Purchasing an SSL Certificate
In CCM, you can buy and request for many types of SSL certificates.
Prerequisites
The account for purchasing a certificate has the SCM Administrator/SCM FullAccess, BSS Administrator, and DNS Administrator permissions.
- BSS Administrator: has all permissions on account center, billing center, and resource center. It is a project-level role, which must be assigned in the same project.
- DNS Administrator: has full permissions for DNS.
Constraints
Special enterprises cannot apply for OV or EV certificates. For example, military units, some government agencies, and national security departments.
To apply for OV and EV certificates, organizations must verify their identity through unified social credit code published on the national official website. While, special enterprises cannot verify their organization identity because there is no related details on that website.
Procedure
- Log in to the management console.
- Click in the upper left corner of the page and choose . The service console is displayed.
- In the navigation pane on the left, choose SSL Certificate Manager. In the upper right corner of the page, click Buy Certificate.
- On the page for purchasing a certificate, specify Domain Type, Domain Quantity, Certificate Type, Certificate Authority, Validity Period, and Quantity.
- Domain Type: Select a domain name type.
Only Single domain, Multiple domains, or Wildcard can be selected for your certificates. For details about the parameters, see Table 1.
Table 1 Domain types Domain Type
Description
Single domain
Only a single domain can be associated with an SSL certificate. For example, example.com.
Multiple domains
Multiple domain names can be associated with an SSL certificate.
- You can associate a multi-domain certificate with up to 250 domain names.
- A wildcard domain name is allowed only by OV or OV pro multi-domain certificates. Other types of multi-domain certificates can only associate with multiple single domain names
- You can associate a multi-domain certificate with multiple domain names at different time points. For example, if you purchase a multi-domain certificate with three domain names, you can associate it with two domain names when applying for the certificate, and associate it with the last domain name after the certificate is issued.
- The number of domain names a multi-domain certificate can protect depends on the domain quantity you configure when you buy the certificate. If you have more domain names to protect after the purchase completes, purchase another certificate for them.
Wildcard domain
Only one wildcard domain can be associated with an SSL certificate. Domain names having multiple wildcard characters, such as *.*.example.com, are not supported.
Only one wildcard character is allowed in a wildcard domain name, for example, *.example.com, which may include domain names a.example.com, b.example.com, and more, but does not include a.a.example.com.
For details about how to select a domain type, see How Do I Select an SSL Certificate?
- Set the domain quantity.
- If the Domain Type value is Single domain or Wildcard, you can only associate one domain name with a certificate.
- If you select Multiple domains for Domain Type, you can associate 2 to 250 domain names with a certificate. Set the quantity of domain names based on your needs.
- Select a certificate type.
For more details, see Table 2.
Table 2 Certificate types Certificate Type
Application Scenario
Verification Requirements
Security
Approval Period
EV Pro
Websites, applications, and applets of large enterprises or organizations, such as government departments, e-commerce platforms, online education agencies, financial institutions, and healthcare agencies. EV Pro certificates use stronger encryption algorithms than EV certificates.
CAs will verify the organization identity and the domain name ownership.
Highest
7 to 10 working days
EV
Websites, applications, and applets of large enterprises or organizations, such as government departments, e-commerce platforms, online education agencies, financial institutions, and healthcare agencies
CAs will verify the organization identity and the domain name ownership.
Highest
7 to 10 working days
OV Pro
Websites, applications, and applets of small and medium-sized enterprises. OV Pro certificates use stronger encryption algorithms than OV certificates.
CAs will verify the organization identity and the domain name ownership.
High
3 to 5 working days
OV
Websites, applications, and applets of small and medium-sized enterprises
The CA follows a standard process to validate the organization identity and the domain name ownership.
High
3 to 5 working days
- Select a certificate authority.
Currently, only DigiCert certificates are provided. For details about DigiCert certificates, see Certificate Details.
- Set Validity Period.
The validity period of a certificate starts from the time the certificate is issued. After a certificate expires, a new one must be purchased.
- Set the number of certificates you want to buy in the Quantity field.
- Domain Type: Select a domain name type.
- Click Next.
If you have any questions about the pricing, click Pricing Details.
- Confirm the order information and agree to the CCM statement by selecting I have read and agree to the Cloud Certificate Manager Statement. Click Pay.
- On the displayed page, select a payment method.
After the payment is complete, go back to the certificate list to view the purchased certificate.
Follow-up Procedure
After you purchase an SSL certificate, you still need to associate a domain name with it, provide certain details, and then submit it to the corresponding CA for approval. The CA reviews your application and issues the certificate when they consider your application valid. For details, see Submitting an SSL Certificate Application to the CA.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.