All Products
Search
Document Center

Certificate Management Service:Billing of SSL certificates

Last Updated:Feb 28, 2026

The fee for an SSL certificate depends on the certificate type, domain name type, certificate brand, or service you select. Before purchasing, review the billing details for Certificate Management Service. This topic describes the billing details for Certificate Management Service and how to manage expired SSL certificates.

Billing method

SSL certificates and related services use the subscription billing method.

Billable items

The table below lists all billable services for SSL certificates. Select the services that meet your needs.

Important

For exact prices of each billable item, see the purchase page.

Service type

Billing details

Certificate Management Service

Charges depend on the Number of Instances, Domain Type, number of domain names, Certificate Type, Certificate Brand, and Duration.

Certificate hosting service

Certificate hosting automatically renews your SSL certificate before it expires. It submits a new certificate request to extend validity and prevents service disruption caused by missed renewals.

This service also supports automatic deployment. When enabled, newly issued certificates deploy automatically to supported Alibaba Cloud products.

Important
  • The hosting fee covers only the automatic renewal service. It does not include the cost of purchasing new certificates.

  • Automatic deployment works only for cloud product deployment and multicloud deployment. It does not support Elastic Compute Service (ECS) or Simple Application Server.

Cloud product deployment service

This service deploys an issued certificate to Alibaba Cloud products that require SSL certificates, such as Anti-DDoS Proxy, WAF, and CDN.

ECS deployment service

This service deploys an issued certificate to Alibaba Cloud ECS instances or Simple Application Servers.

Validity period description

Validity periods vary by issuance date and certificate brand. For details, see Validity period changes. To minimize business impact from expiring certificates, Alibaba Cloud sends renewal reminders and provides renewal services.

Impact of Expired SSL Certificates

When a certificate expires, its validity period ends. After expiration, your website may experience the following impacts:

  • Users cannot access the website.

  • Browsers display security warnings when users visit the website.

  • Affects the website's search volume ranking.

  • Communication between visitors and the website cannot be encrypted.

Manage certificates that are about to expire

To prevent business disruption, apply for and issue a new certificate before the current certificate expires. After the new certificate is issued, install it on Alibaba Cloud services and web servers where the old certificate is installed to replace the expiring certificate.

Certificate type

Action required before expiration

Commercial certificate

Purchase a new certificate 15 days before expiration. Then submit an application, complete issuance, and install the new certificate.

Third-party certificate

Before expiration, purchase a new certificate from the third-party provider. Then upload it using the Upload Certificate feature in Certificate Management Service. For upload steps, see Upload, sync, and share SSL certificates.

Expired certificate data handling

If a certificate has been expired for more than one year, Alibaba Cloud automatically deletes it. Deleted certificates cannot be recovered.