DescribeLoadBalancerHTTPSListenerAttribute

Queries the configurations of an HTTPS listener.

Operation description

A Classic Load Balancer (CLB) instance is created. For more information, see CreateLoadBalancer .
An HTTPS listener is created. For more information about how to create an HTTPS listener, see CreateLoadBalancerHTTPSListener .

Debugging

You can run this interface directly in OpenAPI Explorer, saving you the trouble of calculating signatures. After running successfully, OpenAPI Explorer can automatically generate SDK code samples.

Debug

Authorization information

The following table shows the authorization information corresponding to the API. The authorization information can be used in the Action policy element to grant a RAM user or RAM role the permissions to call this API operation. Description:

Operation: the value that you can use in the Action element to specify the operation on a resource.
Access level: the access level of each operation. The levels are read, write, and list.
Resource type: the type of the resource on which you can authorize the RAM user or the RAM role to perform the operation. Take note of the following items:
- For mandatory resource types, indicate with a prefix of * .
- If the permissions cannot be granted at the resource level, All Resources is used in the Resource type column of the operation.
Condition Key: the condition key that is defined by the cloud service.
Associated operation: other operations that the RAM user or the RAM role must have permissions to perform to complete the operation. To complete the operation, the RAM user or the RAM role must have the permissions to perform the associated operations.

Operation	Access level	Resource type	Condition key	Associated operation

Operation	Access level	Resource type	Condition key	Associated operation
slb:DescribeLoadBalancerHTTPSListenerAttribute	get	*loadbalancer `acs:slb:{#regionId}:{#accountId}:loadbalancer/{#loadbalancerId}`	slb:tag	none

Request parameters

Parameter	Type	Required	Description	Example

Parameter	Type	Required	Description	Example
RegionId	string	No	The region ID of the CLB instance.	cn-hangzhou
LoadBalancerId	string	Yes	The CLB instance ID.	lb-bp1mxu5r8lau****
ListenerPort	integer	Yes	The frontend port that is used by the CLB instance. Valid values: 1 to 65535.	80

