All Products
Search

This Product

    CDN:Configure an SSL certificate for multiple domain names

    Document Center

    CDN:Configure an SSL certificate for multiple domain names

    Last Updated:Jan 07, 2025

    Alibaba Cloud CDN supports HTTPS secure acceleration to encrypt requests between clients and points of presence (POPs). If your SSL certificate is purchased from Certificate Management Service, you can deploy the certificate for multiple domain names in Alibaba Cloud CDN to enable HTTPS secure acceleration.

    Limits

    • You can deploy a certificate purchased from Alibaba Cloud Certificate Management Service for multiple domain names in the Alibaba Cloud CDN console.

    • You can configure a certificate that is issued by a third-party certificate authority (CA) for only one domain name at a time. For more information, see Configure an SSL certificate.

    Configure or renew an SSL certificate

    Important

    HTTPS secure acceleration is a value-added service. After you enable HTTPS, you are charged based on the number of HTTPS requests. You cannot use data transfer plans to offset the fees. For more information about the pricing of HTTPS secure acceleration, see Billing of HTTPS requests for static content.

    1. Log on to the Alibaba Cloud CDN console.

    2. In the left-side navigation pane, click HTTPS Center.

    3. On the Certificate Center page, click Add Certificate.

    4. Select a certificate.

      1. On the Add Certificate page, configure the parameters. The following table describes the parameters.

        Parameter

        Description

        Certificate Source

        Only SSL Certificates Service is supported. You can select only certificates purchased from Certificate Management Service.

        Certificate Name

        Select a purchased certificate.

        Certificate (Public Key)

        The PEM-encoded public key. For certificates purchased from Certificate Management Service, the PEM-encoded public key is automatically obtained by the system.

        Private Key

        The PEM-encoded private key. For certificates purchased from Certificate Management Service, the PEM-encoded private key is automatically obtained by the system.

      2. Click Next.

    5. Associate one or more domain names with the certificate.

      Important

      • If a selected domain name is already associated with a certificate, the existing certificate will be replaced by the selected certificate in this step.

      • If you set Certificate Source to SSL Certificates Service, you can renew or deploy the specified certificate for multiple domain names at a time.

      image.png

    6. Click OK to deploy or update the certificate.

    7. Optional. Configure POPs to redirect requests to origin servers over HTTPS if you want to enable end-to-end HTTPS encryption. Make sure that the origin servers support HTTPS. For more information, see Configure the origin protocol policy.

    Check whether HTTPS takes effect

    After you upload an SSL certificate, the certificate takes effect within 1 minute. To check whether the SSL certificate takes effect, you can send HTTPS requests to access resources. If the URL is displayed with a lock icon in the address bar of the browser, HTTPS secure acceleration is working as expected.验证结果

    View the configured SSL certificate

    Log on to the Alibaba Cloud CDN console. In the left-side navigation pane, choose HTTPS Center. On the Certificate Center page, click the certificate that you configured for the domain name.

    You can view the information about the SSL certificate configured for the domain name. However, you cannot view the private key. Keep the certificate information confidential.

    FAQ

    Related API operations

    API operation

    Description

    CreateCdnCertificateSigningRequest

    Creates a certificate signing request (CSR).

    DescribeDomainCertificateInfo

    Queries the certificate information about an accelerated domain name.

    SetCdnDomainSSLCertificate

    Enables or disables the certificate of a domain name, and modifies the certificate information.

    SetCdnDomainCSRCertificate

    Configures an SSL certificate for a specified domain name.

    DescribeCdnDomainByCertificate

    Queries accelerated domain names by SSL certificate.

    DescribeCdnCertificateDetail

    Queries the detailed information about an SSL certificate.

    DescribeCdnCertificateList

    Queries information about certificates.

    DescribeCertificateInfoByID

    Queries the information about a specified SSL certificate.

    DescribeCdnHttpsDomainList

    Queries the information about the SSL certificates within your Alibaba Cloud account.

    DescribeUserCertificateExpireCount

    Queries the number of domain names whose SSL certificates are about to expire or have already expired.

    SetCdnDomainSMCertificate

    Enables or disables a ShangMi (SM) certificate for a domain name.

    DescribeCdnSMCertificateList

    Queries the SM certificates of an accelerated domain name.

    DescribeCdnSMCertificateDetail

    Queries the details about an SM certificate.