We are phasing out support for domain fronting on traffic that passes through our CDN. As part of this change, all incoming connections to the following endpoints must include a valid Server Name Indication (SNI) during TLS negotiation:
During this two-hour brownout test window, any request that does not include a valid SNI will be rejected with an HTTP 421 (Misdirected Request) response code.
We've already worked with impacted customers and currently observe only trace levels of non-compliant traffic, primarily from automated sources such as bots and crawlers. However, we recommend all customers monitor their services during this time, especially if you use a proxy between your applications and LaunchDarkly.
What to Do If You See Issues
If you encounter a 421 response for what you believe is a valid request:
1. Check SNI Configuration: Ensure your tools, libraries, or proxies are correctly configured to include SNI during TLS handshakes. 2. Contact Support: If the issue persists, reach out to our support team. Please include details such as: * The endpoint being accessed * The tools, SDKs, libraries, or proxies involved * Logs or error messages, if available
Posted Jul 09, 2025 - 15:29 PDT
This scheduled maintenance affects: Flag Delivery Network (core functionality) (Polling API).