All Products
Search
Document Center

Object Storage Service:Map custom domain names

Last Updated:Dec 04, 2023

Object Storage Service (OSS) generates a URL for an object uploaded to a bucket by using the default domain name of the bucket. When you access the object by using its URL from a browser, the object is downloaded. If your business application requires you to hide the default domain name of your bucket or enable object previews upon object access from browsers, you need to map a custom domain name to your bucket and use the custom domain to access objects. Mapping a custom domain name to a bucket does not affect your use of the OSS domain names of the bucket.

Prerequisites

  • A bucket is created. For more information, see Create a bucket.

  • A second-level domain name is registered. You can map a domain name that is not registered with Alibaba Cloud to a bucket. If you do not have a domain name, you can register one with Alibaba Cloud Domain Names. For more information, see Register a domain name on Alibaba Cloud.

  • An Internet Content Provider (ICP) filing is obtained for your domain name if the bucket to which you want to map the domain name resides in the Chinese mainland. You can map a domain name whose ICP filing is not completed by using the Alibaba Cloud ICP Filing system. If you have not applied for an ICP filing for your domain name, you can apply for an ICP filing by using the Alibaba Cloud ICP Filing system. For more information, see ICP filing application overview.

Scenarios

  • Object preview: If you use a custom domain name of a bucket to access an object in the bucket from a browser, OSS does not add a response header that forces a download of the object. This way, the object is displayed for content preview directly in the browser.

  • Brand identity: A custom domain name helps maintain a consistent brand identity and build customer trust.

  • Bypassing domain blocking: Some applications or platforms may block default bucket domain names. You can map a custom domain name to a bucket to maintain access to the bucket.

  • Ease of use: A custom bucket domain name is generally easier to remember than a default domain name and provides a more user-friendly experience of resource accessing and sharing.

  • User experience optimization: A custom domain name is a user-friendly address that helps users initiate a resource request faster. You can also use a custom domain name together with Alibaba Cloud CDN to accelerate content delivery and download. This deceases latency and improves user experience.

  • URL availability: A custom domain name of a bucket maintains persistent access to objects in the bucket by using the same domain name even if the storage path or service is changed.

Mechanisms

This section describes how OSS behaves when you use a default bucket name and a custom bucket name to access an object from a browser.

Access using a default domain name

For secure data transfers, OSS includes the x-oss-force-download: true and Content-Disposition: attachment headers in the response to a browser-based object request that uses a default bucket domain name, which is in the <bucketName>.oss-<regionId>.aliyuncs.com format. The browser downloads the requested object if the Content-Disposition: attachment header is present in the response. The following figure shows the process:

2.png

For more information about types of objects that OSS forcibly downloads and the effective time of forcible downloads, see Appendix: x-oss-ec rules triggered for forcible download.

Access using a custom domain name

If you map a custom subdomain of your registered domain name and map the subdomain to a bucket, you can use the custom subdomain to access objects in the bucket from a browser. In this case, OSS does not include the headers that specify a forcible download in the response. The browser detects no Content-Disposition from the response and uses the default Content-Disposition: inline header, which indicates that the content is displayed in the browser instead of being downloaded. The following figure shows the process:

1.png

Overview

  • Domain name mapping does not support domain names that contain Chinese characters.

  • Each domain name can be mapped to only one bucket.

  • Each bucket can be mapped to up to 100 domain names.

  • The OSS console does not support mapping between a generic domain name and a bucket. For example, you cannot map a domain name whose prefix is * and whose subdomains point to a default bucket domain name. If you use Alibaba Cloud CDN to accelerate access to a bucket, you can map a generic domain name to the bucket. However, the domain name is not displayed in the OSS console.

Procedure

Step 1: Map a custom domain name

The steps of mapping a custom domain name to a bucket vary based on the owner account and domain registrar.

Note
  • You can query the registrar of a domain name at .

  • You can query whether a domain name belongs to the current Alibaba Cloud account in the Alibaba Cloud DNS console.

Map a custom domain name registered using the current Alibaba Cloud account

To map a custom domain name that is registered using the current Alibaba Cloud account, perform the following steps:

  1. Log on to the OSS console.

  2. In the left-side navigation pane, click Buckets. On the Buckets page, find and click the desired bucket.

  3. In the left-side navigation pane, choose Bucket Settings > Domain Names.

  4. On the Domain Management page, click Map Custom Domain Name.

  5. In the Map Custom Domain Name panel, enter the domain name that you want to map to the bucket in the Domain Name field, turn on Automatically Add CNAME Record, and click Submit.

