You can call this operation to modify the configurations of an HTTPS listener.

Debugging

OpenAPI Explorer automatically calculates the signature value. For your convenience, we recommend that you call this operation in OpenAPI Explorer. OpenAPI Explorer dynamically generates the sample code of the operation for different SDKs.

Request parameters

Parameter Type Required Example Description
Action String Yes SetLoadBalancerHTTPSListenerAttribute

The operation that you want to perform.

Set the value to SetLoadBalancerHTTPSListenerAttribute.

ListenerPort Integer Yes 80

The frontend port that is used by the SLB instance.

Valid values: 1 to 65535.

LoadBalancerId String Yes lb-sjhfdji****

The ID of the SLB instance.

RegionId String Yes cn-hangzhou

The ID of the region where the SLB instance is deployed.

You can query the most recent region list from the Regions and zones list or by calling the DescribeRegions operation.

Bandwidth Integer No -1

Specify the maximum bandwidth value for the listener.

Valid values: -1 and 1 to 5120.

  • -1: If you set the value to -1, this indicates that the maximum bandwidth of the listener is unlimited.
  • 1 to 5120: If you set the value to a number from 1 to 5120, the value that you specify indicates the maximum bandwidth of the listener. The sum of maximum bandwidth values of all listeners cannot exceed the maximum bandwidth of the SLB instance.
XForwardedFor String No on

Specifies whether to use the X-Forwarded-For header to obtain the real IP address of the client.

Set the value to on.

Scheduler String No wrr

The scheduling algorithm. Valid values:

  • wrr: Backend servers that have higher weights receive more requests than those that have lower weights. This is the default value.
  • rr: Requests are distributed to backend servers in sequence.
StickySession String No on

Indicates whether session persistence is enabled.

Valid values: on and off.

StickySessionType String No insert

The method that is used to handle a cookie. Valid values:

  • insert: Inserts a cookie.

    SLB inserts a cookie (SERVERID) into the first HTTP or HTTPS response packet that is sent to a client. The next request from the client will contain this cookie, and the listener will distribute this request to the recorded backend server.

  • server: Rewrites a cookie.

    When SLB detects a user-defined cookie, it overwrites the original cookie with the user-defined cookie. The next request from the client will contain the user-defined cookie, and the listener will distribute the request to the recorded backend server.

Note If you set the StickySession parameter to on, this parameter is required.
CookieTimeout Integer No 500

The timeout period of a cookie.

Valid values: 1 to 86400 . Unit: seconds

Note If you set the StickySession parameter to on and the StickySessionType parameter to insert, this parameter is required.
Cookie String No B490B5EBF6F3CD4****

The cookie to be configured on the backend server.

The cookie must be 1 to 200 characters in length, and can contain ASCII letters and digits. It cannot contain commas (,), semicolons (;), or spaces. It cannot start with a dollar sign ($).

Note If you set the StickySession parameter to on and the StickySessionType parameter to server, this parameter is required.
HealthCheck String No on

Specifies whether to enable health checks.

Valid values: on and off.

HealthCheckDomain String No 172.XX.XX.16

The domain name that is used for health checks. Valid values:

  • $_ip: The private IP address of the backend server. If the $_ip parameter is set or the HealthCheckDomain parameter is not set, SLB uses the private IP addresses of backend servers as the domain names for health checks.
  • domain: The domain name must be 1 to 80 characters in length. It can contain only letters, digits, periods (.),and hyphens (-).
Note This parameter takes effect only if the HealthCheck parameter is set to on.
HealthCheckURI String No /test/index.html

The URI that is used for health checks.

The URI must be 1 to 80 characters in length, and can contain only letters, digits, hyphens (-), forward slashes (/), periods (.), percent signs (%), question marks (?), number signs (#), and ampersands (&). The URI must start with a forward slash (/) but cannot contain only a forward slash (/).

