This topic describes how to add an additional certificate to a listener of a Classic Load Balancer (CLB) instance.

  1. Log on to the CLB console.
  2. On the Instances page, click the ID of the CLB instance.
  3. On the Listener tab, find the HTTPS listener that you created and choose More > Manage Additional Certificate in the Actions column.
  4. In the Manage Additional Certificate panel, click Add Additional Certificate.
    1. Enter one or more domain names. The domain name can contain only letters, digits, hyphens (-), and periods (.). It must start with a letter or digit.
      Domain name-based forwarding rules support exact matching and wildcard matching.
      • You can specify a specific domain name such as in a forwarding rule.
      • You can also specify a wildcard domain name such as * or * in a forwarding rule.

        If a request matches multiple domain-based forwarding rules, exact matching prevails over wildcard matching. If multiple wildcard domain names are matched, a higher-level wildcard domain name prevails over a lower-level wildcard domain name.

        Note In the following table, "√" indicates that the domain name is matched and "×" indicates that the domain name is not matched.
        Mode Request URL Domain name-based forwarding rule * *
        Exact matching × ×
        Wildcard matching × ×
        Wildcard matching × ×
    2. Select the certificate that is associated with the domain name.
      • The domain name of the certificate must be the same as that of the additional certificate that you added.
      • If multiple wildcard certificates are added, only the first wildcard certificate can be matched.
    3. Click OK.
      After you add an additional certificate, you must create a forwarding rule based on the domain name associated with the additional certificate. Otherwise, the additional certificate is invalid.
  5. Optional:To create a forwarding rule, perform the following operations:
    1. On the Note page, click Configure Rule. You can also click the ID of the CLB instance on the Instances page and click the Listener tab.
    2. Find the HTTPS listener and click Add Forwarding Rules in the Actions column.
    3. In the Add Forwarding Rules panel, click Add Forwarding Rules.
    4. Configure the forwarding rule.
      For more information, see Forward requests based on domain names or URLs.
      Note The domain name that you specify in the forwarding rule must be the same as the domain name associated with the additional certificate.


CreateDomainExtension: creates an additional certificate.