    1.png

    Alibaba Cloud DNS automatically adds a CNAME record that points the custom domain name to the public domain name of the bucket.1.png

    Note

    If you do not turn on Automatically Add CNAME Record, you need to manually add a CNAME record for the custom domain name in the Alibaba Cloud DNS console so that the mapping can take effect.

Map a custom domain name registered using another Alibaba Cloud account

To map a custom domain name that is registered using Alibaba Cloud Account A to a bucket in Alibaba Cloud Account B, perform the following steps:

  1. Use Alibaba Cloud Account B to obtain the hostname and value in the TXT record of the domain name.

    1. Log on to the OSS console.

    2. In the left-side navigation pane, click Buckets. On the Buckets page, find and click the desired bucket.

    3. In the left-side navigation pane, choose Bucket Settings > Domain Names.

    4. On the Domain Management page, click Map Custom Domain Name.

    5. In the Map Custom Domain Name panel, enter the domain name that you want to map to the bucket in the Domain Name field and click Obtain TXT. Record the Hostname and Value.

      Important

      After you record the TXT record, do not close the Map Custom Domain Name panel until you submit the domain name. If you close the Map Custom Domain Name panel, the TXT record becomes invalid and the subsequent domain ownership verification fails.

      4.png

  2. Use Alibaba Cloud Account A to add a TXT record.

    1. Log on to the Alibaba Cloud DNS console.

    2. On the Domain Name Resolution page, find the domain name that you want to map and click DNS Settings in the Actions column.

    3. On the DNS Settings page, click Add DNS Record. In the Add DNS Record panel, configure the parameters described in the following table.

      Parameter

      Description

      Example

      Record Type

      Select TXT.

      TXT

      Hostname

      Enter the hostname of the TXT record that was recorded earlier.

      ****59e5-4bbd-aef4-8e401dc13a0a.static

      DNS Request Source

      The DNS line that is used to resolve the domain name. We recommend that you select Default for this parameter to allow the DNS system to automatically select an optimal line.

      Default

      Record Value

      Enter the record value of the TXT record that was recorded earlier.

      oss-domain-verfication=17ca4f6a1247f459fb310****

      TTL

      Select the interval at which the record is updated. Keep the default value.

      Note

      There is a certain delay before the TTL setting takes effect.

      10 Minutes

    4. Click OK.

  3. Return to the Map Custom Domain Name panel in the OSS console, click I have added the TXT record. Continue submission..

  4. Use Alibaba Cloud Account A to add a CNAME record.

    1. On the Domain Name Resolution page, find the domain name that you want to map and click DNS Settings in the Actions column.

    2. On the DNS Settings page, click Add DNS Record. In the Add DNS Record panel, configure the parameters described in the following table.

      Parameter

      Description

      Example

      Record Type

      Select CNAME.

      CNAME

      Hostname

      Enter a prefix of the domain name.

      • For a root domain, such as example.com, enter @.

      • For a subdomain, enter the prefix of the subdomain. For example, if the domain name is static.example.com, enter static.

      static

      DNS Request Source

      The DNS line that is used to resolve the domain name. We recommend that you select Default for this parameter to allow the DNS system to automatically select an optimal line.

      Default

      Record Value

      Enter the public domain name of the bucket. The endpoint of a bucket follows the <bucketname>.<endpoint> format. For more information about public endpoints for different regions, see Regions and endpoints.

      examplebucket.oss-cn-hangzhou.aliyuncs.com

      TTL

      Select the interval at which the record is updated. Keep the default value.

      Note

      There is a certain delay before the TTL setting takes effect.

      10 Minutes

    3. Click OK.

Map a custom domain name that is not registered using an Alibaba Cloud account

To map a custom domain name that is registered with another domain provider, perform the following steps:

  1. In the OSS console, generate a hostname and value as a TXT record for domain ownership verification.

    1. Log on to the OSS console.

    2. In the left-side navigation pane, click Buckets. On the Buckets page, find and click the desired bucket.

    3. In the left-side navigation pane, choose Bucket Settings > Domain Names.

    4. On the Domain Management page, click Map Custom Domain Name.

    5. In the Map Custom Domain Name panel, enter the custom domain name that you want to map, click Obtain TXT, and record the Hostname and Value.

