ALIYUN::CAS::SslCertificate类型用于创建SSL证书。
语法
{
"Type": "ALIYUN::CAS::SslCertificate",
"Properties": {
"Domains": List,
"CompanyName": String,
"DomainType": String,
"Email": String,
"Csr": String,
"Username": String,
"ProductCode": String,
"Phone": String,
"CertType": String,
"CertBrand": String,
"ValidateType": String
}
}属性
属性名称 | 类型 | 必须 | 允许更新 | 描述 | 约束 |
CertBrand | String | 否 | 否 | SSL证书名称。 | 取值:
|
CertType | String | 否 | 否 | 证书类型。 | 取值:
|
CompanyName | String | 否 | 否 | 证书申请公司的名称。 | 无 |
Csr | String | 否 | 否 | 您使用OpenSSL或Keytool工具为域名手动生成的CSR文件的内容。 | CSR文件的密钥类型必须是RSA、ECC算法,且RSA算法的密钥长度必须大于等于2048。关于CSR文件的制作方法,请参见管理CSR。如果不设置该参数,表示由SSL证书服务自动为您创建CSR。 CSR(Certificate Signing Request)是证书签名请求文件,包含了您的服务器信息和公司信息。申请证书时需要将您证书的CSR文件提交给CA认证中心审核,CA中心 CSR文件进行根证书私钥签名后,会生成证书公钥文件(即签发给您的SSL证书)。 |
Domains | List | 否 | 否 | 绑定域名列表的证书。 | 最多支持指定5个域名。 |
DomainType | String | 否 | 否 | 域名类型。 | 取值:
|
String | 否 | 否 | 申请联系人的邮箱地址。 | 无 | |
Phone | String | 否 | 否 | 申请联系人的手机号码。 | 无 |
ProductCode | String | 否 | 否 | 要申请的证书规格。 | 取值:
|
Username | String | 否 | 否 | 申请联系人的姓名。 | 无 |
ValidateType | String | 否 | 否 | 域名所有权的验证方式。 | 取值:
|
返回值
Fn::GetAtt
CertificateId:证书ID。
OrderId:创建证书的订单ID。
示例
YAML格式
ROSTemplateFormatVersion: '2015-09-01'
Parameters:
Domains:
AssociationPropertyMetadata:
Parameter:
Type: String
Required: false
AssociationProperty: List[Parameter]
Type: Json
Description:
en: |-
The domain to bind the certificate to. The specific requirements are as follows:
- Supports single or wildcard domains (e.g., *.aliyundoc.com).
- Multiple domains are supported. You can set up to 5 domains.
- If you set more than one domain name, the multiple domains can only be single domain name or wildcard domain name, not both single domain name and wildcard domain name.
**Note:** This is required when the certificate is bound to more than one hostname. This parameter is not allowed to be empty at the same time as the Csr parameter. If you set both this parameter and the Csr parameter, take the CN field value in the Csr as the domain name for the certificate to bind to.
Required: false
MinLength: 1
MaxLength: 5
DomainType:
Type: String
Description:
en: |-
Domain type. Valid values: one, all, multiple.
**Note:** This parameter must be specified along with or without the CertType and CertBrand parameters.
AllowedValues:
- all
- one
- multiple
Required: false
CertType:
Type: String
Description:
en: |-
Certificate type. Valid values: DV, OV, EV.
**Note:** This parameter must be specified along with or without the DomainType and CertBrand parameters.
AllowedValues:
- DV
- OV
- EV
Required: false
CertBrand:
Type: String
Description:
en: |-
Certificate brand. Valid values: Rapid, Globalsign, vTrus, Wosign, Digicert, Digicert pro, Geotrust, CFCA.
**Note:** This parameter must be specified along with or without the CertType and DomainTyp parameters.
AllowedValues:
- Rapid
- Globalsign
- vTrus
- Wosign
- Digicert
- Digicert pro
- Geotrust
- CFCA
Required: false
Resources:
SslCertificate:
Type: ALIYUN::CAS::SslCertificate
Properties:
Domains:
Ref: Domains
DomainType:
Ref: DomainType
CertType:
Ref: CertType
CertBrand:
Ref: CertBrand
Outputs:
CertificateId:
Description: The ID of the certificate issued to you.
Value:
Fn::GetAtt:
- SslCertificate
- CertificateId
OrderId:
Description: The ID of the certificate order.
Value:
Fn::GetAtt:
- SslCertificate
- OrderId
JSON格式
{
"ROSTemplateFormatVersion": "2015-09-01",
"Parameters": {
"Domains": {
"AssociationPropertyMetadata": {
"Parameter": {
"Type": "String",
"Required": false
}
},
"AssociationProperty": "List[Parameter]",
"Type": "Json",
"Description": {
"en": "The domain to bind the certificate to. The specific requirements are as follows:\n- Supports single or wildcard domains (e.g., *.aliyundoc.com).\n- Multiple domains are supported. You can set up to 5 domains.\n- If you set more than one domain name, the multiple domains can only be single domain name or wildcard domain name, not both single domain name and wildcard domain name.\n**Note:** This is required when the certificate is bound to more than one hostname. This parameter is not allowed to be empty at the same time as the Csr parameter. If you set both this parameter and the Csr parameter, take the CN field value in the Csr as the domain name for the certificate to bind to."
},
"Required": false,
"MinLength": 1,
"MaxLength": 5
},
"DomainType": {
"Type": "String",
"Description": {
"en": "Domain type. Valid values: one, all, multiple.\n**Note:** This parameter must be specified along with or without the CertType and CertBrand parameters."
},
"AllowedValues": [
"all",
"one",
"multiple"
],
"Required": false
},
"CertType": {
"Type": "String",
"Description": {
"en": "Certificate type. Valid values: DV, OV, EV.\n**Note:** This parameter must be specified along with or without the DomainType and CertBrand parameters."
},
"AllowedValues": [
"DV",
"OV",
"EV"
],
"Required": false
},
"CertBrand": {
"Type": "String",
"Description": {
"en": "Certificate brand. Valid values: Rapid, Globalsign, vTrus, Wosign, Digicert, Digicert pro, Geotrust, CFCA.\n**Note:** This parameter must be specified along with or without the CertType and DomainTyp parameters."
},
"AllowedValues": [
"Rapid",
"Globalsign",
"vTrus",
"Wosign",
"Digicert",
"Digicert pro",
"Geotrust",
"CFCA"
],
"Required": false
}
},
"Resources": {
"SslCertificate": {
"Type": "ALIYUN::CAS::SslCertificate",
"Properties": {
"Domains": {
"Ref": "Domains"
},
"DomainType": {
"Ref": "DomainType"
},
"CertType": {
"Ref": "CertType"
},
"CertBrand": {
"Ref": "CertBrand"
}
}
}
},
"Outputs": {
"CertificateId": {
"Description": "The ID of the certificate issued to you.",
"Value": {
"Fn::GetAtt": [
"SslCertificate",
"CertificateId"
]
}
},
"OrderId": {
"Description": "The ID of the certificate order.",
"Value": {
"Fn::GetAtt": [
"SslCertificate",
"OrderId"
]
}
}
}
}