Help Center> Web Application Firewall> User Guide (Ankara Region)> Website Domain Name Management> Updating a Certificate
Updated on 2024-04-12 GMT+08:00
View PDF

Updating a Certificate

If you set Client Protocol to HTTPS when you add a website to WAF, upload a certificate and use it for your website.

  • If your website certificate is about to expire, purchase a new certificate before the expiration date and update the certificate associated with the website in WAF.
  • If you plan to update the certificate associated with the website, associate a new certificate with your website on the WAF console.

Prerequisites

  • The website to be protected has been added to WAF.
  • Your website uses HTTPS as the client protocol.

Constraints

  • Each domain name must have a certificate associated. A wildcard domain name can only use a wildcard domain certificate. If you only have single-domain certificates, add domain names one by one in WAF.
  • Only .pem certificates can be used in WAF. If the certificate is not in .pem, before uploading it, convert it to .pem by referring to Step 6.

Impact on the System

  • It is recommended that you update the certificate before it expires. Otherwise, all WAF protection rules will fail to take effect, and there can be massive impacts on the origin server, even more severe than a crashed host or website access failures.
  • Updating certificates does not affect services. The old certificate still works during the certificate replacement. The new certificate will take over the job once it has been uploaded and successfully associated with the domain name.

Procedure

  1. Log in to the management console.
  2. Click in the upper left corner of the management console and select a region or project.
  3. Click in the upper left corner and choose Web Application Firewall under Security & Compliance.
  4. In the navigation pane on the left, choose Website Settings.
  5. In the Domain Name column, click the domain name of the website to go to the basic information page.
  6. In the International Certificate or Chinese Certificate row, click next to the certificate name. Then, in the displayed Update Certificate dialog box, import a new certificate or select an existing certificate.

    • For international certificates, if Import new certificate is selected for Update Method, enter a certificate name and copy the certificate file and private key to the corresponding text boxes.
    • For Chinese certificates, if Import new certificate is selected for Update Method, enter a certificate name and copy the signature certificate, signature private key, encryption certificate, and encryption private key to the corresponding text boxes.
    • If you select Select existing certificate for Update Method, select an existing certificate from the Certificate Name drop-down list.

  7. Click Confirm.