If your want to use your user domain name to access OSS services through the HTTPS protocol, you must purchase a digital certificate. You can purchase certificate services from any certificate authority (CA) or purchase a certificate from Alibaba Cloud SSL Certificates Service and host your certificate on OSS.

Procedure

  • Alibaba Cloud CDN is not enabled

    After you Attach a custom domain name, follow these steps to host your certificate in the OSS console.

    1. Log on to the OSS console. In the left-side bucket list, click the bucket attached with the host name that you want to host your certificate.
    2. Click the Domain Names tab.
    3. Click Upload Certificate on the right of the domain name that you want to host your certificate.
    4. On the Upload Certificate page, enter the public key and private key in your certificate, and then click Upload.

      Note You can select Show PEM Encoding Example to view public key and private key examples. For more information about the certificate format, see Certificate format.
  • Alibaba Cloud CDN is enabled

    After you Attach a CDN acceleration domain name, you can manage HTTPS certificates in the CDN console.

    1. Log on to the CDN console.
    2. Click Domain Names. Select the domain name that you want to host your certificate and click Manage.
    3. Click HTTPS configuration > Modify.

    4. In the HTTPS Settings dialog box, enable HTTPS HTTPS Secure .
    5. Select a certificate. You can select the following certificate types: Alicloud CertCustom, and Free Cert. Only the PEM certificate format is supported.

      • Alicloud Cert: Select your SSL certificate.
      • Custom: You must upload the certificate and the private key after configuring the certificate name. The uploaded certificate is stored in Alibaba Cloud SSL Certificates Service. You can view the certificate in SSL Certificates.
      • You can also select a free certificate, that is, a free Digicert DV SSL certificate provided by Alibaba Cloud. However, a free CDN certificate only applies to the HTTPS Secure Acceleration service of CDN. Therefore, you cannot configure a free certificate in the Alibaba Cloud SSL Certificates console and cannot view the public key and the private key of a free certificate. A free certificate takes up to 10 minutes to take effect.
    6. A purchased certificate takes about one hour to take effect. After the certificate takes effect, you can access OSS resources through the HTTPS protocol. If a green HTTPS mark is displayed, it indicates that the HTTPS Secure Acceleration service has taken effect.