Queries the configurations of an HTTPS listener.

Prerequisites

  • A Classic Load Balancer (CLB) instance is created. For more information about how to create a CLB instance, see CreateLoadBalancer.
  • An HTTPS listener is created. For more information about how to create an HTTPS listener, see CreateLoadBalancerHTTPSListener.

Debugging

OpenAPI Explorer automatically calculates the signature value. For your convenience, we recommend that you call this operation in OpenAPI Explorer. OpenAPI Explorer dynamically generates the sample code of the operation for different SDKs.

Request parameters

Parameter Type Required Example Description
Action String Yes DescribeLoadBalancerHTTPSListenerAttribute

The operation that you want to perform.

Set the value to DescribeLoadBalancerHTTPSListenerAttribute.

ListenerPort Integer Yes 80

The frontend port that is used by the CLB instance.

Valid values: 1 to 65535.

LoadBalancerId String Yes lb-bp1mxu5r8lau****

The ID of the CLB instance.

RegionId String Yes cn-hangzhou

The ID of the region where the CLB instance is deployed.

Response parameters

Parameter Type Example Description
ListenerPort Integer 80

The frontend port that is used by the CLB instance.

BackendServerPort Integer 8080

The backend port that is used by the CLB instance.

Bandwidth Integer -1

The maximum bandwidth of the listener. Unit: Mbit/s.

Status String stopped

The status of the listener. Valid values:

  • running: The listener is running.
  • stopped: The listener is stopped.
XForwardedFor String on

Indicates whether the X-Forwarded-For header is used to obtain the real IP address of the client. Valid values:

  • on: yes
  • off: no
Scheduler String wrr

The scheduling algorithm.

Valid values: wrr and rr.

  • wrr: Backend servers that have higher weights receive more requests than those that have lower weights. This is the default value.
  • rr: Requests are distributed to backend servers in sequence.
StickySession String on

Indicates whether session persistence is enabled. Valid values:

  • on: enabled
  • off: disabled
StickySessionType String insert

The method that is used to handle a cookie.

Valid values: insert and server.

  • insert: inserts a cookie.

    CLB inserts the server ID as a cookie into the first HTTP or HTTPS response that is sent to a client. The next request from the client will contain this cookie, and the listener will distribute this request to the recorded backend server.

  • server: rewrites the original cookie.

    When CLB detects a user-defined cookie, it overwrites the original cookie with the user-defined cookie. The next request from the client will contain the user-defined cookie, and the listener will distribute this request to the recorded backend server.

CookieTimeout Integer 500

The timeout period of the cookie.

Cookie String B490B5EBF6F3CD402E515D22BCDA1598

The cookie that is configured on the backend server.

HealthCheck String on

Indicates whether health checks are enabled. Valid values:

  • on: yes
  • off: no
HealthCheckDomain String www.test.com

The domain name that is used for health checks.

HealthCheckURI String /test/index.html

The uniform resource identifier (URI) that is used for health checks.

HealthyThreshold Integer 4

The healthy threshold.

UnhealthyThreshold Integer 4

The unhealthy threshold.

HealthCheckTimeout Integer 3

The timeout period of a health check. Unit: seconds.

HealthCheckInterval Integer 5

The time interval between two consecutive health checks. Unit: seconds.

HealthCheckHttpCode String http_2xx,http_3xx

The HTTP status code that indicates a successful health check.

HealthCheckConnectPort Integer 8080

The port that is used for health checks.

Note This parameter takes effect only if the HealthCheck parameter is set to on.
ServerCertificateId String idkp-123-cn-test-0**

The ID of the server certificate.

CACertificateId String idkp-234-cn-test-0**

The ID of the certificate authority (CA) certificate.

VServerGroupId String rsp-cige6j5e********

The ID of the vServer group that is associated with the listener.

Gzip String on

Indicates whether gzip compression is enabled.

Valid values: on and off.

AclId String nacl-a2do9e413e0spzasx****

The ID of the access control list (ACL) that is associated with the listener.

This parameter is required if the AclStatus parameter is set to on.

AclStatus String off

Indicates whether the access control feature is enabled.

Valid values: on and off. Default value: off.

AclType String white

The type of ACL. Valid values:

  • white: a whitelist. Only requests from the IP addresses or CIDR blocks in the ACL are forwarded. The whitelist applies to scenarios in which you want to allow only specific IP addresses to access an application. Risks may arise if you specify an ACL as a whitelist. After a whitelist is configured, only IP addresses in the whitelist can access the CLB listener.

    If you enable a whitelist but the whitelist does not contain an IP address, the listener forwards all requests.