Response parameters

Parameter	Type	Description	Example

Parameter	Type	Description	Example
	object
AclType	string	The type of the access control list (ACL). Valid values: white: a whitelist. Only requests from the IP addresses or CIDR blocks in the ACL are forwarded. Whitelists apply to scenarios where you want to allow only specific IP addresses to access an application. Your service may be adversely affected if the whitelist is not properly configured. If a whitelist is configured, only requests from IP addresses that are added to the whitelist are forwarded by the listener. If you enable a whitelist but do not add an IP address to the ACL, the listener forwards all requests. black: a blacklist. All requests from the IP addresses or CIDR blocks in the network ACL are rejected. Blacklists apply to scenarios where you want to block access from specified IP addresses to an application. If a blacklist is configured for a listener but no IP address is added to the blacklist, the listener forwards all requests. Note This parameter is required when AclStatus is set to on.	white
XForwardedFor_ClientCertClientVerify	string	Indicates whether the `XForwardedFor_ClientCertClientVerify` header is used to retrieve the verification result of the client certificate. Valid values: on off	off
CACertificateId	string	The ID of the certification authority (CA) certificate.	idkp-234-cn-test-0**
RequestId	string	The request ID.	365F4154-92F6-4AE4-92F8-7FF3********
HealthCheckConnectPort	integer	The port that is used for health checks. Note This parameter is required when HealthCheck is set to on.	8080
BackendServerPort	integer	The backend port that is used by the CLB instance.	8080
CookieTimeout	integer	The timeout period of a cookie.	500
HealthCheckDomain	string	The domain name that you want to use for health checks.	www.test.com
XForwardedFor	string	Indicates whether the `X-Forwarded-For` header is used to retrieve client IP addresses. Valid values: on off	on
XForwardedFor_ClientCertFingerprint	string	Indicates whether the `XForwardedFor_ClientCertFingerprint` header is used to retrieve the fingerprint of the client certificate. Valid values: on off	off
IdleTimeout	integer	The timeout period of an idle connection. Valid values: 1 to 60. Default value: 15. Unit: seconds. If no request is received within the specified timeout period, CLB closes the connection. When a request is received, CLB establishes a new connection.	23
ListenerPort	integer	The frontend port that is used by the CLB instance.	80
HealthCheckURI	string	The URL path that is used for health checks.	/test/index.html
XForwardedFor_SLBPORT	string	Indicates whether the `XForwardedFor_SLBPORT` header is used to retrieve the listening port. Valid values: on off	off
StickySessionType	string	The method that is used to handle a cookie. Valid values: insert and server. insert: inserts a cookie. CLB inserts a cookie (SERVERID) into the first HTTP or HTTPS response packet that is sent to a client. The next request from the client will contain this cookie, and the listener will distribute this request to the recorded backend server. server: rewrites a cookie. When CLB detects a user-defined cookie, it overwrites the original cookie with the user-defined cookie. The next request from the client carries the user-defined cookie, and the listener will distribute the request to the recorded backend server.	insert
Scheduler	string	The routing algorithm. Valid values: wrr and rr. wrr: Backend servers that have higher weights receive more requests than backend servers that have lower weights. rr: Requests are distributed to backend servers in sequence.	wrr
XForwardedFor_proto	string	Indicates whether the `X-Forwarded-Proto` header is used to retrieve the listener protocol. Valid values: on off	on
HealthCheckMethod	string	The health check method used by HTTP listeners. Valid values: head and get. Note This parameter is available only when HealthCheck is set to on.	get
TLSCipherPolicy	string	The Transport Layer Security (TLS) security policy for a high-performance CLB instance. Each security policy contains TLS protocol versions and cipher suites available for HTTPS. Valid values: tls_cipher_policy_1_0: Supported TLS versions: TLS 1.0, TLS 1.1, and TLS 1.2 Supported cipher suites: ECDHE-RSA-AES128-GCM-SHA256, ECDHE-RSA-AES256-GCM-SHA384, ECDHE-RSA-AES128-SHA256, ECDHE-RSA-AES256-SHA384, AES128-GCM-SHA256, AES256-GCM-SHA384, AES128-SHA256, AES256-SHA256, ECDHE-RSA-AES128-SHA, ECDHE-RSA-AES256-SHA, AES128-SHA, AES256-SHA, and DES-CBC3-SHA tls_cipher_policy_1_1: Supported TLS versions: TLS 1.1 and TLS 1.2 Supported cipher suites: ECDHE-RSA-AES128-GCM-SHA256, ECDHE-RSA-AES256-GCM-SHA384, ECDHE-RSA-AES128-SHA256, ECDHE-RSA-AES256-SHA384, AES128-GCM-SHA256, AES256-GCM-SHA384, AES128-SHA256, AES256-SHA256, ECDHE-RSA-AES128-SHA, ECDHE-RSA-AES256-SHA, AES128-SHA, AES256-SHA, and DES-CBC3-SHA tls_cipher_policy_1_2 Supported TLS version: TLS 1.2 Supported cipher suites: