-1

We are hosting our backend server in ALIYUN, since we are a foreign company we don't have ICP license and domain name for that server, but we want to configure https for load balancer IP address. I tried to buy SSL certificate from ALIYUN, since we don't have domain name, how should I select type of domain(wildcard domain, single domain, multiple domain)? Any suggestion for this?

HBruijn
  • 72,524
  • 21
  • 127
  • 192
rose
  • 1
  • 1
  • 1
    Technically, you can, but the IP should generally be in the subject alternative name field of the certificates, so your certificate should have a different common name. Having said that, ALIYUN may have a policy not to issue certificates with an IP in the SAN. – ColtonCat Mar 01 '19 at 06:13
  • You should also review https://serverfault.com/q/193775/450038 to see a discussion of the pros and cons of using an IP address in a TLS certificate. – Doug Deden Mar 01 '19 at 15:40
  • HTTPS and IP-based certificates do not mix well. This is the wrong way to try to solve your problem. Register whatever name first and map it to your IP. Then create a certificate for your name, problem solved. But if you insist on IP based certificate, and manage to find a CA signing them for you, remember that you need to use the IPAddress type in the SAN extension, not the classical DNS type used for names. – Patrick Mevzek Mar 07 '19 at 01:33

1 Answers1

-3

Alibaba Cloud SSL Certificates Service allows customers to directly apply, purchase and manage SSL certificates. You have to use it to manage your certificates, so go to https://www.alibabacloud.com/product/certificates

Now follow these steps:

  1. Log on to the Alibaba Cloud Certificates purchase page to purchase an SSL certificate. enter image description here

  2. Log in to the Certificate Services Management console.

  3. Select the Region where you have the certificate purchased.
  4. In the My Orders list, select the certificate instance and click Complete to go to the Complete Information page to enter certificate details. enter image description here
  5. Click Submit for Review to submit the certificate application request.
Deepak Kamat
  • 107
  • 5