This topic describes how to add an additional certificate to a listener of an SLB instance.

Procedure

  1. Log on to the CLB console.
  2. In the left-side navigation pane, choose Instances > Instances.
  3. On the Instances page, find the SLB instance to which you want to add an additional certificate and click its instance ID.
  4. On the page that appears, click the Listener tab. On the Listener tab, find the HTTPS listener you create, and choose More > Manage Additional Certificate in the Actions column.
  5. In the Manage Additional Certificate panel, click Add Additional Certificate.
    1. Enter a domain name. A domain can contain only letters, digits, hyphens (-), and periods (.), and must start with a letter or a digit.
      Domain name-based forwarding rules include exact matching and wildcard matching.
      • Exact domain name: www.aliyun.com
      • Wildcard domain name: *.aliyun.com and *.market.aliyun.com

        When a request matches multiple forwarding rules, exact matching prevails over exact wildcard matching, and exact wildcard matching prevails over less exact wildcard matching. The following table describes the priority of domain name-based forwarding rules.

        Mode Request URL Domain name-based forwarding rule
        www.aliyun.com *.aliyun.com *.market.aliyun.com
        Exact matching www.aliyun.com × ×
        Exact wildcard matching market.aliyun.com × ×
        Less exact wildcard matching info.market.aliyun.com × ×
    2. Select the certificate associated with the domain name.
      Note
      • The domain name in the certificate must be the same as the added additional certificate.
      • If you configure a wildcard certificate, only the first wildcard certificate can be automatically matched.
    3. Click OK.
      An additional certificate takes effect only when it is configured with a forwarding rule and the domain name specified in the rule is the same as that in the additional certificate.
  6. Optional:Perform the following steps, configure forwarding rules.
    1. Click Configure Rule in the Information dialog box, or go to the Listener tab of the instance.
    2. Find the HTTPS listener, and click Add Forwarding Rules in the corresponding Actions column.
    3. In the Add Forwarding Rules panel, click Add Forwarding Rules.
    4. Configure forwarding rules.
      For more information, see Forward requests based on domain names or URLs.
      Note Make sure that the domain name configured in the forwarding rule is the same as the added additional certificate.