If a certificate is purchased and issued from a third-party certificate service provider and you want to use Certificate Management Service to manage all certificates, you can click Upload Certificate in the Certificate Management Service console to upload the certificate. This topic describes how to upload a certificate that is purchased and issued from a third-party certificate service provider.
Preparations
Before you upload a certificate, prepare the following files:
A PEM-encoded certificate authority (CA) certificate file in the PEM or CRT format and a PEM-encoded private key file in the KEY format.
If you want to upload an SM2 certificate, prepare a CA certificate file and a private key file for the signing certificate as well as a CA certificate file and a private key file for the encryption certificate.
After you upload a certificate to the Certificate Management Service console, you cannot download the certificate. This helps ensure the data security of your certificate.
Procedure
Log on to the Certificate Management Service console.
In the left-side navigation pane, click SSL Certificates.
On the SSL Certificates page, click the Manage Uploaded Certificates tab. Then, click Upload Certificate.
In the Upload Certificate panel, configure the parameters and click OK.
The parameters that you must configure when you set Certificate Algorithm to Internationally Accepted Algorithm are different from the parameters that you must configure when you set Certificate Algorithm to SM2 Algorithm. The following tables describe the parameters.
Internationally Accepted Algorithm
Parameter
Description
Certificate Algorithm
Select Internationally Accepted Algorithm. This type of algorithm is released by the National Security Agency (NSA) of the United States. Certificate Management Service supports the RSA algorithm, which is an asymmetric cryptography algorithm.
Certificate Name
Enter a name for the certificate that you want to upload.
The name can contain letters, digits, periods (.), underscores (_), and hyphens (-).
Certificate File
Enter the content of the PEM-encoded CA certificate file.
You can use one of the following methods to enter the content. Method 1: Use a text editor to open the CA certificate file in the PEM or CRT format. Then, copy the content to the Certificate File field. Method 2: Click Upload below the Certificate File field. Then, select the CA certificate file from your computer to upload the content of the file.
Certificate Key
Enter the content of the PEM-encoded private key file.
You can use one of the following methods to enter the content. Method 1: Use a text editor to open the private key file in the KEY format. Then, copy the content to the Certificate Key field. Method 2: Click Upload below the Certificate Key field. Then, select the private key file from your computer to upload the content of the file.
Certificate Chain
Optional. Enter the content of the certificate chain file.
You can use one of the following methods to enter the content. Method 1: Use a text editor to open the certificate chain file. Then, copy the content to the Certificate Chain field. Method 2: Click Upload below the Certificate Chain field. Then, select the certificate chain file from your computer to upload the content of the file.
SM2 Algorithm
Parameter
Description
Certificate Algorithm
Select SM2 Algorithm. This type of algorithm is released by the State Cryptography Administration (SCA) of China. Certificate Management Service supports the SM2 algorithm, which is an asymmetric cryptography algorithm.
Certificate Name
Enter a name for the certificate that you want to upload.
The name can contain letters, digits, underscores (_), and hyphens (-).
Certificate File
Enter the content of the PEM-encoded CA certificate file of the signing certificate that you want to upload.
You can use one of the following methods to enter the content. Method 1: Use a text editor to open the CA certificate file in the PEM or CRT format. Then, copy the content to the Certificate File field. Method 2: Click Upload below the Certificate File field. Then, select the CA certificate file from your computer to upload the content of the file.
Certificate Key
Enter the content of the PEM-encoded private key file of the signing certificate that you want to upload.
You can use one of the following methods to enter the content. Method 1: Use a text editor to open the private key file in the KEY format. Then, copy the content to the Certificate Key field. Method 2: Click Upload below the Certificate Key field. Then, select the private key file from your computer to upload the content of the file.
Encryption Certificate
Enter the content of the PEM-encoded CA certificate file of the encryption certificate that you want to upload.
You can use one of the following methods to enter the content. Method 1: Use a text editor to open the CA certificate file in the PEM or CRT format. Then, copy the content to the Certificate File field. Method 2: Click Upload below the Certificate File field. Then, select the CA certificate file from your computer to upload the content of the file.
Encryption Private Key
Enter the content of the PEM-encoded private key file of the encryption certificate that you want to upload.
You can use one of the following methods to enter the content. Method 1: Use a text editor to open the private key file in the KEY format. Then, copy the content to the Certificate Key field. Method 2: Click Upload below the Certificate Key field. Then, select the private key file from your computer to upload the content of the file.
After the certificate is uploaded, you can view the certificate in the certificate list. If you do not want to manage an uploaded certificate in the Certificate Management Service console, you can find the certificate and click Delete in the Actions column to delete the certificate. For more information, see Delete a certificate.
ImportantAfter a certificate is deleted, the certificate is removed from the list of uploaded certificates. The validity period of the certificate is not affected. A deleted certificate cannot be restored. Proceed with caution.