Alibaba Cloud SSL Certificates Service supports different brands and types of certificates. This topic describes how to select and purchase an SSL certificate on Alibaba Cloud.
Procedure
What to do next
After you purchase an SSL certificate, you must apply for the certificate and submit the required materials. You can obtain the certificate only after your application is approved.
When you apply for a certificate, you must prepare the required materials, upload the electronic copies of the materials, and submit them for approval. For more information, see Required materials. After your application is approved, you can install the certificate on your web servers and Alibaba Cloud services.
Certificate selection reference
Certificate requirement | Optional certificate type | Optional brand | Domain name type and example | Number of protected domain names | Number of purchased certificates | Purchased duration | Purchase portal |
---|---|---|---|---|---|---|---|
One certificate is required to protect all subdomain names under a base domain name. | No limit | No limit | Wildcard Domain
Example: *.aliyun.com |
1 | 1 | One or two years | - |
One certificate is required to protect all subdomain names under a base domain name. | No limit | No limit | Wildcard Domain
Example: *.buy.aliyun.com |
1 | 1 | One or two years | - |
One certificate is required to protect one base domain name. | No limit | No limit | Single Domain
Example: www.buy.aliyun.com |
1 | 1 | One or two years | - |
One certificate is required to protect five or more domain names, including first-, second-, or lower-level domain names. | OV or EV | No limit | Multiple Domain
Examples:
|
5 | 1 | One or two years | - |
Professional OV and enhanced OV | The same brand must be selected for multiple certificates. | No limit. If you purchase multiple certificates, you must merge them into one certificate.
Example: |
No limit | No limit | No limit | - | |
Professional OV and enhanced EV | DigiCert | No limit. SSL certificates must support the ECC algorithm.
Example: |
No limit | No limit | No limit | - | |
Professional OV | GlobalSign | No limit. SSL certificates must support the ECC algorithm.
Example: |
No limit | No limit | No limit | Purchase link |
Brands of certificates supported by Alibaba Cloud
Certificate brand | Description | Additional information |
---|---|---|
DigiCert | DigiCert (former Symantec) is the largest CA and the most trusted SSL certificate brand across the industry. All DigiCert certificates use industry-leading encryption technologies to provide enhanced security solutions for different websites and servers. | None |
CFCA | China Financial Certification Authority (CFCA) is certified by WebTrust and complies with globally unified authentication standards. It is a member of CA/Browser Forum. Global Trust SSL Certificates are independently developed CFCA, the authoritative CA in China, and are fully recognized as Chinese approved certificates. CFCA provides 24/7 financial-level security services and a comprehensive risk insurance plan. CFCA provides the Certification Practice Statement (CPS) of the global trust system in Chinese to ensure that users can understand the rights and obligations of both parties. |
Note CFCA server certificates do not support Apple iOS 10.1 and earlier versions, or Android
6.0 and earlier versions.
|
GeoTrust | GeoTrust is the second-largest CA across the industry and also a leader in identity and trust authentication. GeoTrust uses a variety of advanced technologies to allow organizations and companies of all sizes to deploy SSL digital certificates at low costs for the authentication of various identities. | None |
GlobalSign | GlobalSign is one of the earliest CAs across the industry. It has been committed to network security authentication and digital certificate services. GlobalSign is a trusted CA and SSL digital certificate provider. | None |
Entrust | Entrust is a world-renowned CA that has established a trusted virtual environment. It allows users to conduct secure digital transactions and communication from all locations. Entrust provides trust services for websites, software developers, and individuals, including issuing SSL certificates that are used for website authentication and encryption. Among the Fortune Global 500 companies, more than 83% businesses use Entrust SSL certificates. | None |