Modifies the configurations of an HTTPS listener.

Prerequisites

  • A Classic Load Balancer (CLB) instance is created. For more information about how to create a CLB instance, see CreateLoadBalancer.
  • An HTTPS listener is created. For more information about how to create an HTTPS listener, see CreateLoadBalancerHTTPSListener.

Debugging

OpenAPI Explorer automatically calculates the signature value. For your convenience, we recommend that you call this operation in OpenAPI Explorer. OpenAPI Explorer dynamically generates the sample code of the operation for different SDKs.

Request parameters

Parameter Type Required Example Description
Action String Yes SetLoadBalancerHTTPSListenerAttribute

The operation that you want to perform.

Set the value to SetLoadBalancerHTTPSListenerAttribute.

ListenerPort Integer Yes 80

The frontend port that is used by the CLB instance.

Valid values: 1 to 65535.

LoadBalancerId String Yes lb-sjhfdji****

The ID of the CLB instance.

RegionId String Yes cn-hangzhou

The ID of the region where the CLB instance is deployed.

You can call the DescribeRegions operation to query the region ID.

Bandwidth Integer No -1

The maximum bandwidth of the listener. Unit: Mbit/s.

Valid values: -1 and 1 to 5120.

  • -1: The maximum bandwidth is unlimited.
  • 1 to 5120: If you specify a maximum bandwidth for each listener, the sum of the maximum bandwidths of all listeners cannot exceed the maximum bandwidth of the CLB instance.
XForwardedFor String No on

Specifies whether to use the X-Forwarded-For header to obtain the real IP address of the client. Valid values:

  • on: yes
  • off: no
Scheduler String No wrr

The scheduling algorithm. Valid values:

  • wrr: Backend servers that have higher weights receive more requests than those that have lower weights. This is the default value.
  • rr: Requests are distributed to backend servers in sequence.
StickySession String No on

Specifies whether to enable session persistence. Valid values:

  • on: yes
  • off: no
StickySessionType String No insert

The method that is used to handle a cookie. Valid values:

  • insert: inserts a cookie.

    CLB inserts the server ID as a cookie into the first HTTP or HTTPS response that is sent to a client. The next request from the client will contain this cookie, and the listener will distribute this request to the recorded backend server.

  • server: rewrites the original cookie.

    When CLB detects a user-defined cookie, it overwrites the original cookie with the user-defined cookie. The next request from the client will contain the user-defined cookie, and the listener will distribute this request to the recorded backend server.

Note This parameter is required if the StickySession parameter is set to on.
CookieTimeout Integer No 500

The timeout period of the cookie. Unit: seconds.

Valid values: 1 to 86400.

Note This parameter is required if the StickySession parameter is set to on and the StickySessionType parameter is set to insert.
Cookie String No B490B5EBF6F3CD4****

The cookie to be configured on the backend server.

The cookie must be 1 to 200 characters in length, and can contain ASCII characters and digits. It cannot contain commas (,), semicolons (;), or spaces. It cannot start with a dollar sign ($).

Note This parameter is required if the StickySession parameter is set to on and the StickySessionType parameter is set to server.
HealthCheck String No on

Specifies whether to enable health checks. Valid values:

  • on: yes
  • off: no
HealthCheckMethod String No get

The HTTP method that is used for health checks. Valid values: head and get.

Note This parameter takes effect only if the HealthCheck parameter is set to on.
HealthCheckDomain String No 172.XX.XX.16

The domain name that is used for health checks. Valid values:

  • $_ip: the private IP address of a backend server. If this parameter is set to $_ip or is not set, CLB uses the private IP address of each backend server as the domain name for health checks.
  • domain: The domain name must be 1 to 80 characters in length, and can contain letters, digits, periods (.), and hyphens (-).
Note This parameter takes effect only if the HealthCheck parameter is set to on.
HealthCheckURI String No /test/index.html

The uniform resource identifier (URI) that is used for health checks.

The URI must be 1 to 80 characters in length and can contain letters, digits, and the following characters:

- / . % ? # &

The URI must start with a forward slash (/) but not start with a forward slash only.

Note This parameter takes effect only if the HealthCheck parameter is set to on.
HealthyThreshold Integer No 4

The number of health checks that an unhealthy backend server must consecutively pass before it can be declared healthy. In this case, the health check state is changed from fail to success.

Valid values: 2 to 10.

