To use Anti-DDoS Pro or Anti-DDoS Premium to scrub traffic transmitted over HTTPS, you must select HTTPS when you add the website and upload the required SSL certificate. If the uploaded SSL certificate changes, you must update the certificate in the Anti-DDoS Pro or Anti-DDoS Premium console.

Prerequisites

  • A website is added to Anti-DDoS Pro or Anti-DDoS Premium, and the website supports the HTTPS protocol. For more information, see Add a website.
  • The certificate file of the website is prepared.
    If you have uploaded the certificate file to Alibaba Cloud SSL Certificates, you can select the certificate. Otherwise, you must upload your own certificate and private key file. In most cases, the following files are required:
    • The public key file in CRT format or the certificate file in PEM format.
    • The private key file in the KEY format.

Procedure

  1. Log on to the Anti-DDoS Pro console.
  2. In the top navigation bar, select the region of your Anti-DDoS instance.
    • Mainland China: Anti-DDoS Pro
    • Outside Mainland China: Anti-DDoS Premium
  3. In the left-side navigation pane, choose Provisioning > Website Config.
  4. On the Website Config page, find the domain name for which you want to upload a certificate and click the upload icon in the Certificate Status column.Certificate status
  5. In the Upload SSL Certificate and Private Key dialog box, select an Upload Method and set other parameters. You can use one of the following methods to upload your certificate:
    • Select Existing Certificates (recommended)
      If you have uploaded the certificate to Alibaba Cloud SSL Certificates, select the certificate and upload it to Anti-DDoS Pro or Anti-DDoS Premium.Select Existing Certificates

      If you have not uploaded the certificate to Alibaba Cloud SSL Certificates, click Go to the SSL Certificate console to upload your certificate. For more information about how to upload certificates to Alibaba Cloud SSL Certificates, see Upload certificates.

    • Manual Upload
      Specify Certificate Name, and copy the content in the certificate file to the Certificate File field and the private key file to the Private Key field.Manual Upload
      Note
      • You can use a text editor to open the files in PEM, CER, or CRT format and copy the file content. You must convert the files in uncommon formats, such as PFX and P7B, into the PEM format and use a text editor to open the files and copy the file content. For information about how to convert the format of a certificate file, see How to convert an HTTPS certificate to the PEM format.
      • If the SSL certificate includes multiple certificate files, such as a certificate chain, you must concatenate the content of these certificate files in the certificate chain and copy the concatenated content to the Certificate File field.
      Certificate file example 
      -----BEGIN CERTIFICATE----- 
xxxxxxxxxxxxvs6MTXcJSfN9Z7rZ9fmxWr2BFN2XbahgnsSXM48ixZJ4krc+1M+j2kcubVpsE2cgHdj4v8H6jUz9Ji4mr7vMNS6dXv8PUkl/qoDeNGCNdyTS5NIL5ir+g92cL8IGOkjgvhlqt9vc65Cgb4mL+n5+DV9uOyTZTW/MojmlgfUekC2xiXa54nxJf17Y1TADGSbyJbsC0Q9nIrHsPl8YKkvRWvIAqYxXZ7wRwWWmv4TMxFhWRiNY7yZIo2ZUhl02SIDNggIEeg==
-----END CERTIFICATE-----
      Private key file example 
      -----BEGIN RSA PRIVATE KEY-----
xxxxxxxxxxxxtZ3UKHJTRgNQmioPQn2bqdKHop+B/dn/4VZL7Jt8zSDGM9sTMThLyvsmLQKBgQCr+ujntC1kN6pGBj2Fw2l/EA/W3rYEce2tyhjgmG7rZ+A/jVE9fld5sQra6ZdwBcQJaiygoIYoaMF2EjRwc0qwHaluq0C15f6ujSoHh2e+D5zdmkTg/3NKNjqNv6xA2gYpinVDzFdZ9Zujxvuh9o4Vqf0YF8bv5UK5G04RtKadOw==
-----END RSA PRIVATE KEY-----
  6. Click OK.

Result

After the certificate is uploaded, the certificate status becomes Updated.