  • black: a blacklist. All requests from the IP addresses or CIDR blocks in the ACL are blocked. The blacklist applies to scenarios in which you want to block access from specific IP addresses to an application.

    If you enable a blacklist but the blacklist does not contain an IP address, the listener forwards all requests.

This parameter is required if the AclStatus parameter is set to on.

Description String ListenerDescription

The description of the listener.

DomainExtensions Array of DomainExtension N/A

The list of additional certificates.

DomainExtension N/A N/A N/A
Domain String www.example.com

The domain name.

DomainExtensionId String 12

The ID of the additional certificate.

ServerCertificateId String 13344444****

The ID of the server certificate that corresponds to the domain name.

EnableHttp2 String off

Indicates whether HTTP/2 is enabled. Valid values:

  • on: yes. This is the default value.
  • off: no
HealthCheckMethod String get

The HTTP method that is used for health checks. Valid values: head and get.

Note This parameter is returned only if the HealthCheck parameter is set to on.
IdleTimeout Integer 23

The timeout period of an idle connection. Valid values: 1 to 60. Default value: 15. Unit: seconds.

If no request is received within the specified timeout period, CLB closes the connection. When another request is received, CLB establishes a new connection.

RequestId String 365F4154-92F6-4AE4-92F8-7FF3********

The ID of the request.

RequestTimeout Integer 43

The timeout period of a request. Valid values: 1 to 180. Default value: 60. Unit: seconds.

If no response is received from the backend server within the specified timeout period, CLB sends an HTTP 504 error code to the client.

Rules Array of Rule N/A

The list of forwarding rules of the listener.

Rule N/A N/A N/A
Domain String www.example.com

The domain name.

RuleId String 23

The ID of the forwarding rule.

RuleName String example

The name of the forwarding rule.

Url String /example

The request path.

VServerGroupId String 12

The ID of the vServer group with which the forwarding rule is associated.

SecurityStatus String on

Indicates whether the listener is in the security state. Valid values:

  • on: yes
  • off: no
TLSCipherPolicy String tls_cipher_policy_1_0

The Transport Layer Security (TLS) security policy for a high-performance instance.

Each security policy contains TLS protocol versions and cipher suites available for HTTPS.

  • tls_cipher_policy_1_0:

Supported TLS versions: TLS 1.0, TLS 1.1, and TLS 1.2

Supported cipher suites: ECDHE-RSA-AES128-GCM-SHA256, ECDHE-RSA-AES256-GCM-SHA384, ECDHE-RSA-AES128-SHA256, ECDHE-RSA-AES256-SHA384, AES128-GCM-SHA256, AES256-GCM-SHA384, AES128-SHA256, AES256-SHA256, ECDHE-RSA-AES128-SHA, ECDHE-RSA-AES256-SHA, AES128-SHA, AES256-SHA, and DES-CBC3-SHA

  • tls_cipher_policy_1_1:

Supported TLS versions: TLS 1.1 and TLS 1.2

Supported cipher suites: ECDHE-RSA-AES128-GCM-SHA256, ECDHE-RSA-AES256-GCM-SHA384, ECDHE-RSA-AES128-SHA256, ECDHE-RSA-AES256-SHA384, AES128-GCM-SHA256, AES256-GCM-SHA384, AES128-SHA256, AES256-SHA256, ECDHE-RSA-AES128-SHA, ECDHE-RSA-AES256-SHA, AES128-SHA, AES256-SHA, and DES-CBC3-SHA

  • tls_cipher_policy_1_2:

Supported TLS versions: TLS 1.2

Supported cipher suites: ECDHE-RSA-AES128-GCM-SHA256, ECDHE-RSA-AES256-GCM-SHA384, ECDHE-RSA-AES128-SHA256, ECDHE-RSA-AES256-SHA384, AES128-GCM-SHA256, AES256-GCM-SHA384, AES128-SHA256, AES256-SHA256, ECDHE-RSA-AES128-SHA, ECDHE-RSA-AES256-SHA, AES128-SHA, AES256-SHA, and DES-CBC3-SHA

  • tls_cipher_policy_1_2_strict:

Supported TLS versions: TLS 1.2

Supported cipher suites: ECDHE-RSA-AES128-GCM-SHA256, ECDHE-RSA-AES256-GCM-SHA384, ECDHE-RSA-AES128-SHA256, ECDHE-RSA-AES256-SHA384, ECDHE-RSA-AES128-SHA, and ECDHE-RSA-AES256-SHA

  • tls_cipher_policy_1_2_strict_with_1_3:

