Help Center/ API Gateway/ API Reference/ Dedicated Gateway APIs (V2)/ SSL Certificate Management/ Binding an SSL Certificate to a Domain Name

Updated on 2025-12-26 GMT+08:00

Online Debugging

CLI Examples

View PDF

Binding an SSL Certificate to a Domain Name

Function

This API is used to bind an SSL certificate to a domain name. For gateways with custom inbound ports, the same domain name is bound to a certificate at the same time. Enabling or disabling client verification takes effect for different ports of the same domain name.

Calling Method

For details, see Calling APIs.

Authorization Information

Each account has all the permissions required to call all APIs, but IAM users must be assigned the required permissions.

If you are using role/policy-based authorization, see Permissions Policies and Supported Actions for details on the required permissions.

If you are using identity policy-based authorization, the following identity policy-based permissions are required.

Action	Access Level	Resource Type (*: required)	Condition Key	Alias	Dependencies
apig:certificate:batchBindDomain	Write	instance	g:ResourceTag/<tag-key>	-	apig:certificate:get apig:apiGroup:get

URI

POST /v2/{project_id}/apigw/certificates/{certificate_id}/domains/attach

**Table 1** Path Parameters
Parameter	Mandatory	Type	Description
project_id	Yes	String	Project ID. For details about how to obtain it, see Obtaining a Project ID.
certificate_id	Yes	String	Certificate ID.

Request Parameters

**Table 2** Request header parameters
Parameter	Mandatory	Type	Description
X-Auth-Token	Yes	String	User token. It can be obtained by calling the IAM API used to obtain a user token. The value of X-Subject-Token in the response header is a token.

**Table 3** Request body parameters
Parameter	Mandatory	Type	Description
domains	Yes	Array of AttachOrDetachDomainInfo objects	Domain names the certificate is bound to or unbound from.

**Table 4** AttachOrDetachDomainInfo
Parameter	Mandatory	Type	Description
domain	Yes	String	Domain name.
instance_ids	No	Array of strings	Gateway IDs.
verified_client_certificate_enabled	No	Boolean	Whether to enable client certificate verification. It is enabled by default if trusted_root_ca exists, and disabled if trusted_root_ca does not exist.

Response Parameters

Status code: 204

Status code: 400

**Table 5** Response body parameters
Parameter	Type	Description
error_code	String	Error code.
error_msg	String	Error message.

Status code: 401

**Table 6** Response body parameters
Parameter	Type	Description
error_code	String	Error code.
error_msg	String	Error message.

Status code: 403

**Table 7** Response body parameters
Parameter	Type	Description
error_code	String	Error code.
error_msg	String	Error message.

Status code: 404

**Table 8** Response body parameters
Parameter	Type	Description
error_code	String	Error code.
error_msg	String	Error message.

Status code: 500

**Table 9** Response body parameters
Parameter	Type	Description
error_code	String	Error code.
error_msg	String	Error message.

Example Requests

Binding an SSL certificate to a domain name

{
  "domains" : [ {
    "domain" : "apigtest.example.com",
    "instance_ids" : [ "f0fa1789-3b76-433b-a787-9892951c620e", "7d39549681c54d968ec2910da9da95cd" ]
  } ]
}

Example Responses

Status code: 400

Bad Request

{
  "error_code" : "APIG.2012",
  "error_msg" : "Invalid parameter value,parameterName:domain_id. Please refer to the support documentation"
}

Status code: 401

Unauthorized

{
  "error_code" : "APIG.1002",
  "error_msg" : "Incorrect token or token resolution failed"
}

Status code: 403

Forbidden

{
  "error_code" : "APIG.1005",
  "error_msg" : "No permissions to request this method"
}

Status code: 404

Not Found

{
  "error_code" : "APIG.3020",
  "error_msg" : "The URL domain does not exist"
}

Status code: 500

Internal Server Error

{
  "error_code" : "APIG.9999",
  "error_msg" : "System error"
}

Status Codes

Status Code	Description
204	OK
400	Bad Request
401	Unauthorized
403	Forbidden
404	Not Found
500	Internal Server Error

Error Codes

See Error Codes.

Parent topic: SSL Certificate Management

Previous topic: Modifying an SSL Certificate

Next topic: Unbinding an SSL Certificate from a Domain Name

Feedback

Was this page helpful?

Helpful Not helpful

Provide feedback

Thank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.

The system is busy. Please try again later.

Which of the following issues have you encountered?

Content is inconsistent with the product UI

Unclear descriptions

Lack of examples or code

Incorrect steps

Can't find what I need

Lack of best practices

Feedback (optional)

0/500

Select at least one type of issue, and enter your comments or suggestions.

Enter a maximum of 500 characters.

Submit Cancel

For any further questions, feel free to contact us through the chatbot.

Chatbot