Note This parameter takes effect only if the HealthCheck parameter is set to on.
HealthyThreshold Integer No 4

The number of consecutive successful health checks that must occur before an unhealthy backend server is declared healthy. In this case, the health check state is changed from fail to success.

Valid values: 2 to 10.

Note This parameter takes effect only if the HealthCheck parameter is set to on.
UnhealthyThreshold Integer No 4

The number of consecutive failed health checks that must occur before a healthy backend server is declared unhealthy. In this case, the health check state is changed from success to fail.

Valid values: 2 to 10.

Note This parameter takes effect only if the HealthCheck parameter is set to on.
HealthCheckTimeout Integer No 3

The timeout period of a health check response. If a backend server does not respond within the specified time period, the backend server is declared unhealthy.

Valid values: 1 to 300 . Unit: seconds

Note
  • If the value of the HealthCHeckTimeout parameter is smaller than that of the HealthCheckInterval parameter, the value of the HealthCHeckTimeout parameter is ignored and the value of the HealthCheckInterval parameter is regarded as the waiting period.
  • This parameter takes effect only if the HealthCheck parameter is set to on.
HealthCheckInterval Integer No 5

The time interval between two consecutive health checks.

Valid values: 1 to 50. Unit: seconds.

Note This parameter takes effect only if the HealthCheck parameter is set to on.
HealthCheckConnectPort Integer No 8080

The port that is used for health checks.

Valid values: 1 to 65535.

Note This parameter takes effect only if the HealthCheck parameter is set to on.
HealthCheckHttpCode String No http_2xx,http_3xx

The HTTP status code that indicates a successful health check. Separate multiple HTTP status codes with commas (,).

Valid values: http_2xx, http_3xx, http_4xx, and http_5xx.

Note This parameter takes effect only if the HealthCheck parameter is set to on.
ServerCertificateId String No idkp-123-cn-te****

The ID of the server certificate.

CACertificateId String No 139a00604ad-cn-east-****

The ID of the CA certificate.

  • If both the CA certificate and the server certificate are uploaded, two-factor authentication is used.
  • If you upload only the server certificate, single-factor authentication is used.
VServerGroup String No on

Specifies whether to use a vServer group.

Valid values: on and off.

VServerGroupId String No rsp-cige6j****

The ID of the vServer group.

XForwardedFor_SLBIP String No on

Specifies whether to use the SLB-IP header to obtain the real IP address of the client.

Valid values: on and off.

XForwardedFor_SLBID String No on

Specifies whether to use the SLB-ID header to obtain the ID of the SLB instance.

Valid values: on and off.

XForwardedFor_proto String No on

Specifies whether to use the X-Forwarded-Proto header to obtain the listener protocol of the SLB instance.

Valid values: on and off.

Gzip String No on

Specifies whether to enable gzip compression to compress files of a specific type.

Valid values: on and off.

AclId String No nacl-a2do9e413e0spzasx****

The ID of the network access control list (ACL) that is associated with the listener.

This parameter is required if the AclStatus parameter is set to on.

AclType String No white

The type of the ACL. Valid values:

  • white: specifies the ACL as a whitelist. Only requests from the IP addresses or CIDR blocks in the ACL are forwarded. Whitelists apply to scenarios that require you to allow only specific IP addresses to access an application.

    Risks may arise if you specify an ACL as a whitelist. After you set a whitelist for an SLB listener, only requests from IP addresses that are added to the whitelist are distributed by the listener. If you enable a blacklist but do not specify IP addresses, the listener forwards all requests.

  • black: All requests from the IP addresses or CIDR blocks in the ACL are denied. The blacklist is used to forbid specified IP addresses from accessing an application.

    If you enable a blacklist but do not specify IP addresses, the listener forwards all requests.

This parameter takes effect if the AclStatus parameter is set to on.

AclStatus String No off

Specifies whether to enable the access control feature.

Valid values: on and off.

IdleTimeout Integer No 23

The timeout period of an idle connection. Valid values: 1 to 60. Default value: 15. Unit: seconds.