      Important

      After you record the TXT record, do not close the Map Custom Domain Name panel until you submit the domain name. If you close the Map Custom Domain Name panel before you submit the custom domain name mapping, the TXT record becomes invalid and the subsequent domain ownership verification fails.

      4.png

  2. In the DNS platform of your domain provider, use the settings described in the following table to add a TXT record.

    Parameter

    Description

    Example

    Record type

    Select TXT.

    TXT

    Hostname

    Enter the hostname that was recorded earlier.

    ****59e5-4bbd-aef4-8e401dc13a0a.static

    Record value

    Enter the value of the TXT record that was recorded earlier.

    oss-domain-verfication=17ca4f6a1247f459fb310****

  3. Return to the Map Custom Domain Name panel in the OSS console, click I have added the TXT record. Continue submission..

  4. In the DNS platform of your domain provider, use the settings described in the following table to add a CNAME record.

    Parameter

    Description

    Example

    Record type

    Select CNAME.

    CNAME

    Hostname

    Enter a prefix of the domain name.

    • For a root domain, such as example.com, enter @.

    • For a subdomain, enter the prefix of the subdomain. For example, if the domain name is static.example.com, enter static.

    static

    Record value

    Enter the public domain name of the bucket. The endpoint of a bucket follows the <bucketname>.<endpoint> format. For more information about public endpoints for different regions, see Regions and endpoints.

    examplebucket.oss-cn-hangzhou.aliyuncs.com

Step 2: Verify the domain name mapping

After you map the custom domain name to the bucket, use the nslookup or dig command to check CNAME resolution. If the output shows that the CNAME is the public domain name of the bucket, the CNAME record takes effect.

nslookup

Replace example.com in the following command with the custom domain name that you mapped to the bucket and run the command:

nslookup -type=CNAME example.com

If the domain mapping is successful, the output is similar to the following content.

1.png

dig

Replace example.com in the following command with the custom domain name that you mapped to the bucket and run the command:

dig CNAME example.com

If the domain mapping is successful, the output is similar to the following content.

2.png

Step 3: Use the custom domain name to access the bucket

After the domain mapping takes effects, you can use the custom domain name to access the bucket over HTTP.

  1. Upload an object to the bucket.

    For more information, see Simple upload.

  2. Generate object URLs.

    Generate a temporary object URL

    To obtain a temporary URL of an object, perform the following steps:

    1. Set the access control list (ACL) of the object to private.

      For more information, see Object ACLs.

    2. Use the following methods to obtain the object URL that has a validity period. The URL of a private object is in the http://YourDomain/ObjectName?Signature format.

    Use the OSS console

    1. Log on to the OSS console.

    2. In the left-side navigation pane, click Buckets. On the Buckets page, click the name of the bucket in which the private object is stored.

    3. In the left-side navigation tree, choose Object Management > Objects.

    4. On the Objects page, click the name of the object.

    5. In the View Details panel, select the custom domain name that you mapped to the bucket in the Custom Domain Name field, retain the default settings for the other parameters, and click Copy Object URL.

      2.png

    Use ossbrowser

    You can use ossbrowser to perform the same object-level operations that you can perform in the OSS console. You can follow the on-screen instructions in ossbrowser to obtain a signed URL. For more information about how to use ossbrowser, see Use ossbrowser.

    Use OSS SDKs

    1. Use the custom domain name to create an OSSClient instance.

    2. Java

      // Replace yourEndpoint with the custom domain name that you want to use. 
      String endpoint = "yourEndpoint";
      
      // Obtain the access credentials from the environment variables. You need to configure environment variables before you run the sample code. 
      EnvironmentVariableCredentialsProvider credentialsProvider = CredentialsProviderFactory.newEnvironmentVariableCredentialsProvider();
      
      // Create a ClientBuilderConfiguration instance and modify the default parameters based on your business requirements. 
      ClientBuilderConfiguration conf = new ClientBuilderConfiguration();
      
      // Specify whether to use CNAME. CNAME is used to map the custom domain name to the bucket. 
      conf.setSupportCname(true);
      