    Supported TLS versions: TLS 1.2 and TLS 1.3

    Supported cipher suites: TLS_AES_128_GCM_SHA256, TLS_AES_256_GCM_SHA384, TLS_CHACHA20_POLY1305_SHA256, TLS_AES_128_CCM_SHA256, TLS_AES_128_CCM_8_SHA256, ECDHE-ECDSA-AES128-GCM-SHA256, ECDHE-ECDSA-AES256-GCM-SHA384, ECDHE-ECDSA-AES128-SHA256, ECDHE-ECDSA-AES256-SHA384, ECDHE-RSA-AES128-GCM-SHA256, ECDHE-RSA-AES256-GCM-SHA384, ECDHE-RSA-AES128-SHA256, ECDHE-RSA-AES256-SHA384, ECDHE-ECDSA-AES128-SHA, ECDHE-ECDSA-AES256-SHA, ECDHE-RSA-AES128-SHA, and ECDHE-RSA-AES256-SHA

XForwardedFor_ClientCertClientVerify String off

Indicates whether the XForwardedFor_ClientCertClientVerify header is used to obtain the verification result of the client certificate. Valid values:

  • on: yes
  • off: no
XForwardedFor_ClientCertFingerprint String off

Indicates whether the XForwardedFor_ClientCertFingerprint header is used to obtain the fingerprint of the client certificate. Valid values:

  • on: yes
  • off: no
XForwardedFor_ClientCertIssuerDN String off

Indicates whether the XForwardedFor_ClientCertIssuerDN header is used to obtain information about the authority that issues the client certificate. Valid values:

  • on: yes
  • off: no
XForwardedFor_ClientCertSubjectDN String off

Indicates whether the XForwardedFor_ClientCertSubjectDN header is used to obtain information about the owner of the client certificate. Valid values:

  • on: yes
  • off: no
XForwardedFor_ClientSrcPort String off

Indicates whether the XForwardedFor_ClientSrcPort header is used to obtain the port over which a client communicates with the CLB instance. Valid values:

  • on: yes
  • off: no
XForwardedFor_SLBID String on

Indicates whether the SLB-ID header is used to obtain the ID of the CLB instance. Valid values:

  • on: yes
  • off: no
XForwardedFor_SLBIP String on

Indicates whether the SLB-IP header is used to obtain the virtual IP address (VIP) requested by the client. Valid values:

  • on: yes
  • off: no
XForwardedFor_SLBPORT String off

Indicates whether the XForwardedFor_SLBPORT header is used to query the listener port of the CLB instance. Valid values:

  • on: yes
  • off: no
XForwardedFor_proto String on

Indicates whether the X-Forwarded-Proto header is used to obtain the listener protocol of the CLB instance. Valid values:

  • on: yes
  • off: no

Examples

Sample requests

http(s)://[Endpoint]/?Action=DescribeLoadBalancerHTTPSListenerAttribute
&ListenerPort=80
&LoadBalancerId=lb-bp1mxu5r8lau****
&<Common request parameters>

