Updated on 2024-09-18 GMT+08:00

How Do I Apply for an Entry-Level SSL Certificate?

This topic describes how to apply for an entry-level DV certificate.

In Huawei Cloud SCM, GeoTrust provides entry-level SSL certificates.

Prerequisites

The account for purchasing a certificate must have the SCM Administrator/SCM FullAccess and BSS Administrator permissions.

Step 1: Buy a Certificate

  1. Log in to the management console.
  2. Click in the upper left corner of the page and choose Security & Compliance > Cloud Certificate Management Service. The service console is displayed.
  3. In the navigation pane on the left, choose SSL Certificate Manager. In the upper right corner of the page, click Buy Certificate.
  4. On the Buy Certificate page, set parameters as required. Table 1 describes the parameters.
    Table 1 Parameters for purchasing a certificate

    Parameter

    Description

    Certificate Type

    Certificate type

    Select DV (Basic).

    Certificate Authority

    Certificate authorities

    Select GeoTrust.

    Domain Type

    Domain name type. You can select Single domain or Wildcard as needed.

    • Single domain: You can associate only one domain with a certificate.

      The domain can be a second-level domain like domain.com or a third-level domain like example.domain.com. Any subdomains of the domain cannot be protected. For example, if you associate domain.com with a certificate, the certificate does not protect any subdomains, such as ssl.domain.com or ssl.ssl.domain.com.

    • Wildcard: You can associate only one wildcard domain with a certificate.

      Only one wildcard character (*) can be contained in the wildcard domain, for example, *.domain.com or *.example.domain.com. *.*.domain.com is not supported.

      For details about the domain names supported by wildcard-domain certificates, see What Domains Can Wildcard-Domain Certificates Support?

    Domain Quantity

    Quantity of selected domain quantity selected

    You do not need to set this parameter. It is fixed at 1.

    Period of validity

    Certificate validity period

    Currently, the validity period of a certificate can be set to 1 year. A certificate takes effect upon issuance. The certificate issuance time refers to the time when the certificate is officially issued by the CA. You need to buy a new one after the certificate expires.

    Quantity

    Set the number of certificates. You can set the quantity as required.

  5. Click Next.

    If you have any questions about the pricing, click Pricing Details.

  6. Confirm the order information and agree to the CCM statement by selecting I have read and agree to the Cloud Certificate Manager Statement. Click Pay.
  7. On the displayed page, select a payment method.

    After the payment is successful, you can go to the SSL Certificate Manager > SSL Certificates page to view certificates you purchased.

    • To view your paid certificates, click the SSL Certificates tab.
    • To view your test certificates, click the Test Certificates tab.

Step 2: Submit a Certificate Application to the CA

After you purchase a certificate, you need to associate a domain name, provide additional details, and then submit the application for approval.

For details, see Submitting an SSL Certificate Application to the CA.

In the Domain Name Information dialog box, select DNS for Domain Name Verification Method.

Step 3: Verify Domain Ownership by DNS

You are required to verify domain ownership on the platform hosting your domain name by resolving a specific DNS record.

After you submit the certificate application to a CA, complete the configuration of domain name verification based on the information displayed on the certificate list page. Otherwise, your certificate will remain in the Pending domain name verification state and will fail the verification.

For details about how to verify domain name ownership by DNS, see Verifying Domain Ownership by Resolving the DNS Record.

Step 4: Issue the Certificate

After the domain name ownership is verified using DNS, it takes some time for the CA to approve your application.

The CA will issue the certificate only after they validate your information. The certificate takes effect immediately upon issuance. You can deploy the certificate to other products on Huawei Cloud or download the certificate and deploy it on a server.