      // Create an OSSClient instance. 
      OSS ossClient = new OSSClientBuilder().build(endpoint, credentialsProvider, conf);
      
      // Shut down the OSSClient instance. 
      ossClient.shutdown();                    

      PHP

      <?php
      if (is_file(__DIR__ . '/../autoload.php')) {
          require_once __DIR__ . '/../autoload.php';
      }
      if (is_file(__DIR__ . '/../vendor/autoload.php')) {
          require_once __DIR__ . '/../vendor/autoload.php';
      }
      
      use OSS\OssClient;
      use OSS\Core\OssException;
      // Obtain access credentials from environment variables. Before you run the sample code, make sure that the OSS_ACCESS_KEY_ID and OSS_ACCESS_KEY_SECRET environment variables are configured.  
      $accessKeyId = getenv("OSS_ACCESS_KEY_ID"); 
      $accessKeySecret = getenv("OSS_ACCESS_KEY_SECRET");
      // In this example, the endpoint of the China (Hangzhou) region is used. Specify your actual endpoint. 
      $endpoint = "https://oss-cn-hangzhou.aliyuncs.com";
      
      try {
          // true indicates that CNAME is enabled. If CNAME is enabled, a custom domain name is mapped to a bucket. 
          $ossClient = new OssClient($accessKeyId, $accessKeySecret, $endpoint, true);
      } catch (OssException $e) {
          print $e->getMessage();
      }
                          

      Node.js

      const OSS = require('ali-oss')
      
      const client = new OSS({
        // Use a custom domain name as the endpoint of a bucket to access the bucket. 
        endpoint: 'http://img.example.com', 
        // The AccessKey pair of an Alibaba Cloud account has permissions on all API operations. Using these credentials to perform operations in OSS is a high-risk operation. We recommend that you use a RAM user to call API operations or perform routine O&M. To create a RAM user, log on to the RAM console. 
        accessKeyId: 'yourAccessKeyId',  
        accessKeySecret: 'yourAccessKeySecret',
        cname: true
      });

      Python

      # -*- coding: utf-8 -*-
      import oss2
      from oss2.credentials import EnvironmentVariableCredentialsProvider
      
      # Obtain access credentials from environment variables. You need to configure environment variables before you run the sample code. 
      auth = oss2.ProviderAuth(EnvironmentVariableCredentialsProvider())
      
      # Specify the custom domain name that is mapped to the bucket. Example: example.com. 
      cname = 'http://example.com'
      
      # Specify the name of the bucket, and set is_cname to True to enable CNAME. CNAME is used to map a custom domain name to a bucket. 
      bucket = oss2.Bucket(auth, cname, 'examplebucket', is_cname=True)   

      Browser.js

      <!DOCTYPE html>
      <html lang="en">
        <head>
          <meta charset="UTF-8" />
          <meta name="viewport" content="width=device-width, initial-scale=1.0" />
          <title>Document</title>
          <script src="https://gosspublic.alicdn.com/aliyun-oss-sdk-6.18.0.min.js"></script>
        </head>
        <body>
          <script>
            const client = new OSS({
              // Enter a custom domain name. Example: example.com. 
              endpoint: "example.com",
              // Specify the temporary AccessKey pair obtained from Security Token Service (STS). The AccessKey pair consists of an AccessKey ID and an AccessKey secret. 
              accessKeyId: "yourAccessKeyId",
              accessKeySecret: "yourAccessKeySecret",
              // Specify the security token obtained from STS. 
              stsToken: 'yourSecurityToken',
              // Specify the name of the bucket. Example: examplebucket. 
              bucket: "examplebucket",
              cname: true,
            });    
                
          </script>
        </body>
      </html>
      

      .NET

      using Aliyun.OSS;
      using Aliyun.OSS.Common;
      // Obtain access credentials from environment variables. Before you run the sample code, make sure that the OSS_ACCESS_KEY_ID and OSS_ACCESS_KEY_SECRET environment variables are configured. 
      var accessKeyId = Environment.GetEnvironmentVariable("OSS_ACCESS_KEY_ID");
      var accessKeySecret = Environment.GetEnvironmentVariable("OSS_ACCESS_KEY_SECRET");
      // Specify the custom domain name. 
      const string endpoint = "yourDomain";
      
      // Create a ClientConfiguration instance. Modify parameters as required. 
      var conf = new ClientConfiguration();
      
