Help Center/ Cloud Certificate Manager/ Best Practices/ Best Practices for SSL Certificate Manager/ Deploying SSL Certificates to the Cloud in One Click/ Deploying an SSL Certificate to WAF in One Click
Updated on 2024-12-17 GMT+08:00
View PDF
Share

Deploying an SSL Certificate to WAF in One Click

Prerequisites

  • You have an SSL certificate that is in Issued or Hosted status in CCM.
  • You have enabled Web Application Firewall (WAF).

Adding a Domain Name to WAF

Before deploying an SSL certificate to WAF, you need to add the domain name that will use the SSL certificate to WAF. For details, see:

When a domain name is added to WAF, HTTPS must be select for Client Protocol.

(Optional) Upload Private Key

If you select Upload a CSR for CSR when applying for a certificate, you need to upload the private key to the cloud to deploy the issued certificate to other cloud services in one-click mode because the cloud does not have the private key of the certificate. If you select System generated CSR for CSR during certificate application, skip this step.

  1. Log in to the management console.
  2. Click in the upper left corner of the page and choose Security & Compliance > Cloud Certificate Management Service. The service console is displayed.
  3. In the navigation pane on the left, choose SSL Certificate Manager > SSL Certificates.
  4. In the Operation column of the target certificate, choose More > Upload Private Key.

    Figure 1 Uploading the private key

  5. In the displayed dialog box, click Upload and select a local private key file, or enter the certificate private key information in the text box according to the format.

    Figure 2 Uploading the private key file

  6. Click Submit.

    After the private key is uploaded successfully, the Deploy button of the certificate becomes available.

    Figure 3 Private key uploaded

Deploying an SSL Certificate to WAF

  1. Log in to the management console.
  2. Click in the upper left corner of the page and choose Security & Compliance > Cloud Certificate Management Service. The service console is displayed.
  3. In the navigation pane on the left, choose SSL Certificate Manager > SSL Certificates.
  4. Locate the row containing the certificate you want to deploy on other cloud product, and click Deploy in the Operation to go to the certificate deployment details page.

    Figure 4 Deploying a certificate

  5. On the displayed page, select WAF in the Deployment Details area.

    Figure 5 Selecting WAF

  6. Click on the right of the enterprise project or region name and select the enterprise project or region to be deployed.
  7. Select the domain name you want to deploy the certificate for and click Redeploy in the Operation column.

    To deply the certificates for multiple domain names, select all the target domain names and click Batch Update above the domain name list.

  8. In the displayed dialog box, confirm the information, and click Confirm.

    When the certificate is deployed, the Deployment column for the domain name reads Deployed.

Replacing a Certificate Before It Expires

An SSL certificate issued by any CA around the world is valid for one year. You need to update an SSL certificate in a timely manner. Once your new certificate is issued, replace the old one with it by referring to Deploying an SSL Certificate to WAF.