This topic describes how to mount multiple certificates to a Classic Load Balancer (CLB) instance by using an HTTPS listener. This way, you can forward access requests from different domain names to an application instance group in Serverless App Engine (SAE).
Prerequisites
- The following domain names are purchased: Domain Name 1 and Domain Name 2. For more information, see Register a domain name on Alibaba Cloud.
- The following SSL certificates are uploaded to Certificate Management Service: Certificate 1 and Certificate 2. For more information, see Use a certificate from Alibaba Cloud SSL Certificates Service.
- A CLB instance is created. For more information, see Create and manage a CLB instance.
- An SAE application is created. For more information, see Create an application.
Background information
You can configure a forwarding policy to forward access requests from Domain Name 1 and Domain Name 2 to the same instance group of the SAE application.
Step 1: Configure gateway routing in the SAE console
Log on to the SAE console.
In the left-side navigation pane, click Namespaces. In the top navigation bar, select a region. Then, click the name of a namespace.
- In the left-side navigation pane, click Gateway Routing. On the Gateway Routing page, click Create.
- In the Create Routing Rule panel, configure the parameters.
- In the Configure Gateway Ingress step, configure the parameters and click Next. The following table describes the parameters.
Parameter Description Name The name of the routing rule. Gateway Type Select Internet. SLB Instance Type Select CLB. CLB Instance This parameter is required if you set the SLB Instance Type to CLB. Select the CLB instance that you created. Note The number of CLB instances that are displayed are the same as the number of CLB instances in the CLB console. For information about the limits of CLB, see Limits of CLB.Protocol Type Select https. SSL Certificate This parameter is required if you set the Protocol Type parameter to https. In this example, Certificate 1 is associated. Port The listening port that receives requests and forwards requests to backend services or applications. Valid values: 1 to 65535. Example: 8080. Important- The ports to which a CLB instance listens must be unique.
- You cannot specify the same port for a CLB instance in different gateway routing rules.
- In the Configure Forwarding Policy step, configure the parameters and click OK.
Parameter Description Custom Forwarding Policy - Domain Name: Enter your domain names. In this example, the following domain names are used:
- Domain Name 1:
www.example.com
- Domain Name 2:
www.example.org
- Domain Name 1:
- Path: You do not need to configure this parameter.
- Backend Application: the application that receives requests. The backend application must reside in the same namespace as the application from which requests are forwarded.
- Container Port: the port of the container that is used to access the backend application. Example: 8080.
Default Forwarding Policy - Backend Application: the backend application that receives requests.
- Container Port: the port of the container that is used to access the backend application. Example: 8080.
Important If you do not configure a custom forwarding policy, SAE uses the default forwarding policy. If you do not configure a default forwarding policy, an access error occurs. - Domain Name: Enter your domain names. In this example, the following domain names are used:
After you create a routing rule, you can view the rule on the Gateway Routing page. - In the Configure Gateway Ingress step, configure the parameters and click Next. The following table describes the parameters.
Step 2: Add an additional domain name in the CLB console
- Log on to the CLB console.
- On the Instances page, select the required region in the top navigation bar and click the ID of the CLB instance.
- On the Listener tab, find the listener, click the icon in the Actions column, and then select Manage Additional Certificate.
- In the Manage Additional Certificate panel, click Add Additional Certificate, configure the parameters, and then click OK. The following table describes the parameters.
Parameter Description Additional Certificate Enter the domain name that you purchased. Server Certificate Select the certificate that is associated with the domain name. In this example, Certificate 2 is selected. Note The domain name of the certificate must be the same as that of the additional domain name.You can view additional domain names in the Additional Certificates section.
Verify the result
Copy the URL that contains the specified domain name, enter the URL in the address bar of your browser, and then press the Enter key to go to the homepage of the corresponding application.
- Domain Name 1:
https://example.com
- Domain Name 2:
https://example.org