      // Specify that a CNAME record can be used. A CNAME record specifies the mapping relationship between a custom domain name and a bucket. 
      conf.IsCname = true;
      
      // Create an OSSClient instance. 
      var client = new OssClient(endpoint, accessKeyId, accessKeySecret, conf);                    

      Android

      // Specify a custom domain name. 
      String endpoint = "yourEndpoint";
      // Specify the temporary AccessKey pair obtained from STS. 
      String accessKeyId = "yourAccessKeyId";
      String accessKeySecret = "yourAccessKeySecret";
      // Specify the security token obtained from STS. 
      String securityToken = "yourSecurityToken";
      
      OSSCredentialProvider credentialProvider = new OSSStsTokenCredentialProvider(accessKeyId, accessKeySecret, securityToken);
      // Create an OSSClient instance. 
      OSSClient oss = new OSSClient(getApplicationContext(), endpoint, credentialProvider);

      Go

      package main
      
      import (
          "fmt"
          "github.com/aliyun/aliyun-oss-go-sdk/oss"
          "os"
      )
      func main(){
          // Obtain access credentials from environment variables. You need to configure environment variables before you run the sample code. 
          provider, err := oss.NewEnvironmentVariableCredentialsProvider()
          if err != nil {
              fmt.Println("Error:", err)
              os.Exit(-1)
          }    
      
          // Set yourEndpoint to the custom domain name of the bucket. 
          // oss.UseCname(true) indicates that CNAME is enabled. CNAME is used to map a custom domain name to a bucket. 
          client, err := oss.New("yourEndpoint", "", "", oss.SetCredentialsProvider(&provider),oss.UseCname(true))
          if err != nil {
              fmt.Println("Error:", err)
              os.Exit(-1)
          }
      
          fmt.Printf("client:%#v\n", client)
      }

      iOS

      // Specify a custom domain name. 
      NSString *endpoint = @"yourEndpoint";
      // Specify the temporary AccessKey pair obtained from STS. An AccessKey pair consists of an AccessKey ID and an AccessKey secret. 
      NSString *accessKeyId = @"yourAccessKeyId";
      NSString *accessKeySecret = @"yourAccessKeySecret";
      // Specify the security token obtained from STS. 
      NSString *securityToken = @"yourSecurityToken";
      
      id<OSSCredentialProvider> credentialProvider = [[OSSStsTokenCredentialProvider alloc] initWithAccessKeyId:accessKeyId secretKeyId:accessKeySecret securityToken:securityToken];
      OSSClient *client = [[OSSClient alloc] initWithEndpoint:endpoint credentialProvider:credentialProvider];

      C++

      #include <alibabacloud/oss/OssClient.h>
      using namespace AlibabaCloud::OSS;
      
      int main(void)
      {
          /* Initialize information about the account that is used to access OSS. */
                  
          /* Specify the endpoint of the region in which the bucket is located. For example, if the bucket is located in the China (Hangzhou) region, set the endpoint to https://oss-cn-hangzhou.aliyuncs.com. */
          std::string Endpoint = "yourEndpoint";
          
          /* Initialize resources such as network resources. */
          InitializeSdk();
      
          ClientConfiguration conf;
          /* Obtain access credentials from environment variables. Before you run the sample code, make sure that the OSS_ACCESS_KEY_ID and OSS_ACCESS_KEY_SECRET environment variables are configured. */
          auto credentialsProvider = std::make_shared<EnvironmentVariableCredentialsProvider>();
          OssClient client(Endpoint, credentialsProvider, conf);   
      
          /* Release resources such as network resources. */
          ShutdownSdk();
          return 0;
      }

