Bind the custom domain name to the bucket default domain name
prerequisite
Bucket created. For specific steps, see Create storage space 。 The secondary domain name is already registered. It supports binding non AliCloud registered domain names. If you have not registered a domain name, you can register a domain name on the AliCloud domain name service platform. For specific steps, see Register domain name 。 If the bucket to be bound is located in mainland China, ensure that the domain name has been filed. It supports binding domain names that are not filed by Alibaba Cloud. If your domain name has not been filed, you can file your domain name in Alibaba Cloud ICP filing system. For specific steps, see Overview of ICP Filing Process 。
Use Scenarios
File Preview: Access the OSS Bucket through a custom domain name to avoid forcing the OSS to add a download response header and preview the file in the browser. Brand image and professionalism: bind custom domain names to OSS Buckets, provide personalized domain names, enhance brand image and professionalism, and increase user trust. Prevent domain name from being blocked: Some applications or platforms may block the bucket default domain name. You can bind a custom domain name to your bucket to ensure that the resources in your OSS bucket can be accessed normally. Access convenience: It is easy to remember to access OSS Buckets by using a custom domain name. Compared with the default domain name of OSS, it is more simple, friendly, and easy to access and share resources. User experience optimization: improve the access speed by customizing the domain name, and combine CDN acceleration technology to achieve rapid content distribution and download, reduce latency, and improve the user experience. Persistence of the link: After binding a custom domain name to the OSS bucket, users can still use the same domain name to access resources, even if the subsequent storage location or service changes, to ensure the persistence of the link and long-term access to and use of storage resources.
background information
Access the bucket default domain name or transport acceleration domain name
Access custom domain name
Restrictions on use
Binding Chinese domain names is not supported. Each domain name can only be bound to one bucket. Each bucket can bind up to 100 domain names. When you bind a custom domain name through the OSS management console, you are not allowed to bind a universal domain name (set the domain name prefix to *, so that all sub domain names of the secondary domain name point to the bucket default domain name). When accelerating OSS through CDN, it is allowed to bind the universal domain name, but the domain name will not be displayed on the OSS management console.
Operation steps
Step 1: Bind a custom domain name
If you are not sure which service provider your domain name belongs to, you can click Domain name information query (WHOIS) Page. If you are not sure whether the domain name belongs to the current AliCloud account, you can click Cloud resolution DNS console Query. The top-level domain name involved in the bound custom domain name must meet the requirements of the specified suffix, otherwise it will be regarded as an invalid domain name, which will eventually lead to the domain name binding failure. For more information, see Top level domain suffix list 。
Bind the domain name registered by the current AliCloud account
Sign in OSS Management Console 。 single click Bucket List , and then click the target bucket name. In the left navigation bar, select Bucket Configuration > Domain name management 。 stay Domain name management Page, click Bind domain name 。 stay Bind domain name Panel, enter the domain name to bind, for example static.example.com , and then click Confirm Binding 。 open Automatically add CNAME records 。 After successful submission, cloud resolution DNS will automatically add a CNAME record based on the domain name you filled in, and resolve the custom domain name to the external network access domain name of the bound bucket. explain If you do not open Automatically add CNAME records , after submitting, you need to Cloud resolution DNS console Manually add a CNAME record, otherwise the bound custom domain name will not take effect.
Bind domain names registered with other AliCloud accounts
Use the AliCloud B account to obtain the host records and record values recorded by TXT. Sign in OSS Management Console 。 single click Bucket List , and then click the target bucket name. In the left navigation bar, select Bucket Configuration > Domain name management 。 stay Domain name management Page, click Bind domain name 。 stay Bind domain name Panel, enter the custom domain name of the AliCloud A account to be bound, for example static.example.com , and then copy the Host record In _dnsauth and Record value 。 important After copying TXT record values, please keep Bind domain name Panel until final submission. If off Bind domain name On the panel, TXT record values will become invalid, resulting in the failure of domain name ownership verification later.