If no request is received during the specified timeout period, the SLB instance closes the connection. When another request is received, the SLB instance establishes a new connection.

RequestTimeout Integer No 223

The timeout period of a request. Unit: seconds. Valid values: 1 to 180. Default value: 60.

If no response is received from the backend server during the request timeout period, SLB sends an HTTP 504 error code to the client.

EnableHttp2 String No off

Specifies whether to enable HTTP/2. Default value: on.

Valid values: on and off.

TLSCipherPolicy String No tls_cipher_policy_1_2

You can specify the TLSCipherPolicy parameter only for a guaranteed-performance instance. Each security policy includes TLS protocol versions and cipher suites available for HTTPS.

You can select a security policy based on your requirements. The following security policies are supported:

  • tls_cipher_policy_1_0:
    • Supported TLS versions: TLSv1.0, TLSv1.1, and TLSv1.2.
    • Supported cipher suites: ECDHE-RSA-AES128-GCM-SHA256, ECDHE-RSA-AES256-GCM-SHA384, ECDHE-RSA-AES128-SHA256, ECDHE-RSA-AES256-SHA384, AES128-GCM-SHA256, AES256-GCM-SHA384, AES128-SHA256, AES256-SHA256, ECDHE-RSA-AES128-SHA, ECDHE-RSA-AES256-SHA, AES128-SHA, AES256-SHA, and DES-CBC3-SHA.
  • tls_cipher_policy_1_1:
    • Supported TLS versions: TLSv1.1 and TLSv1.2.
    • Supported cipher suites: ECDHE-RSA-AES128-GCM-SHA256, ECDHE-RSA-AES256-GCM-SHA384, ECDHE-RSA-AES128-SHA256, ECDHE-RSA-AES256-SHA384, AES128-GCM-SHA256, AES256-GCM-SHA384, AES128-SHA256, AES256-SHA256, ECDHE-RSA-AES128-SHA, ECDHE-RSA-AES256-SHA, AES128-SHA, AES256-SHA, and DES-CBC3-SHA.
  • tls_cipher_policy_1_2
    • Supported TLS version: TLSv1.2.
    • Supported cipher suites: ECDHE-RSA-AES128-GCM-SHA256, ECDHE-RSA-AES256-GCM-SHA384, ECDHE-RSA-AES128-SHA256, ECDHE-RSA-AES256-SHA384, AES128-GCM-SHA256, AES256-GCM-SHA384, AES128-SHA256, AES256-SHA256, ECDHE-RSA-AES128-SHA, ECDHE-RSA-AES256-SHA, AES128-SHA, AES256-SHA, and DES-CBC3-SHA.
  • tls_cipher_policy_1_2_strict
    • Supported TLS version: TLSv1.2.
    • Supported cipher suites: ECDHE-RSA-AES128-GCM-SHA256, ECDHE-RSA-AES256-GCM-SHA384, ECDHE-RSA-AES128-SHA256, ECDHE-RSA-AES256-SHA384, ECDHE-RSA-AES128-SHA, and ECDHE-RSA-AES256-SHA.
Description String No Listener description

The description of the listener.

Response parameters

Parameter Type Example Description
RequestId String CEF72CEB-54B6-4AE8-B225-F876FF7BA984

The ID of the request.

Examples

Sample requests

http(s)://[Endpoint]/?Action=SetLoadBalancerHTTPSListenerAttribute
&ListenerPort=80
&LoadBalancerId=lb-sjhfdji****************
&<Common request parameters>

Sample success responses

XML format

<SetLoadBalancerHTTPSListenerAttributeResponse>
    <RequestId>CEF72CEB-54B6-4AE8-B225-F876FF7BA984</RequestId>
</SetLoadBalancerHTTPSListenerAttributeResponse>

JSON format

{
	"RequestId":" CEF72CEB-54B6-4AE8-B225-F876FF7BA984"
}

Error codes

For a list of error codes, visit the API Error Center.