When you configure a certificate for HTTPS, you must use the Certificate Signing Request (CSR) file to apply for an SSL certificate from a certificate authority (CA). This topic describes how to create a CSR file.

Background information

The following description compares two methods for uploading custom certificates to Alibaba Cloud CDN:
  • Upload a certificate only

    You can create a private key and a CSR file in the CDN console, and use the CSR file to apply for a certificate from a CA. After the application is approved, upload the certificate to Alibaba Cloud CDN. If you use this method, your private key file will not be exposed to environments outside Alibaba Cloud CDN. This method is more secure than the other method.

  • Upload a certificate and the private key

    You must obtain the certificate and the private key file from a CA and then upload the certificate and the private key file to Alibaba Cloud CDN.


  1. Log on to the Alibaba Cloud CDN console.
  2. On the Certificates page, click CSR Generator.
  3. On the CSR Generator page, enter the required information.
    Parameter Description Example
    Country Enter the code of the country where your organization resides. For more information, see Country codes for CSR creation. CN
    Province/State/Region Enter the name of the province, state, or region where your organization resides. Chinese Pinyin is supported. Zhejiang
    City Enter the name of the city where the organization resides. Chinese Pinyin is supported. Hangzhou
    Organization Enter the name of your organization. Chinese Pinyin is supported. Alibaba Inc.
    Organization Unit Enter the name of your department. Chinese Pinyin is supported. IT Department
    Email Enter your email address. 1234567@qq.com
    Common Name Enter the primary domain name used to apply for the SSL certificate. aliyun.com
    SANs This parameter is required if you want to apply for the same SSL certificate for more than one domain name. Separate multiple domain names with commas (,). a.com,b.com,c.com
    Create a CSR
  4. Click Generate CSR.
    CSR Create
  5. Click Download to save the created CSR file to your local PC.