      C

      #include "oss_api.h"
      #include "aos_http_io.h"
      # Specify the custom domain name. */
      const char *endpoint = "yourCustomEndpoint";
      
      void init_options(oss_request_options_t *options) {
          options->config = oss_config_create(options->pool);
          /* Use a char* string to initialize data of the aos_string_t type. */
          aos_str_set(&options->config->endpoint, endpoint);
          /* Obtain access credentials from environment variables. Before you run the sample code, make sure that the OSS_ACCESS_KEY_ID and OSS_ACCESS_KEY_SECRET environment variables are configured. */  
          aos_str_set(&options->config->access_key_id, getenv("OSS_ACCESS_KEY_ID"));
          aos_str_set(&options->config->access_key_secret, getenv("OSS_ACCESS_KEY_SECRET"));
          /* Enable CNAME and map the custom domain name to your bucket. */
          options->config->is_cname = 1;
          options->ctl = aos_http_controller_create(options->pool, 0);
      }
      int main() {
          aos_pool_t *p;
          oss_request_options_t *options;
          /* Initialize global variables. You need to initialize global variables only once in the program lifecycle. */
          if (aos_http_io_initialize(NULL, 0) != AOSE_OK) {
              return -1;
          }
          /* Initialize the memory pool and options. */
          aos_pool_create(&p, NULL);
          options = oss_request_options_create(p);
          init_options(options);
          /* The logic code. In this example, the logic code is omitted. */
          /* Release the memory pool. This operation releases the memory resources allocated for the request. */
          aos_pool_destroy(p);
          /* Release global resources that are allocated. You need to release global resources only once in the program lifecycle. */
          aos_http_io_deinitialize();
          return 0;
      }

      Ruby

      require 'aliyun/oss'
      
      client = Aliyun::OSS::Client.new(
        # Specify the custom domain name that you want to map to the bucket. 
        endpoint: 'http://example.com',
        # Obtain access credentials from environment variables. Before you run the sample code, make sure that the OSS_ACCESS_KEY_ID and OSS_ACCESS_KEY_SECRET environment variables are configured. 
        access_key_id: ENV['OSS_ACCESS_KEY_ID'],
        access_key_secret: ENV['OSS_ACCESS_KEY_SECRET']
        cname: true)
      )
    3. Use the OSSClient instance to call the GeneratePresignedUrl operation to obtain a signed URL of the object.

      For more information, see Add signatures to URLs.

    Use ossutil

    1. Use the configuration file to configure the mapping between a bucket and a custom domain name. For more information, see Configure ossutil.

    2. Use the sign command to generate a signed URL of an object. For more information, see sign (generate signed object URLs).

    Generate a permanent object URL

    Warning

    To generate a permanent object URL that never expires, you need to set the ACL of the object to public-read. After you set the ACL of an object to public-read, all users on the Internet have access to the object, which may cause data leaks and high OSS bills. We recommend that you use choose temporary URLs over permanent URLs.

    To obtain a permeant URL of an object, perform the following steps:

    1. Set the ACL of the object to public-read.

      For more information, see Object ACLs.

    2. Generate the object URL by concatenating the custom domain name and object name.

      You do not need to include signature information in the URL of a public-read object by using the custom domain name that is mapped to the bucket that contains the object. The URL of a public-read object based on a custom domain name is in the https://YourDomainName/ObjectName format.

      For example, if you map static.example.com to the examplebucket bucket in the China (Hangzhou) region, you can use the http://static.example.com/demo.png URL to access the example.jpg in the bucket.

  3. Use the object URL to access the object from a browser.

    2023-11-07_11-01-40.png

What to do next

Configure HTTPS access

To use a custom domain name to access the mapped bucket over HTTPS, you need to upload an HTTPS certificate. For more information, see Host SSL certificates.

Use CDN to accelerate access to OSS

You can use Alibaba Cloud CDN to accelerate access to a bucket by mapping the custom domain of the bucket to an accelerated domain name. Access acceleration based on Alibaba Cloud CDN helps improve access speed and stability. For more information, see Map accelerated domain names.

Hotlink protection

To protect a bucket against hotlinking, you can configure a Referer whitelist or blacklist and specify whether to allow requests with an empty Referer header to control access to the bucket. For more information, see Hotlink protection.

Accelerate cross-border data transmission

To improve the speed and stability of cross-border requests, you can map a custom domain name of the bucket to the transfer acceleration domain name of the bucket. For more information, see Map accelerated domain names.

Configure static website hosting

If you want to host a static website in a bucket and use a custom domain name to access the bucket, you need to configure static website hosting. For more information, see Overview.

FAQ

Why did I receive a message indicating that a CNAME record failed to be automatically added because an existing hostname is identical to the hostname used in the CNAME record?

This may happen due to the following factors:

  • Hostname conflict. The hostname is used by a different type of DNS record, such as an A record.

  • Duplicate records: The hostname is used by another CNAME record. For example, you have already manually added an identical CNAME record.

