All Products
Search

This Product

    Object Storage Service:Attach a custom domain name (Python SDK V1)

    Document Center

    Object Storage Service:Attach a custom domain name (Python SDK V1)

    Last Updated:Mar 01, 2026

    After you upload objects to a bucket, Object Storage Service (OSS) automatically generates URLs that include the public endpoint of the bucket for the uploaded objects. You can use these URLs to access the objects. If you want to access the objects by using a custom domain name, you must add a CNAME record to map the custom domain name to the bucket in which the objects are stored.

    Prerequisites

    • OSS SDK for Python 1.0 installed

    • Environment variables OSS_ACCESS_KEY_ID and OSS_ACCESS_KEY_SECRET configured with valid access credentials

    • A bucket created in the target region

    • A registered domain name that you own

    Usage notes

    • In this topic, the public endpoint of the China (Hangzhou) region is used. If you want to access OSS from other Alibaba Cloud services in the same region as OSS, use an internal endpoint. For more information about OSS regions and endpoints, see Regions and endpoints.

    • In this topic, access credentials are obtained from environment variables. For more information about how to configure access credentials, see Configure access credentials using OSS SDK for Python 1.0.

    • This topic demonstrates creating an OSSClient instance with an OSS endpoint. For alternative configurations, such as using a custom domain or authenticating with credentials from Security Token Service (STS), see Initialization.

    Create a CNAME token

    The following sample code provides an example on how to create a CNAME token: 

    # -*- coding: utf-8 -*-
import oss2
from oss2.credentials import EnvironmentVariableCredentialsProvider

# Get access credentials from environment variables.
auth = oss2.ProviderAuthV4(EnvironmentVariableCredentialsProvider())

# Specify the endpoint of the region where the bucket is located.
endpoint = "https://oss-cn-hangzhou.aliyuncs.com"
# Specify the region. Required for V4 signatures.
region = "cn-hangzhou"

bucket = oss2.Bucket(auth, endpoint, "examplebucket", region=region)

# Specify the custom domain name.
test_domain = 'www.example.com'

# Create the CNAME token.
result = bucket.create_bucket_cname_token(test_domain)

print(result.cname)        # Custom domain name
print(result.token)        # CNAME token returned by OSS
print(result.expire_time)  # Token expiration time

    Query a CNAME token

    The following sample code provides an example on how to query a CNAME token: 

    # -*- coding: utf-8 -*-
import oss2
from oss2.credentials import EnvironmentVariableCredentialsProvider

# Get access credentials from environment variables.
auth = oss2.ProviderAuthV4(EnvironmentVariableCredentialsProvider())

# Specify the endpoint of the region where the bucket is located.
endpoint = "https://oss-cn-hangzhou.aliyuncs.com"
# Specify the region. Required for V4 signatures.
region = "cn-hangzhou"

bucket = oss2.Bucket(auth, endpoint, "examplebucket", region=region)

# Specify the custom domain name.
test_domain = 'www.example.com'

# Query the CNAME token.
result = bucket.get_bucket_cname_token(test_domain)

print(result.cname)        # Custom domain name
print(result.token)        # CNAME token returned by OSS
print(result.expire_time)  # Token expiration time

    Add a CNAME record

    The following sample code provides an example on how to add a CNAME record for a bucket: 

    # -*- coding: utf-8 -*-
import oss2
from oss2.credentials import EnvironmentVariableCredentialsProvider

# Get access credentials from environment variables.
auth = oss2.ProviderAuthV4(EnvironmentVariableCredentialsProvider())

# Specify the endpoint of the region where the bucket is located.
endpoint = "https://oss-cn-hangzhou.aliyuncs.com"
# Specify the region. Required for V4 signatures.
region = "cn-hangzhou"

bucket = oss2.Bucket(auth, endpoint, "examplebucket", region=region)

# Specify the custom domain name.
test_domain = 'www.example.com'

# Specify the ID of the previous certificate.
previous_cert_id = '001'

# Specify the SSL certificate content and private key.
certificate = '''-----BEGIN CERTIFICATE-----
MIIDWzCCAkOgA******KTgnwyOGU9cv+mxA=
-----END CERTIFICATE-----'''

private_key = '''-----BEGIN PRIVATE KEY-----
MIIEvQIBADAN******1i2t41Q/SC3HUGC5mJjpO8=
-----END PRIVATE KEY-----
'''

# Create the certificate info object.
cert = oss2.models.CertInfo(certificate=certificate, private_key=private_key)

# To overwrite an existing certificate, set force=True.
# To delete a certificate, set delete_certificate=True.
# cert = oss2.models.CertInfo(certificate=certificate, private_key=private_key, force=True, delete_certificate=False)

# Add the CNAME record with the certificate.
input = oss2.models.PutBucketCnameRequest(test_domain, cert)
bucket.put_bucket_cname(input)

    The oss2.models.CertInfo class accepts the following parameters:

    ParameterDescription
    certificateSSL certificate content in PEM format
    private_keyPrivate key of the certificate in PEM format
    previous_cert_idID of the previous certificate to replace
    forceSet to True to overwrite the existing certificate
    delete_certificateSet to True to delete the certificate, or False to keep it

    Query a CNAME record

    The following sample code provides an example on how to query a CNAME record for a bucket: 

    # -*- coding: utf-8 -*-
import oss2
from oss2.credentials import EnvironmentVariableCredentialsProvider

# Get access credentials from environment variables.
auth = oss2.ProviderAuthV4(EnvironmentVariableCredentialsProvider())

# Specify the endpoint of the region where the bucket is located.
endpoint = "https://oss-cn-hangzhou.aliyuncs.com"
# Specify the region. Required for V4 signatures.
region = "cn-hangzhou"

bucket = oss2.Bucket(auth, endpoint, "examplebucket", region=region)

# Query all CNAME records for the bucket.
list_result = bucket.list_bucket_cname()

for c in list_result.cname:
    print(c.domain)                # Custom domain name
    print(c.status)                # Domain name status
    print(c.last_modified)         # Time when the domain name was bound
    print(c.certificate.cert_id)   # Certificate ID
    print(c.certificate.type)      # Certificate source
    print(c.certificate.status)    # Certificate status

    Delete a CNAME record

    The following sample code provides an example on how to delete the CNAME record that points to a bucket: 

    # -*- coding: utf-8 -*-
import oss2
from oss2.credentials import EnvironmentVariableCredentialsProvider

# Get access credentials from environment variables.
auth = oss2.ProviderAuthV4(EnvironmentVariableCredentialsProvider())

# Specify the endpoint of the region where the bucket is located.
endpoint = "https://oss-cn-hangzhou.aliyuncs.com"
# Specify the region. Required for V4 signatures.
region = "cn-hangzhou"

bucket = oss2.Bucket(auth, endpoint, "examplebucket", region=region)

# Specify the custom domain name to delete.
test_domain = 'www.example.com'

# Delete the CNAME record.
bucket.delete_bucket_cname(test_domain)

    References

    • For more information about the API operation that you can call to create a CNAME token for domain name ownership verification, see CreateCnameToken.

    • For more information about the API operation that you can call to query a CNAME token, see GetCnameToken.

    • For more information about the API operation that you can call to add a CNAME record, see PutCname.

    • For more information about the API operation that you can call to query a CNAME record, see ListCname.

    • For more information about the API operation that you can call to delete a CNAME record, see DeleteCname.