(Optional) Step 1: Set up HTTPS protection - Anti-DDoS Pro Service| Alibaba Cloud Documentation Center

HTTPS website protection only supports TCP 443 port. If your web service needs to run on other ports such as 4433, select layer four port (non-website access) protection.

Procedure

Log on to the Anti-DDoS Pro console.
Go to Access > Web Service, and then click Add Domain to add the HTTPS website domain that you want to protect.
Input Domain Name and Origin site domain or Origin site IP address accordingly.
For HTTPS protection, select https for the Protocol option, and Port 443 will be automatically added to Origin site port.
Click Next, and then select Anti-DDos Pro instances and ISP lines for the domain.
Click OK. A new domain entry will be added.
Click Upload under the HTTP/S column to enter the Upload certificate and private key page.

Copy and paste the certificate and private key information, and click Upload.

General certificates, such as *.pem, *.cer, and *.crt certificates, can be opened in text editor tools. For other special certificate formats (for example, *.pfx, and *.p7b), you have to convert the certificate to *.pem format in advance.

Note If multiple certificate files (for example, certificate chain file) involved, you can combine the certificate information first and upload the certificate information.

Certificate file sample:

Private key sample:

Click OK to complete the certificate upload.

Note Up to five HTTPS forwarding rules can be added. This includes configuring both HTTP and HTTPS in one forwarding rule.