and w. But i specifically need ‘j’ . how do i go about ?
If j is not available in your account then you’ll need to open a support ticket to find out why. What is the specific reason you need to use j?
The reason is quite complicated. But let me try and explain:
We are currently trying a SaaS vendor who uses fastly and the hostname is pointed to j.sni.
We want to frontend Fastly with another CDN.
The challenge is the certificate renewal. Since there is only one acme challenge and 2 providers needing it, renewal becomes tricky . You already helped me with other options like DNS-ACCOUNT-01, bring your own cert etc. But I want to have all the options listed , which is why this question.
Currently the hostname we have is pointing j.sni map, which is managed by the SaaS vendor. Now if we create another fastly account managed by our company and upload a certificate for the same hostname ( just a wildcard certificate, nothing else ) and make it propagate to j.sni …theoretically our cert should be picked even if the SaaS account’s cert expires.
I hope that explains ?
This is too complex to assist you in the forum, unfortunately. I can say with certainty that we do not support having two certificates for the same name (wildcard or not) on the same Fastly endpoint (which we call an ‘offset’), and j.sni is an endpoint. You can’t provide an alternative certificate for us to use on the same endpoint if the SaaS provider’s certificate expires or becomes invalid for some reason.
1 Like