Sample success responses

XML format

<DescribeLoadBalancerHTTPSListenerAttributeResponse>
  <CookieTimeout>500</CookieTimeout>
  <VServerGroupId>rsp-cige6j5e********</VServerGroupId>
  <Description>ListenerDescription</Description>
  <UnhealthyThreshold>4</UnhealthyThreshold>
  <HealthCheckURI>/test/index.html</HealthCheckURI>
  <Scheduler>wrr</Scheduler>
  <HealthCheck>on</HealthCheck>
  <DomainExtensions>
        <DomainExtension>
              <DomainExtensionId>12</DomainExtensionId>
              <ServerCertificateId>13344444****</ServerCertificateId>
              <Domain>www.example.com</Domain>
        </DomainExtension>
  </DomainExtensions>
  <IdleTimeout>23</IdleTimeout>
  <BackendServerPort>8080</BackendServerPort>
  <XForwardedFor_SLBID>on</XForwardedFor_SLBID>
  <XForwardedFor_SLBPORT>off</XForwardedFor_SLBPORT>
  <HealthCheckConnectPort>8080</HealthCheckConnectPort>
  <HealthCheckMethod>get</HealthCheckMethod>
  <SecurityStatus>on</SecurityStatus>
  <Bandwidth>-1</Bandwidth>
  <Gzip>on</Gzip>
  <ServerCertificateId>idkp-123-cn-test-0**</ServerCertificateId>
  <StickySessionType>insert</StickySessionType>
  <XForwardedFor_SLBIP>on</XForwardedFor_SLBIP>
  <HealthCheckHttpCode>http_2xx,http_3xx</HealthCheckHttpCode>
  <Cookie>B490B5EBF6F3CD402E515D22BCDA1598</Cookie>
  <Status>stopped</Status>
  <RequestTimeout>43</RequestTimeout>
  <ListenerPort>80</ListenerPort>
  <TLSCipherPolicy>tls_cipher_policy_1_0</TLSCipherPolicy>
  <HealthCheckInterval>5</HealthCheckInterval>
  <RequestId>365F4154-92F6-4AE4-92F8-7FF3********</RequestId>
  <CACertificateId>idkp-234-cn-test-0**</CACertificateId>
  <XForwardedFor_ClientCertSubjectDN>off</XForwardedFor_ClientCertSubjectDN>
  <AclId>nacl-a2do9e413e0spzasx****</AclId>
  <HealthCheckTimeout>3</HealthCheckTimeout>
  <Rules>
        <Rule>
              <VServerGroupId>12</VServerGroupId>
              <RuleId>23</RuleId>
              <Domain>www.example.com</Domain>
              <Url>/example</Url>
              <RuleName>example</RuleName>
        </Rule>
  </Rules>
  <XForwardedFor_ClientCertIssuerDN>off</XForwardedFor_ClientCertIssuerDN>
  <StickySession>on</StickySession>
  <AclStatus>off</AclStatus>
  <HealthyThreshold>4</HealthyThreshold>
  <XForwardedFor_ClientSrcPort>off</XForwardedFor_ClientSrcPort>
  <XForwardedFor>on</XForwardedFor>
  <HealthCheckDomain>www.test.com</HealthCheckDomain>
  <AclType>white</AclType>
  <XForwardedFor_proto>on</XForwardedFor_proto>
  <EnableHttp2>off</EnableHttp2>
  <XForwardedFor_ClientCertClientVerify>off</XForwardedFor_ClientCertClientVerify>
  <XForwardedFor_ClientCertFingerprint>off</XForwardedFor_ClientCertFingerprint>
</DescribeLoadBalancerHTTPSListenerAttributeResponse>

JSON format

{
    "CookieTimeout": 500,
    "VServerGroupId": "rsp-cige6j5e********",
    "Description": "ListenerDescription",
    "UnhealthyThreshold": 4,
    "HealthCheckURI": "/test/index.html",
    "Scheduler": "wrr",
    "HealthCheck": "on",
    "DomainExtensions": {
        "DomainExtension": {
            "DomainExtensionId": 12,
            "ServerCertificateId": "13344444****",
            "Domain": "www.example.com"
        }
    },
    "IdleTimeout": 23,
    "BackendServerPort": 8080,
    "XForwardedFor_SLBID": "on",
    "XForwardedFor_SLBPORT": "off",
    "HealthCheckConnectPort": 8080,
    "HealthCheckMethod": "get",
    "SecurityStatus": "on",
    "Bandwidth": -1,
    "Gzip": "on",
    "ServerCertificateId": "idkp-123-cn-test-0**",
    "StickySessionType": "insert",
    "XForwardedFor_SLBIP": "on",
    "HealthCheckHttpCode": "http_2xx,http_3xx",
    "Cookie": "B490B5EBF6F3CD402E515D22BCDA1598",
    "Status": "stopped",
    "RequestTimeout": 43,
    "ListenerPort": 80,
    "TLSCipherPolicy": "tls_cipher_policy_1_0",
    "HealthCheckInterval": 5,
    "RequestId": "365F4154-92F6-4AE4-92F8-7FF3********",
    "CACertificateId": "idkp-234-cn-test-0**",
    "XForwardedFor_ClientCertSubjectDN": "off",
    "AclId": "nacl-a2do9e413e0spzasx****",
    "HealthCheckTimeout": 3,
    "Rules": {
        "Rule": {
            "VServerGroupId": 12,
            "RuleId": 23,
            "Domain": "www.example.com",
            "Url": "/example",
            "RuleName": "example"
        }
    },
    "XForwardedFor_ClientCertIssuerDN": "off",
    "StickySession": "on",
    "AclStatus": "off",
    "HealthyThreshold": 4,
    "XForwardedFor_ClientSrcPort": "off",
    "XForwardedFor": "on",
    "HealthCheckDomain": "www.test.com",
    "AclType": "white",
    "XForwardedFor_proto": "on",
    "EnableHttp2": "off",
    "XForwardedFor_ClientCertClientVerify": "off",
    "XForwardedFor_ClientCertFingerprint": "off"
}

Error codes

For a list of error codes, visit the API Error Center.