About SCM and SSL Certificate Usage
SCM provides certificates of multiple types issued by different CAs. For more details, see Differences Between SSL Certificate Types. This document describes the process of how to purchase and use an SSL certificate.
With an SSL certificate deployed on your web server, the server uses HTTPS to establish encrypted links to the client, ensuring data transmission security.
Step |
Operation |
Description |
---|---|---|
1 |
On the SCM platform, purchase an SSL certificate for your domain name. For more details, see Differences Between SSL Certificate Types and How Do I Select an SSL Certificate? |
|
2 |
After you purchase a certificate, associate it with a domain name, provide additional details, and then submit the application to the CA for validation. |
|
3 |
You need to work with the CA to complete the domain name ownership verification. SCM provides the following domain name ownership verification methods:
|
|
4 |
This operation is required only when you apply for an OV, OV Pro, EV, or EV Pro certificate. After the domain name ownership is verified, the CA will initiate organization verification. |
|
5 |
When the verification is complete, it takes some time for the CA to approve your verification. For details about the application time, see How Long Does It Take for a CA to Approve an SSL Certificate? The CA will issue the certificate only after they validate your information. An SSL certificate is valid for one year from the time it is issued. |
|
6 |
You can deploy the issued certificate in other Huawei Cloud services in just a few clicks or download the certificate and install it on a server.
|
|
7 |
Since September 1, 2020, global CAs issues only one-year SSL certificates. When a certificate expires, it will no longer be trusted by the browser. You are advised to enable auto-renewal or manually renew the certificate 30 days before it expires to prevent your services from being affected. Renewing an SSL certificate is to apply for a new certificate with the exactly same configurations as the original one. The configurations include the certificate authority, certificate type, domain type, domain quantity, and primary domain name. After you renew a certificate, install the new certificate on your web server or deploy it on other Huawei Cloud services to replace the old certificate that is about to expire. |
|
8 |
If you no longer need an issued SSL certificate for security reasons or other reasons, for example, the certificate key is lost, you can revoke the certificate on the SCM console. You can revoke a certificate that has been issued by a CA. A revoked certificate is no longer trusted and can no longer be used for certificate-based encryption. |
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot