In CDN (content delivery network) systems, HTTP (hypertext transfer protocol) 302 jumping method is widely used. One scenario is that, when a server being accessed does not store the desired file, the server can redirect the access directly to the server that stores the file based on known data. Another scenario is that, there exists a 302 jumping method of which the streaming media load balancing system is HTTP protocol (HTTP Load Balance, referred to as: HLB). This kind at load balancing system based on HTTP directing has many outstanding advantages compared to domain name system (DNS)-based traffic load system, such as being highly real-time and accurate, and having content perception.
The HTTPS protocol is a secure extension of the HTTP protocol, providing server authentication and protecting the privacy and integrity of data. Based on security considerations, more and more websites began to use HTTPS protocol to show their content. However, HTTPS protocol does not intrinsically support a 302 jumping method, in HTTP protocol, that uses an Internet protocol (IP) as the destination. Because, after the 302 jumping, the carried IP would be used as a host, causing the client terminal in the secure socket layer (SSL) handshake stage to take the IP as a domain name to verify the legitimacy of the certificate, rather than using the domain name (provided by the certificate on the server) before the jumping for verification. This will lead to certificate verification failure.
One of the existing ways to support HTTPS jumping is to add the name or ID (identification) of the server, which is to be jumped to, into the domain name. For example, when the client terminal is expected to access the server having the ID of xyz, a 302 jumping URL to the domain name of xyz.chinanetcenter.com may be returned. When the client terminal resolves xyz.chinanetcenter.com, the server obtains the IP address of xyz based on internal storage and returns it to the client terminal. However, this method still has shortcomings. That is, the jumping method is not easy to expand. When servers change, the DNS server must timely update the IP list of the servers, otherwise the domain-name resolution requests may not be resolved or the resolving may be wrong.
In general, when a CDN client needs to use HTTPS for an entire website, the 302 jumping technology, using an IP as the destination, cannot directly support the action of the CND client.