When you configure an HTTPS listener, you can use a certificate from Certificate Management Service or upload a third-party server certificate and certification authority (CA) certificate to Classic Load Balancer (CLB).

CLB supports the following certificates:
  • Certificates issued and hosted by Alibaba Cloud Certificate Management Service: After you purchase a certificate from Certificate Management Service, you will be notified when the certificate is about to expire. You can renew the certificate with one click.

    Client CA certificates are not supported.

  • Third-party certificates: To upload a third-party certificate, you need the public key and private key files of the certificate.

    Server certificates and client CA certificates are supported.

Before you create a certificate, take note of the following rules:
  • If you want to use a certificate in multiple regions, you must select all of the required regions when you create the certificate.
  • Each region supports at most 100 server certificates.
  • Each region supports at most 100 client CA certificates.