Cloud Small Class|Choose the appropriate certificate and make a "certified" compliant domain name

Others 2020-09-14 02:24:27 views: null
Abstract: This article introduces how to easily select the appropriate SSL certificate according to your own situation when purchasing a certificate in Huawei Cloud SSL certificate management.

HUAWEI CLOUD SSL Certificate Manager (SCM) is an SSL (Secure Socket Layer) certificate management platform. The platform cooperates with world-renowned digital certificate service organizations to provide users with the function of purchasing SSL certificates. Users can also import local external SSL certificates. Upload to the platform to realize the unified management of internal and external SSL certificates by users.

Enter the purchase SSL certificate interface:

1. Log in to the management console .

2. Click "Service List" at the top of the page, select "Security> SSL Certificate Management" to enter the SSL certificate management interface.

3. In the upper right corner of the SSL certificate management interface, click "Buy Certificate".

4. On the "Buy Certificate" page, select the certificate.

In the process of purchasing the certificate, do you have such confusion:

Which certificate type should I choose and which type is suitable?

Which brand's certificate is more reliable?

Is it better to choose one multi-domain certificate or multiple single-domain certificates?

......

In these situations, you might as well follow the steps of the small class to learn how to choose a suitable SSL certificate. Poke here

Certificate type

Huawei Cloud SSL certificate management service provides OV, OV Pro, EV, EV Pro, and DV certificates. The differences between different types of SSL certificates in browser display effect, security level, trust level, etc. are as follows:

Table 1-1 Certificate types

  • If the subject of your website is an individual (that is, without a business license), you can only apply for a DV-type digital certificate.
  • For general enterprises, it is recommended to purchase OV and above (OV Pro, EV, EV Pro) digital certificates.
  • For financial and payment companies, it is recommended to purchase an EV certificate.
  • For mobile website or interface calls, it is recommended that you use OV and above (OV Pro, EV, EV Pro) certificates.

Certificate brand

Currently supported brands include "DigiCert", "GlobalSign", and "GeoTrust".

  • DigiCert: a world-renowned digital certificate provider, serving more than 150 countries and having more than 100,000 customers.
  • GlobalSign: A prestigious and trusted CA center and SSL digital certificate provider, and has many partners around the world.
  • GeoTrust: a world-renowned digital certificate provider, serving more than 150 countries and having more than 100,000 customers. The company serves all large, medium and small enterprises, and has been committed to providing customers with the best service at the lowest price.

Different certificate and brand qualifications are trustworthy, and you can buy them with confidence. In addition, different brands provide different types of certificates. For example, GlobalSign currently provides enterprise OV and enhanced EV certificates.

Domain Type

Understand the types of domain names provided by SCM

When purchasing a certificate, the "domain name type" provided in the SCM has three types: "single domain name", "multi-domain name" and "pan-domain name". Their specific differences are as follows:

Table 1-2 Types of domain names provided by SCM

When purchasing a pan-domain name certificate, you need to pay attention to the rules for matching the domain name of the pan-domain name certificate. It can only match subdomains of the same level, and cannot match across levels. Examples of matching are as follows:

Example 1:

Example 2:

Choose the right domain type

Choose according to the number of domain names you need to bind certificates to and whether the domain names are at the same level or across levels.

Scenario 1: If only one domain name needs to be bound to one SSL certificate, select a single domain name .

Example: If only one domain name needs to be bound to one SSL certificate, select "Single Domain Name".

Scenario 2: If there are multiple domain names that need to be bound in the SSL certificate, please choose according to the following conditions:

1. Multiple domain names, all domain names are not in the same level, and need to be bound in 1 SSL certificate, choose multiple domain names .

Example: If there are 3 domain names, which are not in the same level, and need to be bound in 1 SSL certificate, select "Multiple domain names".

2. If there are multiple domain names, all of which are in the same level and need to be bound in one SSL certificate, then select a generic domain name .

The "number of domain names" is determined according to the number of domain names that need to be bound. The number of domain names will directly affect the certificate fee.

Example: If there are 4 domain names, which are at the same level and need to be bound in 1 SSL certificate, select "Pan domain name".

3. N domain names, some domain names are in the same level, some domain names are not in the same level

  • Method 1: Purchase N single domain name certificates.
  • Method 2: For the same level, buy 1 pan-domain name certificate, and for other different levels, buy 1 multi-domain name certificate.
  • Method 3: Purchase a multi-domain certificate, and the "number of domain names" is N.

Example: There are 5 domain names (a.domain.com, b.domain.com, c.domain.com, d.huawei.com, e.huaweicloud.com), which need to be bound in the SSL certificate

In the case of the same certificate brand, certificate type, and validity period, there are the following purchase methods, please consider the advantages and disadvantages and the price, and choose the appropriate type:

Table 1-3 Purchase method

Validity period and purchase volume

Validity period: The validity period of the certificate, up to 2 years can be purchased.

The validity period of the certificate is calculated from the date of issuance. After the certificate is purchased, the validity period cannot be extended, and the certificate needs to be re-purchased and deployed after it expires. Please plan reasonably according to the usage.

The validity period is different, the discount may be different, please pay attention~~

Purchase amount: the number of certificates purchased. Please consider the number of certificates purchased based on the type of domain name .

After purchasing the certificate, if you need to use the certificate to bind the domain name to achieve the effect of HTTPS, you also need to perform operations such as "Apply for Certificate", "Domain Verification", "Organization Verification", etc., hurry up and click here for details~~

 

Click to follow and learn about Huawei Cloud's fresh technology for the first time~

Guess you like

Origin blog.csdn.net/devcloud/article/details/108531125
Recommended
The number of MaxKB GitHub Stars, an open source knowledge base question and answer system based on large language models, exceeded 5,000!
Ranking
Getting the basic concepts of ROS + catkin Profile
Spring Learning (2) --- Assembling Beans in the IoC Container
js to get the src attribute of the image regularly
STM32 is based on CubeIDE and HAL library basics entry study notes: Bluetooth WIFI STM32 connects to Alibaba Cloud
Short video learning - 3, pandas simple use of pivot_table
Print directory of project configuration log, output log
Understand the difference between vi and vim in Linux in 3 minutes
1 + x certificate Web front-end development HTML5 special exercises
mangodb save and insert the difference
7-1 Family tree processing (50 points) (binary tree solution)
Daily
More
2024-05-13(8)
2024-05-12(28)
2024-05-11(32)
2024-05-10(34)
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)

Code World

© 2018 codetd.com