You can call this operation to query SSL certificates bound to a specified domain.


OpenAPI Explorer automatically calculates the signature value. For your convenience, we recommend that you call this operation in OpenAPI Explorer. OpenAPI Explorer dynamically generates the sample code of the operation for different SDKs.

Request parameters

Parameter Type Required Example Description 
Action Boolean No DescribeCertificates

The operation that you want to perform. Set the value to DescribeCertificates.

Domain String No

A domain that has been added to WAF.

InstanceId String No waf_elasticity-cn-0xldbqtm005

The ID of the WAF instance.

Note You can call the DescribeInstanceInfo operation to query the ID of the WAF instance.

Response parameters

Parameter Type Example Description
RequestId String D7861F61-5B61-46CE-A47C-6B19160D5EB0

The ID of the request.

Certificates Array

The certificate information of the specified domain.

CommonName String *

The domain of the certificate.

IsUsing Boolean  false

Indicates whether the certificate used by the domain name is valid.

CertificateName String CertName

The name of the certificate.

CertificateId Long 2329260

The ID of the certificate.

Sans List ["*"]

A list of domains that are protected by WAF and bound to the certificate.


Sample request

http(s)://[Endpoint]/? Action=DescribeCertificates
&<Common request parameters>

Sample success responses

XML format


JSON format


Error codes.

For a list of error codes, visit the API Error Center.