All Products
Search

This Product

    Certificate Management Service:Free trial for PCA

    Document Center

    Certificate Management Service:Free trial for PCA

    Last Updated:May 29, 2026

    Private Certificate Authority (PCA) helps you build a private CA platform for internal enterprise use through simple visual operations, enabling identity authentication and data encryption and decryption for internal enterprise applications. This topic describes how to activate a free trial of the Private CA service.

    Intended users

    • You need to build a private CA platform for internal enterprise use.

    • Only Alibaba Cloud accounts that have not purchased Private CA are eligible to apply for a free trial.

    Trial description

    • Each Alibaba Cloud account can activate a free trial of the Private CA service only once. The trial is valid for 30 days, starting from the day the trial is successfully activated.

    • Only private CAs (for internal enterprise use without regulatory requirements) are available for free trial. Compliant CAs (for enterprise compliance use with regulatory requirements) are not available for free trial.

    Activate a free trial

    1. Log in to the Certificate Management Service console.

    2. In the navigation pane on the left, choose Certificate Management > Private Certificate Management. On the Private Certificate Management page, select the region where the PCA service is located.

    3. On the Private CAs tab, click Start Free Trial.

    4. In the Free Trial panel, select the algorithm for the private CA and click OK.

      The following encryption algorithms are supported:

      • RSA: An asymmetric key encryption algorithm based on the difficulty of factoring large integers. It is the most widely used and has excellent compatibility. Longer keys provide higher security but increase performance overhead.

      • ECC: An asymmetric key encryption algorithm based on the difficulty of the elliptic curve discrete logarithm problem. It achieves the same level of security as RSA with shorter keys, offers higher computational efficiency, and is suitable for resource-constrained environments such as mobile devices and IoT.

    5. In the Note dialog box, click OK.

      After the trial application is submitted, Certificate Management Service automatically creates a private root CA and a private sub-CA. The root CA includes 10 private certificates.

      You can use the created private root CA and sub-CA to build a private CA platform for internal enterprise use. For more information, see Purchase and enable a private CA.

    What do I do after the free trial ends?

    The private root CA and sub-CA created for the free trial have a validity period of 30 days. After the validity period expires, the root CA and sub-CA become unavailable, and all certificates under the CA become invalid. To continue using the Private CA service, you must renew the root CA. For more information, see PCA certificate billing.