Skip to main content

Upload certificates

Overview

This topic describes how to create and upload certificates to Server Load Balancer(SLB). Before you create an HTTPS listener, you must upload the required server certificate and CA certificate to SLB. You do not need to configure certificates on backend servers after you upload the certificates to SLB. Prerequisites A server certificate is purchased. A CA certificate and a client certificate are generated

Procedure

  1. In the left-side navigation pane, click Certificates. fg-dc-slb-3.5.2-1
  2. On the Certificates page, click Create Certificate. fg-dc-slb-3.5.2-2
  3. In the Create Certificate panel, set the following parameters and click Create.
ParameterDescription
Certificate NameEnter a name for the certificate.
The name must be 1 to 80 characters. The name can contain only letters, digits, hyphens (-), forward slashes (/), periods (.), underscores (_), and asterisks (*).
Resource GroupSelect the type of certificate You can select International Standard.
Certificate or National Standard Certificate.
Public Key CertificatePaste the contents of the server certificate or CA certificate into the field. The public key certificate contains the public key and signature information.
SLB instances use NGINX certificates obtained from a certificate provider. In most cases, NGINX certificates are suffixed with .pem, and some certificates may be suffixed with .crt.
Private KeyPaste the private key of the server certificate into the field. In most cases, NGINX certificates are obtained from a certificate provider and are suffixed with .key.
Click Example to view the valid certificate formats.
SLB supports the following private key formats:
-----BEGIN RSA PRIVATE KEY-----
Private key (Base64 encoded)-----END RSA PRIVATE KEY-----
and
-----BEGIN EC PARAMETERS-----
Private key (Base64 encoded)-----END EC PARAMETERS----------BEGIN EC PRIVATE KEY-----
Private key (Base64 encoded)-----END EC PRIVATE KEY-----
RegionSelect the region where you want to deploy the certificate.
A certificate cannot be used across regions. If you want to use the certificate in multiple regions, select the regions where you want to use the certificate.