ECDHE-RSA-AES128-GCM-SHA256, ECDHE-RSA-AES256-GCM-SHA384, ECDHE-RSA-AES128-SHA256, ECDHE-RSA-AES256-SHA384, AES128-GCM-SHA256, AES256-GCM-SHA384, AES128-SHA256, AES256-SHA256, ECDHE-RSA-AES128-SHA, ECDHE-RSA-AES256-SHA, AES128-SHA, AES256-SHA, and DES-CBC3-SHA tls_cipher_policy_1_2_strict Supported TLS version: TLS 1.2 Supported cipher suites: ECDHE-RSA-AES128-GCM-SHA256, ECDHE-RSA-AES256-GCM-SHA384, ECDHE-RSA-AES128-SHA256, ECDHE-RSA-AES256-SHA384, ECDHE-RSA-AES128-SHA, and ECDHE-RSA-AES256-SHA tls_cipher_policy_1_2_strict_with_1_3 Supported TLS versions: TLS 1.2 and TLS 1.3 Supported cipher suites: TLS_AES_128_GCM_SHA256, TLS_AES_256_GCM_SHA384, TLS_CHACHA20_POLY1305_SHA256, TLS_AES_128_CCM_SHA256, TLS_AES_128_CCM_8_SHA256, ECDHE-ECDSA-AES128-GCM-SHA256, ECDHE-ECDSA-AES256-GCM-SHA384, ECDHE-ECDSA-AES128-SHA256, ECDHE-ECDSA-AES256-SHA384, ECDHE-RSA-AES128-GCM-SHA256, ECDHE-RSA-AES256-GCM-SHA384, ECDHE-RSA-AES128-SHA256, ECDHE-RSA-AES256-SHA384, ECDHE-ECDSA-AES128-SHA, ECDHE-ECDSA-AES256-SHA, ECDHE-RSA-AES128-SHA, and ECDHE-RSA-AES256-SHA	tls_cipher_policy_1_0
Status	string	The status of the listener. Valid values: running stopped	stopped
VServerGroupId	string	The ID of the associated server group.	rsp-cige6j5e********
XForwardedFor_ClientSrcPort	string	Indicates whether the `XForwardedFor_ClientSrcPort` header is used to retrieve the client port. Valid values: on off	off
Cookie	string	The cookie that is configured on the server.	testCookie
Gzip	string	Indicates whether `Gzip` compression is enabled. Valid values: on off	on
EnableHttp2	string	Indicates whether `HTTP/2` is used. Valid values: on off	off
Bandwidth	integer	The maximum bandwidth of the listener. Unit: Mbit/s.	10
Description	string	The name of the listener.	HTTPS_443
HealthCheckTimeout	integer	The maximum timeout period of a health check. Unit: seconds.	3
AclStatus	string	Indicates whether access control is enabled. Valid values: on off	off
UnhealthyThreshold	integer	The unhealthy threshold.	4
XForwardedFor_SLBID	string	Indicates whether the `SLB-ID` header is used to retrieve the ID of the ALB instance. Valid values: on off	on
XForwardedFor_ClientCertSubjectDN	string	Indicates whether the `XForwardedFor_ClientCertSubjectDN` header is used to retrieve information about the owner of the client certificate. Valid values: on off	off
SecurityStatus	string	Indicates whether the listener is in the Secure state. Valid values: on off	on
HealthCheckHttpCode	string	The HTTP status code for a successful health check.	http_2xx,http_3xx
RequestTimeout	integer	The timeout period of a request. Valid values: 1 to 180. Default value: 60. Unit: seconds. If no response is received from a backend server within the specified timeout period, CLB returns the HTTP 504 status code to the client.	43
HealthCheckInterval	integer	The interval at which health checks are performed. Unit: seconds.	5
ServerCertificateId	string	The ID of the server certificate.	idkp-123-cn-test-0**
AclId	string	The ID of the network ACL that is associated with a listener. Note This parameter is required when AclStatus is set to on.	acl-a2do9e413e0spzasx****
XForwardedFor_ClientCertIssuerDN	string	Indicates whether the `XForwardedFor_ClientCertIssuerDN` header is used to retrieve information about the authority that issues the client certificate. Valid values: on off	off
HealthyThreshold	integer	The healthy threshold.	4
XForwardedFor_SLBIP	string	Indicates whether the `SLB-IP` header is used to retrieve the virtual IP address requested by the client. Valid values: on off	on
StickySession	string	Indicates whether session persistence is enabled. Valid values: on off	on
HealthCheck	string	Indicates whether the health check feature is enabled. Valid values: on off	on
AclIds	array	The ID of the network access control list (ACL) that is associated with the listener.
Rules	array<object>	The list of forwarding rules that are associated with the listener.
Rule	object
VServerGroupId	string	The ID of the server group specified in the forwarding rule.	rsp-cige6j5e********
Url	string	The request URL.	/example
Domain	string	The domain name.	www.example.com
RuleName	string	The name of the forwarding rule.	example
RuleId	string	The ID of the forwarding rule.	23
DomainExtensions	array<object>	A list of additional certificates.
DomainExtension	object
ServerCertificateId	string	The ID of the certificate used by the domain name.	13344444****
Domain	string	The domain name.	www.example.com
DomainExtensionId	string	The ID of the additional certificate.	12
LoadBalancerId	string	The CLB instance ID.	lb-bp1mxu5r8lau****
Tags	array<object>	The tags.
Tag	object
TagKey	string	The key of tag N. Valid values of N: 1 to 20. The tag value cannot be an empty string. The tag key can be up to 64 characters in length. The key cannot start with `acs:` or `aliyun` or contain `http://` or `https://`.	TestKey
TagValue	string	The value of tag N. Valid values of N: 1 to 20. The tag value can be an empty string. The tag value can be up to 128 characters in length, and cannot start with `acs:`. It cannot contain `http://` or `https://`.	TestValue

