Help Center/ Cloud Certificate & Manager/ User Guide (Kuala Lumpur Region)/ SSL Certificate Manager (SCM) User Guide/ Managing SSL Certificates/ Pushing an SSL Certificate to Other Cloud Services
Updated on 2025-10-29 GMT+08:00
View PDF
Share

Pushing an SSL Certificate to Other Cloud Services

After an SSL certificate is issued, you can push it to other services, such as Web Application Firewall (WAF) and Elastic Load Balance (ELB) in just few clicks. In this manner, data access through the cloud services is more secure.

Prerequisites

The certificate is in the Hosted status.

Constraints

  • If you have not purchased a given cloud service or the service is not available for the domain name associated with your certificate, do not push the certificate to it because the process may fail.
  • A certificate can only be pushed to a product once in CCM. If you push a certificate that has been pushed or uploaded to a cloud product, a push failure will occur.

Procedure

  1. Click in the upper left corner of the page and choose Security & Compliance > Cloud Certificate Management Service. The service console is displayed.
  2. In the navigation pane on the left, choose SSL Certificate Manager > SSL Certificates.
  3. On the SCM page, locate the row that contains the target certificate, and click MorePush in the Operation column. The certificate push details page is displayed on the right.
  4. Select the cloud service you wish to push the certificate to.
  5. Set the target region.

    Click on the right of the target project and select the target region. You can select up to 10 regions.

  6. Click Push Certificate at the lower right corner of the page.

    If a message indicating that the certificate is successfully pushed is displayed, the SSL certificate is successfully pushed to the target service.

    You need to further configure the certificate on the console of the service to enable HTTPS for it.

  7. Check whether you need to immediately access the console of the target service to configure the certificate.

    • If yes, click Configure Now. The management page of the target service is displayed. Configure the certificate:
    • If no, click Continue Pushing or in the upper right corner of the page. The certificate push page or SSL certificate management page is displayed.

      You can access the console of the target service for certificate management.

    You can view the latest 10 push records on the certificate push page.

Follow-up Operations

You can manage pushed certificates on the console of the corresponding service.

If you have any questions during the configuration, refer to the corresponding service documentation or consult the corresponding service personnel.

  • ELB: If HTTPS data transmission encryption is required, you need to associate a certificate when creating an HTTPS listener. If you choose to push the certificate to ELB in one click, you can select the pushed certificate in ELB. Otherwise, you need to manually upload the certificate.

    Generally, only server certificates need to be configured to authenticate servers for HTTPS-based business. For some key businesses, such as bank payment, two-way authentication is required for enhanced business security.

  • WAF: You need to configure a certificate when adding a domain to WAF if HTTPS is used for communications between the client and WAF. If you choose to push the certificate to WAF in one click, you can select the pushed certificate in WAF. Otherwise, you need to manually upload the certificate.

    If a certificate has been configured in WAF, you only need to update the certificate.