Note This parameter takes effect only if the HealthCheck parameter is set to on.
UnhealthyThreshold Integer No 4

The number of health checks that a healthy backend server must consecutively fail before it can be declared unhealthy. In this case, the health check state is changed from success to fail.

Valid values: 2 to 10.

Note This parameter takes effect only if the HealthCheck parameter is set to on.
HealthCheckTimeout Integer No 3

The timeout period of a health check. If a backend server does not respond within the specified timeout period, the backend server fails the health check. Unit: seconds.

Valid values: 1 to 300.

If the value of the HealthCheckTimeout parameter is smaller than that of the HealthCheckInterval parameter, the timeout period specified by the HealthCheckTimeout parameter is ignored and the period of time specified by the HealthCheckInterval parameter is used as the timeout period.

Note This parameter takes effect only if the HealthCheck parameter is set to on.
HealthCheckInterval Integer No 5

The time interval between two consecutive health checks. Unit: seconds.

Valid values: 1 to 50.

Note This parameter takes effect only if the HealthCheck parameter is set to on.
HealthCheckConnectPort Integer No 8080

The port that is used for health checks.

Valid values: 1 to 65535.

Note This parameter takes effect only if the HealthCheck parameter is set to on.
HealthCheckHttpCode String No http_2xx,http_3xx

The HTTP status code that indicates a successful health check. Separate multiple HTTP status codes with commas (,).

Valid values: http_2xx, http_3xx, http_4xx, and http_5xx.

Note This parameter takes effect only if the HealthCheck parameter is set to on.
ServerCertificateId String No idkp-123-cn-te****

The ID of the server certificate.

CACertificateId String No 139a00604ad-cn-east-****

The ID of the certificate authority (CA) certificate.

  • If both the CA certificate and the server certificate are uploaded, two-factor authentication is used.
  • If you upload only the server certificate, single-factor authentication is used.
VServerGroup String No on

Specifies whether to use a vServer group. Valid values:

  • on: yes
  • off: no
VServerGroupId String No rsp-cige6j****

The ID of the vServer group.

XForwardedFor_SLBIP String No on

Specifies whether to use the SLB-IP header to obtain the virtual IP address (VIP) requested by the client. Valid values:

  • on: yes
  • off: no. This is the default value.
XForwardedFor_SLBID String No on

Specifies whether to use the SLB-ID header to obtain the ID of the CLB instance. Valid values:

  • on: yes
  • off: no. This is the default value.
XForwardedFor_proto String No on

Specifies whether to use the X-Forwarded-Proto header to obtain the listener protocol of the CLB instance. Valid values:

  • on: yes
  • off: no. This is the default value.
Gzip String No on

Specifies whether to enable gzip compression to compress specific types of files. Valid values:

  • on: yes. This is the default value.
  • off: no
AclId String No nacl-a2do9e413e0spzasx****

The ID of the access control list (ACL) to be associated with the listener.

This parameter is required if the AclStatus parameter is set to on.

AclType String No white

The type of ACL. Valid values:

  • white: a whitelist. Only requests from the IP addresses or CIDR blocks in the ACL are forwarded. The whitelist applies to scenarios in which you want to allow only specific IP addresses to access an application. Risks may arise if you specify an ACL as a whitelist. After a whitelist is configured, only IP addresses in the whitelist can access the CLB listener.

    If you enable a whitelist but the whitelist does not contain an IP address, the listener forwards all requests.

  • black: a blacklist. All requests from the IP addresses or CIDR blocks in the ACL are blocked. The blacklist applies to scenarios in which you want to block access from specific IP addresses to an application.

    If you enable a blacklist but the blacklist does not contain an IP address, the listener forwards all requests.

Note This parameter takes effect if the AclStatus parameter is set to on.
AclStatus String No off

Specifies whether to enable the access control feature. Valid values:

  • on: yes
  • off: no. This is the default value.
IdleTimeout Integer No 23

The timeout period of an idle connection. Unit: seconds. Valid values: 1 to 60. Default value: 15.

If no request is received within the specified timeout period, CLB closes the connection. When another request is received, CLB establishes a new connection.

RequestTimeout Integer No 223

The timeout period of a request. Unit: seconds. Valid values: 1 to 180. Default value: 60.

If no response is received from the backend server within the specified timeout period, CLB sends an HTTP 504 error code to the client.

