All Products
Search

This Product

    API Gateway:Create a domain name

    Document Center

    API Gateway:Create a domain name

    Last Updated:Jan 25, 2025

    Cloud-native API Gateway supports multi-domain name management that allows you to manage protocols, certificates, and route configurations of different domain names. For example, if you associate the *.hello.com wildcard domain name with a Cloud-native API Gateway instance, you access the Cloud-native API Gateway instance by using domain names that match the wildcard domain name, such as 1.hello.com and 2.hello.com.

    Prerequisites

    An Internet Content Provider (ICP) number is obtained for the domain name.

    Note

    If you want to associate independent domain names with Cloud-native API Gateway instances in a region in the Chinese mainland, you must apply for ICP numbers in the Alibaba Cloud ICP Filing system or add Alibaba Cloud as a service provider to the ICP filing information of the domain names. If you want to associate independent domain names with Cloud-native API Gateway instances in a region outside the Chinese mainland, ICP numbers are not required.

    Procedure

    1. Log on to the Cloud-native API Gateway console.

    2. In the left-side navigation pane, click Domain Name. In the top navigation bar, select a region.

    3. Click Add Domain Name. In the Add Domain Name panel, configure the parameters and click OK. The following table describes the parameters.

      image

      Parameter

      Description

      Domain Name

      Enter a specific domain name, such as hello.com, or a wildcard domain name, such as *.hello.com. You can independently manage the protocols and certificates of the domain name. Route configurations are isolated based on the domain name.

      Important

      *.hello.com can be used to match specific domain names such as a.hello.com, b.hello.com, and a.b.hello.com. If the domain name for which you want to apply for a certificate is *.hello.com, the certificate can be used only for a.hello.com and b.hello.com. The certificate cannot be used for a.b.hello.com.

      Select HTTP or HTTPS from the drop-down list. The supported port number varies based on the protocol:

      • HTTP: Port 80 is supported.

      • HTTPS: Port 443 is supported.

      Parameters that you must configure if you select HTTPS as the protocol.

      Certificate

      Select the certificate that is associated with the HTTPS protocol in Alibaba Cloud Certificate Management Service.

      Note

      If you did not purchase or upload a SSL certificate, click Purchase/Upload Certificate to go to the Certificate Management Service console and purchase or upload an SSL certificate. For more information about how to purchase an SSL certificate, see Purchase SSL certificates.

      Always Use HTTPS

      If you turn on Always Use HTTPS, only the HTTPS port can be accessed and HTTP requests are redirected to the HTTPS port.

      Enable HTTP/2?

      Select an option to specify whether to use HTTP/2 during the Transport Layer Security (TLS) handshake based on Application-Layer Protocol Negotiation (ALPN).

      • Use instance configurations: The system dynamically determines whether the current domain name uses the HTTP/2 protocol based on the value of EnableHttp2.

      • Enable: The current domain name uses the HTTP/2 protocol for communications after the TLS handshake succeeds.

      • Close: The current domain name does not use the HTTP/2 protocol for communications after the TLS handshake succeeds.

      Note

      If the HTTP protocol is used, the Cloud-native API Gateway instance uses HTTP Upgrade to automatically upgrade HTTP to HTTP/2 based on client requirements. Therefore, you need to configure this parameter based on your business requirements only if you select HTTPS from the drop-down list of the Domain Name parameter.

      TLS Version

      Select the earliest and latest TLS versions when the current domain name uses TLS for communication.

      • Minimum Version: the earliest TLS version that you select for the current domain name. Default value: TLS 1.0.

      • Maximum Version: the latest TLS version that you select for the current domain name. Default value: TLS 1.3.

    Verify the result

    The system automatically configures a routing rule for the path of the domain name that you associated with the Cloud-native API Gateway instance. For more information, see Create a route.

    • If the resolution of your domain name takes effect, you can verify the result by directly accessing a website that meets the configured routing rule from a browser.

    • If no Domain Name System (DNS) record is configured for your domain name, you can run one of the following commands to verify the result based on the supported protocol. In the following examples, the associated domain name is hello.com. Replace {Public IP address} in the following URLs with your public IP address:

      • HTTP:

        curl http://hello.com --resolve "hello.com:80{Public IP address}"

      • HTTPS:

        curl -v -k https://hello.com --resolve "hello.com:443:{Public IP address}" --cacert my-cert.pem