Use AliCloud A account to add TXT records. Sign in Cloud resolution DNS console 。 In the domain name resolution list, click Resolution Settings 。 single click Add Record , fill in the domain name resolution information. parameter explain Sample value Record Type Select TXT as the type that the domain name points to. TXT Host record Fill in the host record of the TXT record obtained using the AliCloud B account. _dnsauth Resolve request source The circuit used to resolve the domain name. Suggested choice default , the system will automatically select the best route. default Record value Fill in the CnameToken in the TXT record obtained using the AliCloud B account. b0d777f7ccddeae93358d908ed59**** TTL The update cycle of the domain name. Leave the default value. explain There is a certain delay in the time when the TTL takes effect. Please refer to the actual situation. 10 minutes single click determine 。
Use the AliCloud B account on the OSS console Bind domain name Panel, click Verify domain name ownership and bind 。 Use AliCloud A account to add CNAME records. In the domain name resolution list, click Resolution Settings 。 single click Add Record , fill in the domain name resolution information. parameter explain Sample value Record Type Select CNAME as the type that the domain name points to. CNAME Host record Fill in the host record according to the domain name prefix. If it is a secondary domain name, for example example.com , Enter @ 。 If it is a third level domain name, enter the prefix of the third level domain name. For example, the domain name is static.example.com , enter static.
static Resolve request source The circuit used to resolve the domain name. Suggested choice default , the system will automatically select the best route. default Record value Fill in the bucket's Internet access domain name. The bucket domain name structure is <bucketname>.< endpoint> 。 For Internet endpoints in different regions, see Access domain name and data center 。 examplebucket.oss-cn-hangzhou.aliyuncs.com TTL The update cycle of the domain name. Leave the default value. explain There is a certain delay in the time when the TTL takes effect. Please refer to the actual situation. 10 minutes single click determine 。
Bind domain names registered with non Alibaba Cloud accounts
In AliCloud OSS, generate host records and record values of TXT records. Sign in OSS Management Console 。 single click Bucket List , and then click the target bucket name. In the left navigation bar, select Bucket Configuration > Domain name management 。 stay Domain name management Page, click Bind domain name 。 stay Bind domain name Panel, enter the domain name registered with other domain name service providers, such as static.example.com , and then copy the Host record In _dnsauth and Record value 。 important After copying TXT record values, please keep Bind domain name Panel until final submission. If off Bind domain name On the panel, TXT record values will become invalid, resulting in the failure of domain name ownership verification later.
On the DNS resolution platform of the domain name service provider, add TXT records according to the following table. parameter explain Sample value Record Type Select TXT as the type that the domain name points to. TXT Host record Fill in the host record of the TXT record obtained from AliCloud OSS, and fill in according to the DNS resolution platform requirements of the domain name service provider. _dnsauth Record value Fill in the CnameToken in the TXT record obtained from AliCloud OSS. b0d777f7ccddeae93358d908ed59**** On the AliCloud OSS console Bind domain name Panel, click Verify domain name ownership and bind 。 On the DNS resolution platform of the domain name service provider, add CNAME records according to the following table. parameter explain Sample value Record Type Select CNAME as the type that the domain name points to. CNAME Host record Fill in the host record according to the domain name prefix. If it is a secondary domain name, for example example.com , Enter @ 。 If it is a third level domain name, enter the prefix of the third level domain name. For example, the domain name is static.example.com , enter static.
static Record value Fill in the bucket's Internet access domain name. The bucket domain name structure is <bucketname>.< endpoint> 。 For Internet endpoints in different regions, see Access domain name and data center 。 examplebucket.oss-cn-hangzhou.aliyuncs.com
Step 2: Verify the custom domain name
nslookup
nslookup -type=CNAME example.com
dig
dig CNAME example.com
Step 3: Use a custom domain name
Upload files. See Simple upload 。 Get the file URL. Temporary file URL The steps to obtain a temporary valid file URL are as follows: Set the file read/write permission ACL to private. See Set Object ACL 。 The format of the private file URL is http://YourDomain/ObjectName? Signature parameters 。 You can obtain the file URL and set the effective duration of the URL by the following methods.