To fix this problem, you need to go to the Alibaba Cloud DNS console and perform operations based on your requirements:

  • If you want to keep the existing DNS record that uses the hostname, use a different subdomain for domain mapping.

  • If you do not want to keep the existing DNS record:

    • If the existing DNS record is not a CNAME record, delete the existing record and add a CNAME record that uses the same hostname and is resolved to the default domain name of the bucket.

    • If the existing DNS record is a CNAME record, modify the record to point to the default domain name of the bucket.

What do I do if the custom domain name is already mapped to another bucket?

You need to unmap the custom domain name and map it to the intended bucket. For more information, see What do I do if an error message indicating that the domain name is mapped to another bucket is returned when I map a domain name?

What do I do if the NeedVerifyDomainOwnership message is returned for domain mapping?

Why am I unable to preview an object when I use the custom domain name to access the object from a browser?

If you cannot preview an object by using the custom domain name after the CNAME record applies, use the methods described in the following table to troubleshoot the problem:

Factor

Cause

Solution

OSS

The Content-Type header of the object is set to application/octet-stream. A file with the content type application/octet-stream is a binary file. Typically, browsers do not provide preview of binary files.

Modify the Content-Type header based on the object type. For more information, see How do I configure the Content-Type header?

The Content-Disposition header of the object is set to attachment. The Content-Disposition: attachment header triggers the browser to download the object instead of displaying the object content.

Set the Content-Disposition header to inline. For more information, see Manage object metadata.

Alibaba Cloud CDN

Resources cached on points of presence (POPs) are not refreshed.

Refresh resources cached on POPs. For more information, see Refresh and prefetch resources.

Browser

The file format is not supported for preview by your browser. For example, your browser may not support preview of XLS, DOC, PPT, or PDF files.

Install plugins for the browser to support file preview.

Can I map a domain name that is connected to WAF and has content?

Yes, you can map a domain name that is connected to a web application firewall (WAF) and has content to an OSS bucket. WAF and CNAME work separately and do not cause a conflict.

After a custom domain name is mapped to a bucket, can I use object URLs generated before the mapping to access objects in the bucket?

Yes, you can. For more information about how to generate object URLs, see Share objects with object URLs.

Does access using a custom domain name mean access over the Internet?

In most cases, using a custom domain name to access a bucket is over the Internet. By default, OSS maps a custom domain name to the public domain name of a bucket. Using a custom domain name to access an object allows requesters to preview the object in the browser.

How do I ensure that an object is downloaded when I use the custom bucket domain name to access the object?

If you want the object to be downloaded when you use the custom domain name of the bucket to access the object from a browser, set Content-Disposition to attachment. For more information, see How do I make sure that an OSS object is downloaded when it is accessed by using the custom domain name?

How do I unmap a custom domain name?

If you no longer need to use a custom domain name, you can follow the following steps to unmap the custom domain name.

  1. If you use the custom domain name with Alibaba Cloud CDN, disable CDN acceleration for the bucket.

    To disable CDN acceleration for the bucket, modify the origin server settings to disconnect the accelerated domain name from the default domain name of the bucket. For more information, see Configure an origin server.

  2. Unmap the custom domain name.

    1. Log on to the OSS console.

    2. In the left-side navigation tree, choose Bucket Settings>Domain Names.

    3. On the Domain Names page, find the custom domain name and click Manage Mapping Configurations in the Actions column.

    4. In the Manage Mapping Configurations panel, click Unmap. In the message that appears, click OK.

  3. Delete DNS records related to the custom domain name.

    After you unmap the custom domain name, delete the TXT record and CNAME record of the custom domain name. For more information, see Delete a DNS Record.

Related API operations

  • For more information about the API operation that you can call to create a CNAME token for domain ownership verification, see CreateCnameToken.

  • For more information about the API operation that you can call to query CNAME tokens for domain ownership verification, see GetCnameToken.

  • For more information about the API operation that you can call to map a custom domain name to a bucket, see PutCname.

  • For more information about the API operation that you can call to query all CNAME records of a bucket, see ListCname.

  • For more information about the API operation that you can call to delete a CNAME record of a bucket, see DeleteCname.

  • For more information about the API operation that you can call to add a TXT record or a CNAME record, see AddDomainRecord.