Billing overview - Certificate Management Service - Alibaba Cloud Documentation Center

The fee for an SSL certificate depends on the certificate type, domain name type, certificate brand, or service you select. Before purchasing, review the billing details for Certificate Management Service. This topic describes the billing details for Certificate Management Service and how to manage expired SSL certificates.

Billing method

SSL certificates and related services use the subscription billing method.

Billable items

The table below lists all billable services for SSL certificates. Select the services that meet your needs.

Important

For exact prices of each billable item, see the purchase page.

Service type	Billing details
Certificate Management Service	Charges depend on the Number of Instances, Domain Type, number of domain names, Certificate Type, Certificate Brand, and Duration.
Certificate hosting service	Certificate hosting automatically renews your SSL certificate before it expires. It submits a new certificate request to extend validity and prevents service disruption caused by missed renewals. This service also supports automatic deployment. When enabled, newly issued certificates deploy automatically to supported Alibaba Cloud products. Important The hosting fee covers only the automatic renewal service. It does not include the cost of purchasing new certificates. Automatic deployment works only for cloud product deployment and multicloud deployment. It does not support Elastic Compute Service (ECS) or Simple Application Server.
Cloud product deployment service	This service deploys an issued certificate to Alibaba Cloud products that require SSL certificates, such as Anti-DDoS Proxy, WAF, and CDN. You can deploy commercial certificates for free. To deploy uploaded SSL certificates, you need to Purchase Deployment Time Packages
ECS deployment service	This service deploys an issued certificate to Alibaba Cloud ECS instances or Simple Application Servers. You can deploy commercial certificates for free. To deploy an uploaded SSL certificate, you need to purchase a deployment quota package.

Validity period description

Validity periods vary by issuance date and certificate brand. For details, see Validity period changes. To minimize business impact from expiring certificates, Alibaba Cloud sends renewal reminders and provides renewal services.

Impact of Expired SSL Certificates

When a certificate expires, its validity period ends. After expiration, your website may experience the following impacts:

Users cannot access the website.
Browsers display security warnings when users visit the website.
Affects the website's search volume ranking.
Communication between visitors and the website cannot be encrypted.

Manage certificates that are about to expire

To prevent business disruption, apply for and issue a new certificate before the current certificate expires. After the new certificate is issued, install it on Alibaba Cloud services and web servers where the old certificate is installed to replace the expiring certificate.

Certificate type

Action required before expiration

Commercial certificate

Purchase a new certificate 15 days before expiration. Then submit an application, complete issuance, and install the new certificate.

For renewal steps, see Renew SSL certificates.
For application steps, see Apply for a certificate.
For installation steps, see Deploy SSL certificates.

Third-party certificate

Before expiration, purchase a new certificate from the third-party provider. Then upload it using the Upload Certificate feature in Certificate Management Service. For upload steps, see Upload, sync, and share SSL certificates.

Expired certificate data handling

If a certificate has been expired for more than one year, Alibaba Cloud automatically deletes it. Deleted certificates cannot be recovered.