All Products
Search

This Product

    Web Application Firewall:ModifyDefaultHttps

    Document Center

    Web Application Firewall:ModifyDefaultHttps

    Last Updated:Oct 14, 2025

    Modifies the default SSL/TLS settings.

    Try it now

    Try this API in OpenAPI Explorer, no manual signing needed. Successful calls auto-generate SDK code matching your parameters. Download it with built-in credential security for local usage.

    Test

    RAM authorization

    No authorization for this operation. If you encounter issues with this operation, contact technical support.

    Request parameters

    Parameter

    Type

    Required

    Description

    Example
    CertId

    string

    Yes

    The certificate ID.

    123-cn-hangzhou
    TLSVersion

    string

    Yes

    The version of the TLS protocol. Valid values:

    • tlsv1

    • tlsv1.1

    • tlsv1.2

    tlsv1
    CipherSuite

    integer

    No

    The type of the cipher suite. Valid values:

    • 1: adds all cipher suites.

    • 2: adds strong cipher suites.

    • 99: adds custom cipher suites.

    0
    CustomCiphers

    array

    No

    The custom cipher suites that you want to add. This parameter is used only when CipherSuite is set to 99.

    string

    No

    The custom cipher suite.

    ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384
    InstanceId

    string

    Yes

    The ID of the WAF instance.

    Note

    You can call DescribeInstance to view the ID of the current WAF instance.

    waf_v2_public_cn-***
    EnableTLSv3

    boolean

    No

    Specifies whether to support TLS 1.3. Valid values:

    • true: supports TLS 1.3.

    • false: does not support TLS 1.3.

    true
    RegionId

    string

    No

    The region in which the WAF instance is deployed. Valid values:

    • cn-hangzhou: the Chinese mainland.

    • ap-southeast-1: regions outside the Chinese mainland.

    cn-hangzhou
    ResourceManagerResourceGroupId

    string

    No

    The ID of the Alibaba Cloud resource group.

    rg-acfm***q

    Response elements

    Element

    Type

    Description

    Example

    object

    RequestId

    string

    The request ID, which is used to locate and troubleshoot issues.

    276D7566-31C9-4192-9DD1-***

    Examples

    Success response

    JSON format

    {
  "RequestId": "276D7566-31C9-4192-9DD1-***"
}

    Error codes

    HTTP status code

    Error code

    Error message

    Description
    400 Waf.Pullin.InvalidCertIdentifier Invalid certificate ID, certificate ID:%s. Invalid certificate ID, certificate ID:%s.
    400 Waf.Pullin.CertNotExist Certificate does not exist in SSL Certificate Center, certificate ID:%s.
    400 Waf.Pullin.CertEmptyCN The common name of the certificate is empty, certificate ID:%s.
    400 Waf.Pullin.CertExpired Certificate expired, certificate ID:%s .
    400 Waf.Pullin.InvalidTLS invalid TLS,TLS:%s .
    400 Waf.Pullin.InvalidEnableTLSv3 invalid EnableTLSv3:%s .
    400 Waf.Pullin.InvalidCipherSuit Invalid CipherSuit,CipherSuit:%s.
    400 Waf.Pullin.InvalidCustomCiphers Invalid InvalidCustomCiphers, CustomCiphers:%s .

    See Error Codes for a complete list.

    Release notes

    See Release Notes for a complete list.