AssociateAdditionalCertificatesWithListener - Global Accelerator

Associates additional certificates with an HTTPS listener. You can associate multiple certificates with an HTTPS listener and configure virtual endpoint groups and forwarding rules to accelerate access to multiple HTTPS-capable domain names.

Operation description

Only HTTPS listeners can be associated with additional certificates.
AssociateAdditionalCertificatesWithListener is an asynchronous operation. After a request is sent, the system returns a request ID and runs the task in the background. You can call the DescribeListener operation to query the status of the listener with which you want to associate an additional certificate.
- If the listener is in the updating state, it indicates that the additional certificate is being associated. In this case, you can perform only query operations.
- If the listener is in the active state, it indicates that the additional certificate is associated.
The AssociateAdditionalCertificatesWithListener operation holds an exclusive lock on the Global Accelerator (GA) instance. While the operation is in progress, you cannot call the same operation in the same Alibaba Cloud account.

Debugging

OpenAPI Explorer automatically calculates the signature value. For your convenience, we recommend that you call this operation in OpenAPI Explorer.

Debug

Authorization information

The following table shows the authorization information corresponding to the API. The authorization information can be used in the Action policy element to grant a RAM user or RAM role the permissions to call this API operation. Description:

Operation: the value that you can use in the Action element to specify the operation on a resource.
Access level: the access level of each operation. The levels are read, write, and list.
Resource type: the type of the resource on which you can authorize the RAM user or the RAM role to perform the operation. Take note of the following items:
- The required resource types are displayed in bold characters.
- If the permissions cannot be granted at the resource level, All Resources is used in the Resource type column of the operation.
Condition Key: the condition key that is defined by the cloud service.
Associated operation: other operations that the RAM user or the RAM role must have permissions to perform to complete the operation. To complete the operation, the RAM user or the RAM role must have the permissions to perform the associated operations.

Operation	Access level	Resource type	Condition key	Associated operation
ga:AssociateAdditionalCertificatesWithListener	update	Listener acs:ga:{#regionId}:{#accountId}:listener/{#listenerId}	none	none

Request parameters

Parameter	Type	Required	Description	Example
RegionId	string	Yes	The region ID of the GA instance. Set the value to cn-hangzhou.	cn-hangzhou
ClientToken	string	No	The client token that is used to ensure the idempotence of the request. You can use the client to generate the token, but you must make sure that the token is unique among different requests. The token can contain only ASCII characters. Note If you do not specify this parameter, the system automatically uses the request ID as the client token. The request ID may be different for each request.	123e4567-e89b-12d3-a456-426655440000
AcceleratorId	string	Yes	The GA instance ID.	ga-bp1odcab8tmno0hdq****
ListenerId	string	Yes	The listener ID. Only HTTPS listeners are supported.	lsr-bp1bpn0kn908w4nbw****
Certificates	array<object>	Yes	The additional certificates. You can specify up to 10 certificates in each request.
	object	Yes	The additional certificates. You can specify up to 10 certificate IDs in each request.
Id	string	Yes	The ID of the certificate. Only server certificates are supported. You can specify up to 10 certificate IDs in each request.	6092**-cn-hangzhou
Domain	string	Yes	The domain name that is specified by the certificate. You can associate each domain name with only one additional certificate. You can specify up to 10 domain names in each request.	example.com

Response parameters

Parameter	Type	Description	Example
	object	The response parameters.
RequestId	string	The request ID.	6FEA0CF3-D3B9-43E5-A304-D217037876A8
ListenerId	string	The listener ID.	lsr-bp1bpn0kn908w4nbw****

Examples

Sample success responses

JSONformat

{
  "RequestId": "6FEA0CF3-D3B9-43E5-A304-D217037876A8",
  "ListenerId": "lsr-bp1bpn0kn908w4nbw****"
}

Error codes

HTTP status code	Error code	Error message	Description
400	Resource.QuotaFull	The resource quota is exceeded.	The number of resources has reached the upper limit.
400	ProtocalIllegal.Listener	The specified listener protocol is invalid.	The specified listener protocol is invalid.
400	NotExist.Accelerator	The accelerated instance does not exist.	The GA instance does not exist.
400	StateError.Accelerator	The state of the accelerated instance is invalid.	The status of the GA instance is invalid.
400	QuotaExceeded.Listener	The maximum number of listeners is exceeded.	The maximum number of listeners is exceeded.
400	PortRangeIllegal.Listener	The specified listener port range is invalid.	The specified listener port range is invalid.
400	PortConflict.Listener	The listener port configuration is in conflict.	The listener port configurations are in conflict.
400	QuotaExceeded.ListenerPort	The maximum number of listener ports is exceeded.	The maximum number of listener ports is exceeded.
400	PortRangeIllegal.ExceedGaAbility	The listener port range is invalid. For each accelerator instance, you can only create a listener with port range over 300 for each protocol (TCP and UDP).	The listener port range is invalid. For each accelerator instance, you can only create a listener with port range over 300 for each protocol (TCP and UDP).
400	PortRangeIllegal.UDP	UDP ports 250, 4789, and 4790 are system reserved ports.	-
400	SystemPort.Listener	Ports 65500-65535 are system reserved ports.	Ports 65500 to 65535 are reserved by the system.
400	PortRanges.MustOne	The portRanges must be one for HTTPS and HTTP type listener.	Only one port is supported for HTTPS and HTTP type listeners.
403	Forbbiden.SubUser	You are not authorized to operate on the specified resource because your account was created by another user.	The current account is a RAM user and does not have permissions to manage the specified resources.
403	Forbidden	The user is not authorized to operate on the specified resource.	The current account does not have permissions to manage the specified resources.
500	UnknownError	An error occurred while processing your request. Please try again. If the error persists, please submit a ticket.	An error occurred while the request was being processed. Try again later.

For a list of error codes, visit the Service error codes.

Change history

Change time	Summary of changes	Operation

No change history