Using the OSS Console Sign in OSS Management Console 。 single click Bucket List , and then click the target bucket name. In the left navigation bar, select 。 On the file list page, click the target file name. stay details Panel Own domain name , select the bound custom domain name, keep the other default values, and then click Copy File URL 。
Use the graphical management tool ossbrowser The ossbrowser supports operations at the object level similar to those supported by the console. Please follow the ossbrowser interface instructions to complete the operation of obtaining the signature URL. For how to use ossbrowser, see Quickly use ossbrowser 。 Using the AliCloud SDK Create a new OssClient using a custom domain name. Use OssClient to call the generatePresignedUrl interface to obtain the signature URL. For SDK examples in different languages, see Signature Version 1 。
Java //YourEndpoint fills in the custom domain name. String endpoint = "yourEndpoint"; //Get access credentials from environment variables. Please configure the environment variables before running this code example. EnvironmentVariableCredentialsProvider credentialsProvider = CredentialsProviderFactory.newEnvironmentVariableCredentialsProvider(); //Create a ClientBuilderConfiguration instance, and you can modify the default parameters according to the actual situation. ClientBuilderConfiguration conf = new ClientBuilderConfiguration(); //Set whether CNAME is supported. CNAME is used to bind a custom domain name to the target bucket. conf.setSupportCname(true); //Create an OSSClient instance. OSS ossClient = new OSSClientBuilder().build(endpoint, credentialsProvider, conf); //Close the OSSClient. ossClient.shutdown(); PHP <? php if (is_file(__DIR__ . '/../autoload.php')) { require_once __DIR__ . '/../autoload.php'; } if (is_file(__DIR__ . '/../vendor/autoload.php')) { require_once __DIR__ . '/../vendor/autoload.php'; } use OSS\Credentials\EnvironmentVariableCredentialsProvider; use OSS\OssClient; use OSS\CoreOssException; //Get access credentials from environment variables. Before running this code example, make sure that the environment variables OSS_ACCESS_KEY_ID and OSS_ACCESS_KEY_SECRET have been set. $provider = new EnvironmentVariableCredentialsProvider(); //Fill in the custom domain name, for example http://example.com 。 $endpoint = " http://example.com "; try { $config = array( "provider" => $provider, "endpoint" => $endpoint, "cname" => true ); $ossClient = new OssClient($config); } catch (OssException $e) { print $e->getMessage(); } Node.js const OSS = require('ali-oss') const client = new OSS({ //Use a custom domain name as the endpoint. endpoint: ' http://img.example.com ', //Get access credentials from environment variables. Before running this code example, make sure that the environment variables OSS_ACCESS_KEY_ID and OSS_ACCESS_KEY_SECRET have been set. accessKeyId: process.env.OSS_ACCESS_KEY_ID, accessKeySecret: process.env.OSS_ACCESS_KEY_SECRET, cname: true }); Python # -*- coding: utf-8 -*- import oss2 from oss2.credentials import EnvironmentVariableCredentialsProvider #Get access credentials from environment variables. Please configure the environment variables before running this code example. auth = oss2.ProviderAuth(EnvironmentVariableCredentialsProvider()) #Fill in a custom domain name, such as example.com. cname = ' http://example.com ' #Fill in the bucket name and set is_cname=True to enable CNAME. CNAME refers to binding a custom domain name to the storage space. bucket = oss2.Bucket(auth, cname, 'examplebucket', is_cname=True) Browser.js <! DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8" /> <meta name="viewport" content="width=device-width, initial-scale=1.0" /> <title>Document</title> <script src=" https://gosspublic.alicdn.com/aliyun-oss-sdk-6.18.0.min.js "></script> </head> <body> <script> const client = new OSS({ //Fill in a custom domain name, such as example.com. endpoint: "example.com", //The temporary access key (AccessKey ID and AccessKey Secret) obtained from the STS service. accessKeyId: "yourAccessKeyId", accessKeySecret: "yourAccessKeySecret", //The security token (SecurityToken) obtained from the STS service. stsToken: 'yourSecurityToken', //Fill in