Edge Security
  • Overview
  • DDoS Protection
    • DDoS Protection Overview
    • Exclusive DDoS Protection Usage
    • Configuration of Exclusive DDoS protection Rules
      • Increase DDoS Protection Level
      • Exclusive DDoS Traffic Alarm
      • Configuration IP blocklist/allowlist
      • Configuration Region Blocking Rule
      • Configuration Port Filtering
      • Configuration Features Filtering
      • Configuration Protocol Blocking Rule
      • Configuration Connections Attack Protection
      • Related References
        • Action
        • Related Concepts Introduction
  • Web Protection
    • Overview
    • Managed rules
    • CC attack defense
    • Custom rule
    • Custom Rate Limiting Rules
    • Exception Rules
    • Managed Custom Rules
    • Web security monitoring alarm
    • Refer
      • Web Protection Request Processing Order
      • Action
      • Match Condition
  • Bot Management
    • Overview
    • Bot Intelligent analysis
    • Bot Basic Feature Management
    • Client Reputation
    • Active Detection
    • Custom Bot Rule
    • Bot Exception Rule
    • Related References
      • Action
  • Rules Template
  • IP and IP Segment Grouping
  • Origin Protection
  • Custom Response Page
  • Alarm Notification
  • SSL/TLS
    • Overview
    • Deploying/Updating SSL Certificate for A Domain Name
    • Configuring A Free Certificate for A Domain Name
    • HTTPS Configuration
      • Forced HTTPS Access
      • Enabling HSTS
      • SSL/TLS Security Configuration
        • Configuring SSL/TLS Security
        • TLS Versions and Cipher Suites
      • Enabling OCSP Stapling

Deploying/Updating SSL Certificate for A Domain Name

This document describes how to deploy or update a self-owned certificate for a domain name via the EdgeOne console and the SSL console.

Deploying Certificate

Prerequisite

Purchase an SSL certificate in the SSL Certificate Service console, or upload a self-owned certificate and manage it in SSL.

Scenario 1: Configuring A Self-Owned Certificate via the EdgeOne Console

You can manage and use a self-owned certificate via the EdgeOne console as instructed below.
1. Log in to the EdgeOne console and click the target site in the site list to display second-level menus for site management.
2. In the left sidebar, click Domain Name Service > Domain Management.
3. In the domain name list that appears, find the domain name for which the managed SSL certificate is to be configured and click Edit in the HTTPS column of the domain name.
4. In the pop-up window, set Certificate type to Managed SSL certificate. In the certificate list that appears, select the ID of the certificate to be associated and click OK. Then the certificate configuration is delivered.

Note:
Up to one ECC, one RSA, and one national secret SM2 encryption algorithm certificate can be deployed to the same domain.
5. In the domain name list, hover over the icon before Configured in the record of the target domain name, and you can see the information of the deployed certificate.


Scenario 2: Batch Certificate Configuration through EdgeOne console

If your certificate is a multi-domain or wildcard domain name certificate, and you expect to select multiple domain names in EdgeOne and deploy the same certificate to reduce the operation of configuring the same certificate for multiple different domain names, then batch configuration of certificates is suitable for this scenario. The specific operation steps are as follows:
1. Log in to the EdgeOne console, select the site to be configured through the site list, and enter the site management secondary menu.
2. In the left navigation bar, click Domain Name Service > Domain Management.
3. On the Domain Management page, click Batch Configuration of Certificate, and in the steps of batch configuration certificate, select the certificate to be configured.

4. Click Next to enter the domain name configuration step. Select the domain names to be deployed in batches, and click Complete to issue the certificate deployment.
Note:
1. Up to 100 domain names can be selected at once. If the certificate needs to be deployed to more than 100 domain names, please operate in batches.
2. If you need to quickly filter out domain names that have already deployed this certificate, please check: Show only domain names that have not deployed this certificate.


Updating Certificate

Scenario 1: If your certificate is a self-owned certificate, upload it to the SSL certificate management, and when it needs to be updated, you need to re-upload the new certificate content to the SSL certificate console, and then refer to the deploying certificate method to update it after redeployment.
Scenario 2: If you have purchased an SSL certificate in the SSL certificate console, it is suggested that you enable certificate management to implement automatic renewal and update of the certificate. You can refer to certificate management.