Parameter | Description |
Certificate Type | Select the type of the domain names that you want to bind to the certificate. Valid values: Single Domain: You can bind a primary domain name, a subdomain, or a public IPv4 address to a certificate. Examples: aliyundoc.com and 1.1.X.X. Note For example, if you bind a first-level domain name, such as aliyundoc.com, to a certificate, the certificate is also applied to www.aliyundoc.com free of charge. If you bind www.aliyundoc.com to a certificate, the certificate is also applied to aliyundoc.com free of charge. This rule does not apply to Alibaba Cloud certificates. You can bind IP addresses only to GlobalSign single-domain organization validated (OV) certificates.
Wildcard Domain: If you have multiple servers that host subdomains at the same level, you need to only purchase and install one wildcard certificate. The following list describes the matching rules of a wildcard domain name: Only subdomains at the same level can be matched. For example, if you bind *.aliyundoc.com to a certificate, subdomains such as demo.aliyundoc.com and learn.aliyundoc.com are matched. Subdomains such as guide.demo.aliyundoc.com and developer.demo.aliyundoc.com are not matched. If the primary domain name of a wildcard domain name bound to a certificate is a first-level domain name, the certificate is also applied to the primary domain name free of charge. This rule does not apply to Alibaba Cloud certificates. For example, if you apply for a certificate and bind *.aliyundoc.com to the certificate, the certificate is also applied to aliyundoc.com free of charge. If you apply for a certificate and bind *.demo.aliyundoc.com to the certificate, the certificate is not applied to demo.aliyundoc.com or aliyundoc.com free of charge. When you apply for a wildcard certificate, you can bind only one wildcard domain name to the certificate. If you want to bind multiple wildcard domain names to a certificate, you can combine multiple certificates of the same brand and type to generate a multi-domain wildcard certificate. For more information, see Combine certificates.
Multiple Domains: You can bind up to five single domain names to a certificate.
|
Brand | Select a certificate brand. When you select a certificate brand, consider the certificate type, signature algorithm type, key length, domain name type, price, and your business requirements. If you cannot select a certificate brand based on the preceding factors, visit the Certificate Management Service product page to obtain technical support. Valid values: DigiCert: DigiCert (formerly known as Symantec) is a well-known and trusted SSL certificate brand in the industry. All DigiCert certificates use prominent encryption technologies to provide enhanced security solutions for different websites and servers. Alibaba Cloud: Alibaba Cloud certificates are more cost-effective than other certificate brands. GlobalSign: GlobalSign is an early certificate authority (CA) in the industry. GlobalSign is a trusted CA and SSL certificate provider committed to network security authentication and digital certificate services.
Important If you apply for a DigiCert certificate, you cannot enter domain names that are suffixed with special words such as .edu , .gov , .org , .jp , .pay , .bank , .live , .nuclear , or .ru . This limit does not apply to GlobalSign certificates. For more information, see Select an SSL certificate. |
Certificate Specifications | Select a certificate type. Alibaba Cloud supports domain validated (DV), OV, and extended validation (EV) certificates. Different types of certificates provide different levels of security and authentication strengths, support different certificate brands, and are suitable for different types of websites. The following list describes the usage scenarios of the three types of certificates. For more information about the differences among the certificate types, see Select a certificate based on authentication strength and security. DV SSL: DV certificates, which are suitable for personal websites used for app services, information display, enterprise testing, and personal testing. OV SSL: OV certificates, which are suitable for websites used by public service sectors, small- and medium-sized enterprises, and educational institutions. Certificates of the OV_PRO SSL type use enhanced encryption algorithms. EV SSL: EV certificates, which are suitable for high-privacy websites that involve transactions, payments, and privacy data, including websites used by large-sized enterprises, financial institutions and e-commerce platforms. Certificates of the EV_PRO SSL type use enhanced encryption algorithms.
|
Domain Names | Select the number of domain names that you want to bind to a certificate. This parameter is required only if you set the Certificate Type parameter to Multiple Domains. |
Quantity | Specify the number of certificates that you want to purchase. The value is 1 by default and cannot be changed. |
Service Duration | Select the validity period of the certificate service. Valid values: 1 Year: The certificate service is valid for one year. The service provides one certificate, which is valid for one year by default. After a certificate expires, you must place an order to purchase a new certificate. 2 Years: The certificate service is valid for two years. The certificate service provides two certificates that are valid for one year and a hosting quota of 1. For more information, see Introduction to the certificate hosting feature. 3 Years: The certificate service is valid for three years. The certificate service provides three certificates that are valid for one year and a hosting quota of 2.
|