Dynamic Content Delivery Network (DCDN) supports HTTPS secure acceleration to encrypt requests between clients and points of presence (POPs). If your SSL certificate is purchased from Certificate Management Service, you can deploy the certificate for multiple domain names in DCDN to enable HTTPS secure acceleration.
Limits
You can deploy a certificate purchased from Alibaba Cloud Certificate Management Service for multiple domain names in the DCDN console.
You can configure a certificate that is issued by a third-party certificate authority (CA) for only one domain name at a time. For more information, see Configure an SSL certificate.
Configure or renew an SSL certificate
HTTPS secure acceleration is a value-added service. After you enable HTTPS, you are charged based on the number of HTTPS requests. You cannot use data transfer plans to offset the fees. For more information about the pricing of HTTPS secure acceleration, see Billing of HTTPS and HTTP requests.
Log on to the DCDN console.
In the left-side navigation pane, choose .
On the Certificate Center page, click Add Certificate.
In the Add Certificate pane, set the certificate parameters.
Parameter
Description
Certificate Source
You can only select SSL Certificates Service, which means the certificate must be purchased from Certificate Management Service.
Certificate Name
Select a purchased certificate.
Certificate (Public Key)
Enter the PEM-encoded public key. This parameter field is automatically filled in if the certificate is purchased from Certificate Management Service.
Private Key
Enter the PEM-encoded private key. This parameter field is automatically filled in if the certificate is purchased from Certificate Management Service.
Click Next and select domain names to associate with the certificate.
ImportantIf a selected domain name is already associated with a certificate, the existing certificate will be replaced by the one selected in this step.
You can deploy or update a certificate purchased from Certificate Management Service for multiple domain names at a time.SSL Certificates Service
Click OK.
Optional. Configure POPs to redirect requests to origin servers over HTTPS if you want to enable end-to-end HTTPS encryption. Make sure that the origin servers support HTTPS. For more information, see Configure the static origin protocol policy.
Check whether HTTPS secure acceleration takes effect
After you upload an SSL certificate, the certificate takes effect within 1 minute. To check whether the SSL certificate takes effect, you can send HTTPS requests to access resources. If the URL is displayed with a lock icon in the address bar of the browser, HTTPS secure acceleration is working as expected.
View information about the SSL certificate
Log on to the DCDN console. In the left-side navigation pane, choose . On the page that appears, click the certificate that you just configured to view its details.
The private key is not visible due to privacy and security concerns. Make sure that you store your certificate information properly.
Related API operations
You can call SetDcdnDomainCertificate to configure or update a certificate for a domain name.
If you want to configure or update a certificate for multiple domain names, call this operation multiple times.