Examples

Sample success responses

JSONformat

            
            
          
{
  "AclType": "white",
  "XForwardedFor_ClientCertClientVerify": "off",
  "CACertificateId": "idkp-234-cn-test-0**",
  "RequestId": "365F4154-92F6-4AE4-92F8-7FF3********",
  "HealthCheckConnectPort": 8080,
  "BackendServerPort": 8080,
  "CookieTimeout": 500,
  "HealthCheckDomain": "www.test.com",
  "XForwardedFor": "on",
  "XForwardedFor_ClientCertFingerprint": "off",
  "IdleTimeout": 23,
  "ListenerPort": 80,
  "HealthCheckURI": "/test/index.html",
  "XForwardedFor_SLBPORT": "off",
  "StickySessionType": "insert",
  "Scheduler": "wrr",
  "XForwardedFor_proto": "on",
  "HealthCheckMethod": "get",
  "TLSCipherPolicy": "tls_cipher_policy_1_0",
  "Status": "stopped",
  "VServerGroupId": "rsp-cige6j5e********",
  "XForwardedFor_ClientSrcPort": "off",
  "Cookie": "testCookie",
  "Gzip": "on",
  "EnableHttp2": "off",
  "Bandwidth": 10,
  "Description": "HTTPS_443",
  "HealthCheckTimeout": 3,
  "AclStatus": "off",
  "UnhealthyThreshold": 4,
  "XForwardedFor_SLBID": "on",
  "XForwardedFor_ClientCertSubjectDN": "off",
  "SecurityStatus": "on",
  "HealthCheckHttpCode": "http_2xx,http_3xx",
  "RequestTimeout": 43,
  "HealthCheckInterval": 5,
  "ServerCertificateId": "idkp-123-cn-test-0**",
  "AclId": "acl-a2do9e413e0spzasx****",
  "XForwardedFor_ClientCertIssuerDN": "off",
  "HealthyThreshold": 4,
  "XForwardedFor_SLBIP": "on",
  "StickySession": "on",
  "HealthCheck": "on",
  "AclIds": {
    "AclId": [
      ""
    ]
  },
  "Rules": {
    "Rule": [
      {
        "VServerGroupId": "rsp-cige6j5e********",
        "Url": "/example",
        "Domain": "www.example.com",
        "RuleName": "example",
        "RuleId": "23"
      }
    ]
  },
  "DomainExtensions": {
    "DomainExtension": [
      {
        "ServerCertificateId": "13344444****",
        "Domain": "www.example.com",
        "DomainExtensionId": "12"
      }
    ]
  },
  "LoadBalancerId": "lb-bp1mxu5r8lau****",
  "Tags": {
    "Tag": [
      {
        "TagKey": "TestKey",
        "TagValue": "TestValue"
      }
    ]
  }
}

Error codes

For a list of error codes, visit the Service error codes.

Change history

Change time	Summary of changes	Operation

Change time	Summary of changes	Operation
2024-05-28	The response structure of the API has changed	View Change Details

Operation description

Debugging

Authorization information

Request parameters

Response parameters

Examples

Error codes

Change history

Sales Support

Technical Support

Connect & Report Abuse

About Alibaba Cloud

Our Global Network

Quick Start

Global Offices

Olympic Games Paris 2024 New

Stade Roland Garros – Glitz from the Past New

Place de la Concorde – “Breaking” the Barriers New

Vaires-sur-Marne Nautical Stadium – Sports with Sustainability New

International Broadcast Center – Images, Sounds, and Data that Captivate Billions New

Customer Success Stories New

Trust Center

Security & Compliance Center

Cloud Compliance Resources

Security Compliance FAQs

Product & Feature Update New

Cloud Forward

Press Room

Alibaba Cloud e-Magazine New

Alibaba Cloud in Analyst Research

Notice

Go Global Service New

Go Global Alliance with Alibaba Cloud

China Gateway Hot

Information Compliance

China Gateway - MLPS 2.0 Compliance New

China Gateway - Networking

China Gateway - Global Application Acceleration New

China Gateway - Security

China Gateway - Data Security New

ICP Support Hot

China Gateway - Omnichannel Data Mid-End New

China Gateway - Organizational Data Mid-End New

China Gateway - Business Mid-End New

China Gateway - AI Service for Conversational Chatbots New

China Gateway - Online Education

China Gateway - Domain Registration

Work at Alibaba Cloud

Experienced Professionals

Students and Graduates

Free Trial

Pricing

Promo Center

Price Reduction

Pay Less and Deploy More

FinOps

Elastic Compute Service (ECS)

Simple Application Server (SAS)

Elastic GPU Service

Elastic Desktop Service (EDS)

Object Storage Service (OSS)

Cloud Enterprise Network (CEN)

Web Application Firewall (WAF)

Domain Names

Container Compute Service (ACS)

Secure Access Service Edge (SASE)

Intelligent Media Services(IMS)

Edge Security Acceleration (ESA)(Original DCDN)

Intelligent Media Management

DingTalk Enterprise

YiDA

Alibaba Cloud Model Studio

Apsara Prime - For Easy Cloud Product Selection

Alibaba Cloud ECS - Cater All Your Cloud Hosting Needs

1TB CDN—Get Free 1 TB Outbound Traffic Plan Now

Security—Under Attack? Get Free Security Support

Short Message Service - Free Testing is Available

Elastic Compute Service (ECS) Hot

CloudBox

Compute Nest

Dedicated Host Hot

ECS Bare Metal Instance

Elastic Desktop Service (EDS) Featured

Elastic GPU Service Featured

Simple Application Server (SAS) Hot

Auto Scaling

Cloud Phone Beta

Elastic Desktop Service (EDS) Featured

Batch Compute

Elastic High Performance Computing (E-HPC)

Super Computing Cluster (SCC)