EnableHttp2 String No off

Specifies whether to enable HTTP/2. Valid values:

  • on: yes. This is the default value.
  • off: no
TLSCipherPolicy String No tls_cipher_policy_1_2

The Transport Layer Security (TLS) security policy. Each security policy contains TLS protocol versions and cipher suites available for HTTPS.

  • tls_cipher_policy_1_0:

Supported TLS versions: TLS 1.0, TLS 1.1, and TLS 1.2

Supported cipher suites: ECDHE-RSA-AES128-GCM-SHA256, ECDHE-RSA-AES256-GCM-SHA384, ECDHE-RSA-AES128-SHA256, ECDHE-RSA-AES256-SHA384, AES128-GCM-SHA256, AES256-GCM-SHA384, AES128-SHA256, AES256-SHA256, ECDHE-RSA-AES128-SHA, ECDHE-RSA-AES256-SHA, AES128-SHA, AES256-SHA, and DES-CBC3-SHA

  • tls_cipher_policy_1_1:

Supported TLS versions: TLS 1.1 and TLS 1.2

Supported cipher suites: ECDHE-RSA-AES128-GCM-SHA256, ECDHE-RSA-AES256-GCM-SHA384, ECDHE-RSA-AES128-SHA256, ECDHE-RSA-AES256-SHA384, AES128-GCM-SHA256, AES256-GCM-SHA384, AES128-SHA256, AES256-SHA256, ECDHE-RSA-AES128-SHA, ECDHE-RSA-AES256-SHA, AES128-SHA, AES256-SHA, and DES-CBC3-SHA

  • tls_cipher_policy_1_2:

Supported TLS versions: TLS 1.2

Supported cipher suites: ECDHE-RSA-AES128-GCM-SHA256, ECDHE-RSA-AES256-GCM-SHA384, ECDHE-RSA-AES128-SHA256, ECDHE-RSA-AES256-SHA384, AES128-GCM-SHA256, AES256-GCM-SHA384, AES128-SHA256, AES256-SHA256, ECDHE-RSA-AES128-SHA, ECDHE-RSA-AES256-SHA, AES128-SHA, AES256-SHA, and DES-CBC3-SHA

  • tls_cipher_policy_1_2_strict:

Supported TLS versions: TLS 1.2

Supported cipher suites: ECDHE-RSA-AES128-GCM-SHA256, ECDHE-RSA-AES256-GCM-SHA384, ECDHE-RSA-AES128-SHA256, ECDHE-RSA-AES256-SHA384, ECDHE-RSA-AES128-SHA, and ECDHE-RSA-AES256-SHA

  • tls_cipher_policy_1_2_strict_with_1_3:

    Supported TLS versions: TLS 1.2 and TLS 1.3

    Supported cipher suites: TLS_AES_128_GCM_SHA256, TLS_AES_256_GCM_SHA384, TLS_CHACHA20_POLY1305_SHA256, TLS_AES_128_CCM_SHA256, TLS_AES_128_CCM_8_SHA256, ECDHE-ECDSA-AES128-GCM-SHA256, ECDHE-ECDSA-AES256-GCM-SHA384, ECDHE-ECDSA-AES128-SHA256, ECDHE-ECDSA-AES256-SHA384, ECDHE-RSA-AES128-GCM-SHA256, ECDHE-RSA-AES256-GCM-SHA384, ECDHE-RSA-AES128-SHA256, ECDHE-RSA-AES256-SHA384, ECDHE-ECDSA-AES128-SHA, ECDHE-ECDSA-AES256-SHA, ECDHE-RSA-AES128-SHA, and ECDHE-RSA-AES256-SHA

Description String No Listener 1

The description of the listener.

Response parameters

Parameter Type Example Description
RequestId String CEF72CEB-54B6-4AE8-B225-F876FF7BA984

The ID of the request.

Examples

Sample requests

http(s)://[Endpoint]/?Action=SetLoadBalancerHTTPSListenerAttribute
&ListenerPort=80
&LoadBalancerId=lb-sjhfdji****
&<Common request parameters>

Sample success responses

XML format

<SetLoadBalancerHTTPSListenerAttributeResponse>
  <RequestId>CEF72CEB-54B6-4AE8-B225-F876FF7BA984</RequestId>
</SetLoadBalancerHTTPSListenerAttributeResponse>

JSON format

{"RequestId":"CEF72CEB-54B6-4AE8-B225-F876FF7BA984"}

Error codes

For a list of error codes, visit the API Error Center.