the bucket name, such as examplebucket. bucket: "examplebucket", cname: true, }); </script> </body> </html> .NET using Aliyun.OSS; using Aliyun.OSS.Common; //Get access credentials from environment variables. Before running this code example, make sure that the environment variables OSS_ACCESS_KEY_ID and OSS_ACCESS_KEY_SECRET have been set. var accessKeyId = Environment.GetEnvironmentVariable("OSS_ACCESS_KEY_ID"); var accessKeySecret = Environment.GetEnvironmentVariable("OSS_ACCESS_KEY_SECRET"); //Fill in the custom domain name. const string endpoint = "yourDomain"; //Create a ClientConfiguration instance and modify the default parameters according to your needs. var conf = new ClientConfiguration(); //Turn on the CNAME switch. CNAME refers to the process of binding a custom domain name to a storage space. conf.IsCname = true; //Create an OssClient instance. var client = new OssClient(endpoint, accessKeyId, accessKeySecret, conf); Android //YourEndpoint fills in the custom domain name. String endpoint = "yourEndpoint"; //The temporary access key (AccessKey ID and AccessKey Secret) obtained from the STS service. String accessKeyId = "yourAccessKeyId"; String accessKeySecret = "yourAccessKeySecret"; //The security token (SecurityToken) obtained from the STS service. String securityToken = "yourSecurityToken"; OSSCredentialProvider credentialProvider = new OSSStsTokenCredentialProvider(accessKeyId, accessKeySecret, securityToken); //Create an OSSClient instance. OSSClient oss = new OSSClient(getApplicationContext(), endpoint, credentialProvider); Go package main import ( "fmt" "github.com/aliyun/aliyun-oss-go-sdk/oss" "os" ) func main(){ //Get access credentials from environment variables. Please configure the environment variables before running this code example. provider, err := oss.NewEnvironmentVariableCredentialsProvider() if err != nil { fmt.Println("Error:", err) os.Exit(-1) } //YourEndpoint fills in the user-defined domain name corresponding to the bucket. // oss. UseCname (true) is used to enable CNAME. CNAME is used to bind a custom domain name to the storage space. client, err := oss.New("yourEndpoint", "", "", oss.SetCredentialsProvider(&provider),oss.UseCname(true)) if err != nil { fmt.Println("Error:", err) os.Exit(-1) } fmt.Printf("client:%#v\n", client) } iOS //YourEndpoint fills in the custom domain name. NSString *endpoint = @"yourEndpoint"; //The temporary access key (AccessKey ID and AccessKey Secret) obtained from the STS service. NSString *accessKeyId = @"yourAccessKeyId"; NSString *accessKeySecret = @"yourAccessKeySecret"; //The security token (SecurityToken) obtained from the STS service. NSString *securityToken = @"yourSecurityToken"; id<OSSCredentialProvider> credentialProvider = [[OSSStsTokenCredentialProvider alloc] initWithAccessKeyId:accessKeyId secretKeyId:accessKeySecret securityToken:securityToken]; OSSClient *client = [[OSSClient alloc] initWithEndpoint:endpoint credentialProvider:credentialProvider]; C++ #include <alibabacloud/oss/OssClient.h> using namespace AlibabaCloud::OSS; int main(void) { /*Initialize OSS account information*/ /*YourEndpoint fills in the endpoint corresponding to the bucket's region. Taking East China 1 (Hangzhou) as an example, the Endpoint is filled in as https://oss-cn-hangzhou.aliyuncs.com 。*/ std::string Endpoint = "yourEndpoint"; /*Initialize network and other resources*/ InitializeSdk(); ClientConfiguration conf; /*Get access credentials from environment variables. Before running this code example, make sure that the environment variables OSS_ACCESS_KEY_ID and OSS_ACCESS_KEY_SECRET have been set*/ auto credentialsProvider = std::make_shared<EnvironmentVariableCredentialsProvider>(); OssClient client(Endpoint, credentialsProvider, conf); /*Release network and other resources*/ ShutdownSdk(); return 0; } C #include "oss_api.h" #include "aos_http_io.h" /*Fill in the custom domain name*/ const char *endpoint = "yourCustomEndpoint"; void init_options(oss_request_options_t *options) { options->config = oss_config_create(options->pool); /*Initialize the aos_string_t type with a string of char * type*/ aos_str_set(&options->config->endpoint, endpoint); /*Get access credentials from environment variables. Before