Documentation AEM as a Cloud Service User Guide

Add an SSL certificate

Last update: May 15, 2025

Applies to:
Experience Manager as a Cloud Service

CREATED FOR:

Admin
Developer

Learn how to add your own SSL certificate or and Adobe managed DV (Domain Validation) certificate using Cloud

NOTE

If you use a customer managed (OV/EV) SSL certificate and a customer managed CDN provider, you can skip adding an SSL certificate and go directly to Add a Domain Mapping when ready.

Provisioning a certificate can take several days. Therefore, Adobe advises provisioning your own certificate well in advance of any deadline or go-live date to avoid delays.

To learn about updating and managing your SSL certificates in Cloud Manager, see Manage SSL certificates.

If you are having issues adding or managing your certificates, see Troubleshoot SSL certificate errors.

Prerequisites

A user must be a member of the Business Owner or Deployment Manager role to add an SSL certificate.
If you are installing your own certificate, see Certificate requirements in Introduction to Managing SSL Certificates.

Choosing which SSL certificate to add

After adding a custom domain name in AEM Cloud Manager, the next step depends on whether you chose to use an Adobe managed (DV) SSL certificate (recommended) or a customer managed (OV/EV) SSL certificate.

For an Adobe managed (DV) SSL certificate:
- The domain validation process is done once the custom domain is added and verified in Cloud Manager.
- Now, you must add an Adobe managed (DV) SSL certificate.
  Once added to Cloud Manager, wait for Adobe to issue and install the DV SSL certificate on your behalf.
- When the certificate is active, your custom domain is ready to use.
For a customer managed (OV/EV) SSL certificate:
- Obtain your OV/EV SSL certificate from a Certificate Authority. For more details, review the requirements for customer managed OV/EV SSL certificates.
- After acquiring the certificate, add your customer managed (OV/EV) SSL certificate’s details in Cloud Manager.
- Once added, the custom domain name is marked as verified, and the SSL certificate is applied.

In either case, after the certificate is verified and installed, the custom domain is available for secure use in your environment. Make sure to check the domain’s status in the Cloud Manager interface regularly to confirm everything is working as expected.

Add an Adobe managed (DV) SSL certificate

Need help with choosing whether to use an Adobe managed SSL certificate (recommended) or a customer managed SSL certificate with your domain? See Choosing which SSL certificate to add

To add an Adobe managed (DV) SSL certificate:

Log into Cloud Manager at my.cloudmanager.adobe.com and select the appropriate program.
On the My Programs console, select the program.
In the upper-left corner of the page, click to reveal the side menu.
Under the Services heading, click SSL Certificates.
Near the upper-right corner of the SSL Certificates page, click Add SSL Certificate.
In the Add SSL certificate dialog box, based on your particular use case, select Adobe Managed (DV).
In the Certificate name field, enter a name you want associated with the DV SSL certificate.
In the Select domains drop-down list, select one or more verified domains that you want associated with the DV SSL certificate.
- No domains to select? If so, you must first add a custom domain name and ensure it is verified before you can add an Adobe managed SSL certificate.
- When you are finished adding a custom domain name, return to this topic and begin at step 1 again.
In the lower-right corner of the dialog box, click Save.

After the SSL certificate is successfully issued, it is displayed with a green Valid check mark in the SSL Certificates table.

You now have added a working Adobe managed DV SSL certificate for your project. This step is often the first to set up a custom domain name.

You are now ready to add a CDN configuration.

Add a customer managed (OV/ED) SSL certificate

Need help with choosing whether to use an Adobe managed SSL certificate (recommended) or a customer managed SSL certificate with your domain? See Choosing which SSL certificate to add

IMPORTANT

When adding or updating an SSL certificate, do not include the new certificate in the certificate chain. Including it prevents the upload from completing successfully.

To add a customer managed (OV/EV) SSL certificate:

Log into Cloud Manager at my.cloudmanager.adobe.com and select the appropriate program.
On the My Programs console, select the program.
In the upper-left corner of the page, click to reveal the side menu.
Under the Services heading, click SSL Certificates.
Near the upper-right corner of the SSL Certificates page, click Add SSL Certificate.
In the Add SSL certificate dialog box, based on your particular use case, select Customer managed (OV/EV).
In the Certificate name field, enter a name for your certificate.
This field is for informational purposes only and can be any name that helps you reference your SSL certificate easily.
In the Certificate, Private key, and Certificate chain fields, copy the required values from your OV or EV SSL certificate, and paste them into their respective fields in the dialog box.

Any detected errors in values are displayed. Before you can save your certificate, you must address all errors. See Certificate Errors to learn more about troubleshooting common errors.

|
In the lower-right corner of the dialog box, click Save.
NOTE
If you selected Customer managed certificate while adding a custom domain name, the domain is verified after the customer managed (OV/EV) SSL certificate is added and saved. See also Check the status of a custom domain name.
After the SSL certificate is successfully issued, it is displayed with a green verified check mark in the SSL Certificates table.

You now have added a working SSL certificate for your project. This step is often the first to set up a custom domain name.

You are now ready to add a CDN configuration.

recommendation-more-help