To use a custom domain name to access OSS resources over HTTPS, you must purchase an SSL certificate. You can purchase an SSL certificate from any certificate authority (CA) or from Alibaba Cloud SSL Certificates Service and host your certificate in OSS.

Upload an SSL certificate for a custom domain name

After you Bind a custom domain name, follow these steps to upload your SSL certificate through the OSS console.

  1. Log on to the OSS console.
  2. In the left-side navigation pane, click a bucket name to which you want to upload your SSL certificate.
  3. Click the Domain Names tab. On the Domain Names tab that appears, click Upload Certificate in the Actions column corresponding to the domain name for which you want to upload an SSL certificate.
  4. In the Upload Certificate dialog box that appears, enter the public key and private key used in your certificate.
    Note You can select Show PEM Encoding Example to view examples of the public keys and private keys. For more information about the certificate format, see Overview of certificate formats.
  5. Click Upload.

Upload an SSL certificate for a CDN domain

After you Bind a CDN domain, you can manage SSL certificates through the Alibaba Cloud CDN console.

  1. Log on to the Alibaba Cloud CDN console.
  2. In the left-side navigation pane, click Domain Names. On the page that appears, click Manage in the Actions column corresponding to a domain name.
  3. In the left-side navigation pane, choose HTTPS > Modify.
  4. In the Modify HTTPS Settings dialog box that appears, turn on HTTPS Secure Acceleration.
  5. Select a Certificate Type.

    You can select Alibaba Cloud Certificate, Custom, or Free Certificate. Your certificate files must be in PEM format.

    • Alibaba Cloud Certificate: Select your SSL certificate.
    • Custom: You must set the certificate name, and then upload the certificate content and private key. The uploaded certificate is stored in Alibaba Cloud SSL Certificates Service. You can view the certificate in the SSL Certificates Service console.
    • Free Certificate: Use the free Digicert DV SSL certificate provided by Alibaba Cloud. Free certificates are used only for the HTTPS Secure Acceleration service of CDN. Therefore, you cannot manage free certificates or view their public and private keys in the Alibaba Cloud Security console. A free certificate takes effect after about 10 minutes.
  6. Click OK.

    A purchased certificate takes effect after about one hour. You can access OSS resources over HTTPS. If https is displayed in green in the address bar of the browser, the SSL certificate is effective.