running this code example, make sure that the environment variables OSS_ACCESS_KEY_ID and OSS_ACCESS_KEY_SECRET have been set*/ aos_str_set(&options->config->access_key_id, getenv("OSS_ACCESS_KEY_ID")); aos_str_set(&options->config->access_key_secret, getenv("OSS_ACCESS_KEY_SECRET")); /*Turn on CNAME and bind the custom domain name to the storage space*/ options->config->is_cname = 1; options->ctl = aos_http_controller_create(options->pool, 0); } int main() { aos_pool_t *p; oss_request_options_t *options; /*Initialize global variables, which only need to be called once in the program life cycle*/ if (aos_http_io_initialize(NULL, 0) != AOSE_OK) { return -1; } /*Initialize the memory pool and options*/ aos_pool_create(&p, NULL); options = oss_request_options_create(p); init_options(options); /*Logic code, omitted here*/ /*Releasing the memory pool is equivalent to releasing the memory allocated by each resource during the request process*/ aos_pool_destroy(p); /*The global resources allocated before release only need to be called once in the program life cycle*/ aos_http_io_deinitialize(); return 0; } Ruby require 'aliyun/oss' client = Aliyun::OSS::Client.new( #Use a custom domain name as the endpoint. endpoint: ' http://example.com ', #Get access credentials from environment variables. Before running this code example, make sure that the environment variables OSS_ACCESS_KEY_ID and OSS_ACCESS_KEY_SECRET have been set. access_key_id: ENV['OSS_ACCESS_KEY_ID'], access_key_secret: ENV['OSS_ACCESS_KEY_SECRET'] cname: true) ) Using the command line tool ossutil Set the mapping relationship between bucket and user-defined domain name through configuration file. For details, see Configure ossutil 。 adopt sign Generate a signed file URL. For details, see Sign (generate signature URL) 。
Long term file URL warning To obtain a long-term valid file URL, there is no expiration time. You need to set the read/write permission ACL of the read file to public read. After the file is set to public reading, any user on the Internet can access the object, which may cause the leakage of your data and the surge of costs. It is recommended that you use the temporary file URL. The steps to obtain a long-term valid file URL are as follows: Set the file read/write permission ACL to public read. See Set Object ACL 。 Splice file URL. After binding a custom domain name, if the file read/write permission ACL is public read, no signature operation is required. The format of public read file URL is https://YourDomainName/ObjectName 。 For example, if you bind the custom domain name static.example.com to the examplebucket in East China 1 (Hangzhou) region, and the bucket contains the file example.jpg, the file URL is https://static.example.com/example.jpg 。
In the browser, access the generated file URL.
Subsequent operations
Use HTTPS protocol
Accelerate with CDN
Avoid stealing brush
Accelerate cross-border transmission
Hosting static websites
common problem
The existing host record is the same as the host record generated by the current CNAME record, and the CNAME record cannot be automatically added temporarily
The domain name is bound to its own bucket
NeedVerifyDomainOwnership
After binding the custom domain name, the file cannot be previewed?
Can domain names that have been resolved to WAF and have content be bound to buckets?
After binding a custom domain name, can the previous file URL continue to be used?
Is using a custom domain name public access?
How to use a custom domain name to access OSS files?
How to unbind a custom domain name?
Related API
For creating the CnameToken interface required for domain name ownership verification, see CreateCnameToken 。 For obtaining the interface of the created CnameToken, see GetCnameToken 。 For the interface of binding a custom domain name to a bucket, see PutCname 。 For the interface to query all custom domain names bound to a bucket, see ListCname 。 For deleting the interface of a bucket's bound custom domain name, see DeleteCname 。 For the interface to add TXT resolution records or CNAME resolution records using AliCloud resolution DNS, see AddDomainRecord - add resolution records according to the passed in parameters 。
-
Introduction to this page (1)