Alibaba Cloud CDN
How to automatically deploy SSL certificates to Alibaba Cloud Content Delivery Network (CDN) domains.
Overview
AutoSSL can automatically deploy SSL certificates to your Alibaba Cloud Content Delivery Network (CDN) domains. It securely uploads the certificate and configures the CDN domain to enable HTTPS.
For instructions on how to manage and run this deployment, please refer to the Deployment Management section.
Configuration Parameters
When you add or edit this deployment target in the AutoSSL console, you will need to configure the following parameters:
| Parameter | Description | Example |
|---|---|---|
| Domains | A list of custom domains you want to protect. Must be valid domain names. | ['www.autossl.dev', 'dev.autossl.dev'] |
Note on Domains
Domain names cannot overlap or repeat (e.g. www.autossl.dev and
*.autossl.dev might conflict if not handled properly, and the UI will warn
against overlapping wildcards).
How it Works
When AutoSSL deploys a certificate to an Alibaba Cloud CDN domain (e.g., www.autossl.dev), it performs the following steps:
- Domain Validation: Checks if the provided SSL certificate actually covers the target custom domains (e.g.,
www.autossl.dev). If a domain is not protected by the certificate, the deployment for that domain is skipped to avoid service unavailability. - Configuration Update:
- Uses the Alibaba Cloud CDN API (
SetCdnDomainSSLCertificate) to upload the certificate and private key. - Enables the SSL protocol for the specified domain.
- Uses the Alibaba Cloud CDN API (
Access Key Requirement
To interact with the Alibaba Cloud API, this provider requires an Alibaba Cloud Access Key.
Required Permissions
The Access Key must belong to a RAM user with permissions to update CDN domain certificates.
You need to attach a custom policy to your RAM user with at least the following actions:
cdn:SetCdnDomainSSLCertificate
For more information on how to manage RAM permissions, please refer to the Alibaba Cloud RAM Policy Documentation.