SetDomainServerCertificate - CDN - Alibaba Cloud Documentation Center

This API is deprecated. You are advised to use Cdn(2018-05-10) - SetCdnDomainSSLCertificate.

Configures an SSL certificate for an accelerated domain name.

Operation description

You can call this operation up to 10 times per second per user.
Method: POST.

Debugging

OpenAPI Explorer automatically calculates the signature value. For your convenience, we recommend that you call this operation in OpenAPI Explorer.

Debug

Authorization information

The following table shows the authorization information corresponding to the API. The authorization information can be used in the Action policy element to grant a RAM user or RAM role the permissions to call this API operation. Description:

Operation: the value that you can use in the Action element to specify the operation on a resource.
Access level: the access level of each operation. The levels are read, write, and list.
Resource type: the type of the resource on which you can authorize the RAM user or the RAM role to perform the operation. Take note of the following items:
- The required resource types are displayed in bold characters.
- If the permissions cannot be granted at the resource level, All Resources is used in the Resource type column of the operation.
Condition Key: the condition key that is defined by the cloud service.
Associated operation: other operations that the RAM user or the RAM role must have permissions to perform to complete the operation. To complete the operation, the RAM user or the RAM role must have the permissions to perform the associated operations.

Operation	Access level	Resource type	Condition key	Associated operation
cdn:SetDomainServerCertificate	WRITE	Domain acs:cdn::{#accountId}:domain/	none	none

Request parameters

Parameter	Type	Required	Description	Example
DomainName	string	Yes	The accelerated domain name for which you want to configure the SSL certificate. The type of request supported by the domain name must be HTTPS. You can specify one domain name in each call.	example.com
CertName	string	No	The name of the SSL certificate. You can specify only one name.	myCert1
CertType	string	No	The type of the certificate. Valid values: upload: a user-uploaded SSL certificate. cas: a certificate that is purchased from Alibaba Cloud SSL Certificates Service. Note If this parameter is set to cas, the PrivateKey parameter is optional.	cas
ServerCertificateStatus	string	Yes	Specifies whether to enable the SSL certificate. Default value: off. Valid values: on : enables the SSL certificate. off: disables the SSL certificate.	on
ServerCertificate	string	No	The content of the SSL certificate. Specify the content of the SSL certificate only if you want to enable the SSL certificate. You can use one of the following methods to obtain the content of the SSL certificate: Method 1: Call the DescribeDomainCertificateInfo API operation to query the information about the SSL certificate corresponding to the accelerated domain name and obtain the public key of the ServerCertificate certificate from the returned data. Method 2: Call the DescribeCdnCertificateList API operation to query the SSL certificate list corresponding to the accelerated domain name, and obtain the value of CertName from the returned data. Then, Call the DescribeCdnCertificateDetail API operation with CertName as a parameter to obtain the details about the certificate, and obtain the public key of the Cert certificate from the returned data.	----BEGIN CERTIFICATE----- MIIFz****-----END CERTIFICATE-----
PrivateKey	string	No	The private key. Specify the private key only if you want to enable the SSL certificate.	----BEGIN RSA PRIVATE KEY-----QswCQ****----END RSA PRIVATE KEY-----
ForceSet	string	No	Specifies whether to check the certificate name for duplicates. If you set the value to 1, the system does not perform the check and overwrites the information about the existing certificate that uses the same name.	1

Response parameters

Parameter	Type	Description	Example
	object
RequestId	string	The ID of the request.	16A96B9A-F203-4EC5-8E43-CB92E68F4CD8

Examples

Sample success responses

JSONformat

{
  "RequestId": "16A96B9A-F203-4EC5-8E43-CB92E68F4CD8"
}

Error codes

HTTP status code	Error code	Error message	Description
400	InvalidServerCertificateStatus.ValueNotSupported	The specified ServerCertificateStatus is invalid.	-
400	SSLPub.MissingParameter	The SSLPub parameter is required.	-
400	SSLPri.MissingParameter	The SSLPri parameter is required.	-
400	InvalidSSLPub	The specified SSLPub is invalid.	-
400	InvalidSSLPri	The specified SSLPri is invalid.	-
400	Certificate.MissMatch	The SSLPri does not match the certificate.	-
400	InvalidCertificate.TooLong	The Certificate you provided is over the max length	Certificate and private key length exceeds the limit
400	InvalidCertName.TooLong	The length of the certificate name cannot exceed 128 characters.	-
400	IllegalOperationDomain	You are not authorized to operate the domain.	You are not authorized to manage the domain name.
400	AuthenticationFailed	Error performing verification.	-
400	SetDomainCertificate.ParameterError	The specified parameters are invalid.	The specified parameter is invalid.
400	Certificate.StatusError	The status of the certificate is invalid.	-
400	DeleteFailed	Error deleting the certificate.	-
400	Certificate.NotFind	The certificate does not exist.	-
400	Certificate.Duplicated	The certificate name already exists.	-
400	Certificate.FormatError	The format of the certificate is invalid.	The specified certificate is invalid.
400	Certificate.StatusError	The certificate does not exist, or the status of the certificate is invalid.	-
400	Certificate.KeyNull	The private key is required.	-
400	Key.Malformed	The specified Key format is invalid.	-
400	CertStorage.failed	Error saving the certificate.	-
400	CertificateContent.Duplicated	The certificate has been uploaded,do not upload again.	-
400	Certificate.Expired	The certificate has expired.	-
400	InvalidDomain.notOnline	The domain is offline. Check the status of the domain and try again later.	-
400	Decode.Error	Error decoding the SSLPub or SSLPri certificate.	-
400	sslPub.Error	Error encoding SSLPub.	-
400	sslPri.Error	Error encoding SSLPri.	-
400	DomainInSafeMode	The domain is in safe mode. To request permission, contact Customer Service.	-
400	Certificate.NotPermittedOff	Turn off certificate will change domain scheduling, please contact customer service	-
400	Certificate.SettedNotEffect	Certificate was successfully setted but does not take effect for protecting current service, please contact customer service	-
400	Certificate.NotFind	Not find the certificate info.	The specified certificate does not exist.
400	InvalidSSLPubOrInvalidSSLPri	The SSLPri or SSLPub you provided is malformed.	-
400	InvalidSSLPub	The SSLPub you provided is malformed.	-
400	InvalidSSLPri	The SSLPri you provided is malformed.	-
400	Certificate.MissMatch	The certificate is not match the private key.	The certificate and private key do not match.
403	DomainInProtectedMode	The domain is in protection mode. To request permission, contact Customer Service.	-
404	CertName.MissingParameter	The CertName parameter is required.	-

For a list of error codes, visit the Service error codes.

Change history

Change time

Summary of changes

Operation

2023-07-17

The API operation is deprecated. The Error code has changed

see changesets

Change item	Change content
API Deprecation Description	The API operation is deprecated.
Error Codes	The Error code has changed.
	delete Error Codes: 400
	delete Error Codes: 403
	delete Error Codes: 404

2023-03-22

The Error code has changed

see changesets

Change item	Change content
Error Codes	The Error code has changed.
	delete Error Codes: 400
	delete Error Codes: 403
	delete Error Codes: 404