Queries the configurations of an HTTPS listener.

Prerequisites

Debugging

OpenAPI Explorer automatically calculates the signature value. For your convenience, we recommend that you call this operation in OpenAPI Explorer. OpenAPI Explorer dynamically generates the sample code of the operation for different SDKs.

Request parameters

Parameter Type Required Example Description
Action String Yes DescribeLoadBalancerHTTPSListenerAttribute

The operation that you want to perform.

Set the value to DescribeLoadBalancerHTTPSListenerAttribute.

ListenerPort Integer Yes 80

The frontend port that is used by the CLB instance.

Valid values: 1 to 65535.

LoadBalancerId String Yes lb-bp1mxu5r8lau****

The ID of the CLB instance.

RegionId String Yes cn-hangzhou

The ID of the region where the CLB instance is deployed.

Response parameters

Parameter Type Example Description
ListenerPort Integer 80

The frontend port that is used by the CLB instance.

BackendServerPort Integer 8080

The backend port that is used by the CLB instance.

Bandwidth Integer -1

The bandwidth limit of the listener. Unit: Mbit/s.

Status String stopped

The status of the listener. Valid values:

  • running
  • stopped
XForwardedFor String on

Indicates whether the X-Forwarded-For header is used to retrieve client IP addresses. Valid values:

  • on: yes
  • off: no
Scheduler String wrr

The scheduling algorithm. Valid values: wrr and rr.

  • wrr: Backend servers that have higher weights receive more requests than backend servers that have lower weights.
  • rr: Requests are distributed to backend servers in sequence.
StickySession String on

Indicates whether session persistence is enabled. Valid values:

  • on: enabled
  • off: disabled
StickySessionType String insert

The method that is used to handle a cookie.

Valid values: insert and server.

  • insert: inserts a cookie.

    CLB inserts a cookie (SERVERID) into the first HTTP or HTTPS response that is sent to a client. The next request from the client will contain this cookie, and the listener will distribute this request to the recorded backend server.

  • server: rewrites a cookie.

    When CLB detects a user-defined cookie, it overwrites the original cookie with the user-defined cookie. The next request from the client will contain the user-defined cookie, and the listener will distribute the request to the recorded backend server.

CookieTimeout Integer 500

The timeout period of the cookie.

Cookie String B490B5EBF6F3CD402E515D22BCDA1598

The cookie that is configured on the backend server.

HealthCheck String on

Indicates whether health checks are enabled. Valid values:

  • on: enabled
  • off: disabled
HealthCheckDomain String www.test.com

The domain name that is used for health checks.

HealthCheckURI String /test/index.html

The URL that is used for health checks.

HealthyThreshold Integer 4

The healthy threshold.

UnhealthyThreshold Integer 4

The unhealthy threshold.

HealthCheckTimeout Integer 3

The timeout period of a health check response. Unit: seconds.

HealthCheckInterval Integer 5

The interval between two consecutive health checks. Unit: seconds.

HealthCheckHttpCode String http_2xx,http_3xx

The HTTP status code that indicates a successful health check.

HealthCheckConnectPort Integer 8080

The port that is used for health checks.

Note This parameter takes effect only when the HealthCheck parameter is set to on.
ServerCertificateId String idkp-123-cn-test-0**

The ID of the server certificate.

CACertificateId String idkp-234-cn-test-0**

The ID of the CA certificate.

VServerGroupId String rsp-cige6j5e********

The ID of the server group that is associated with the listener.

Gzip String on

Indicates whether Gzip compression is enabled. Valid values:

  • on: enabled
  • off: disabled
AclId String nacl-a2do9e413e0spzasx****

The ID of the network access control list (ACL) that is associated with the listener.

Note This parameter is required if the AclStatus parameter is set to on.
AclStatus String off

Indicates whether access control is enabled. Valid values:

  • on: enabled
  • off: disabled
AclType String white

The type of network ACL. Valid values:

  • white: a whitelist. Only requests from the IP addresses or CIDR blocks in the network ACL are forwarded. Whitelists apply to scenarios where you want to allow only specific IP addresses to access an application. Your business may be adversely affected if the whitelist is not set properly. After a whitelist is configured, only IP addresses in the whitelist can access the CLB listener.

    If no IP address is added to the whitelist, the CLB listener forwards all requests.

  • black: a blacklist. All requests from the IP addresses or CIDR blocks in the network ACL are denied. Blacklists apply to scenarios where you want to deny access from specified IP addresses to an application.

    If no IP address is added to the blacklist, the listener forwards all requests.

Note If AclStatus is set to on, this parameter is required.
Description String test

The description of the listener.

DomainExtensions Array of DomainExtension

The list of additional certificates.

DomainExtension
Domain String www.example.com

The domain names.

DomainExtensionId String 12

The ID of the additional certificate.

ServerCertificateId String 13344444****

The ID of the server certificate that is associated with the domain name.

EnableHttp2 String off

Indicates whether HTTP/2 is used. Valid values:

  • on: yes
  • off: no
HealthCheckMethod String get

The HTTP method that is used for health checks. Valid values: head and get.

Note This parameter is returned only if the HealthCheck parameter is set to on.
IdleTimeout Integer 23

The timeout period of an idle connection. Valid values: 1 to 60. Default value: 15. Unit: seconds.

If no request is received within the specified timeout period, CLB closes the connection. When another request is received, CLB establishes a new connection.

RequestId String 365F4154-92F6-4AE4-92F8-7FF3********

The ID of the request.

RequestTimeout Integer 43

The timeout period of a request. Valid values: 1 to 180. Default value: 60. Unit: seconds.

If no response is received from the backend server during the request timeout period, CLB sends an HTTP 504 error code to the client.

Rules Array of Rule

The list of forwarding rules associated with the listener.

Rule
Domain String www.example.com

The domain name.

RuleId String 23

The ID of the forwarding rule.

RuleName String example

The name of the forwarding rule.

Url String /example

The request path.

VServerGroupId String 12

The ID of the server group with which the forwarding rule is associated.

SecurityStatus String on

Indicates whether the listener is in the Secure state. Valid values:

  • on: yes
  • off: no
TLSCipherPolicy String tls_cipher_policy_1_0

The Transport Layer Security (TLS) security policy for a high-performance CLB instance.

Each security policy contains TLS protocol versions and cipher suites available for HTTPS.

  • tls_cipher_policy_1_0:

    Supported TLS versions: TLS 1.0, TLS 1.1, and TLS 1.2

    Supported cipher suites: ECDHE-RSA-AES128-GCM-SHA256, ECDHE-RSA-AES256-GCM-SHA384, ECDHE-RSA-AES128-SHA256, ECDHE-RSA-AES256-SHA384, AES128-GCM-SHA256, AES256-GCM-SHA384, AES128-SHA256, AES256-SHA256, ECDHE-RSA-AES128-SHA, ECDHE-RSA-AES256-SHA, AES128-SHA, AES256-SHA, and DES-CBC3-SHA

  • tls_cipher_policy_1_1:

    Supported TLS versions: TLS 1.1 and TLS 1.2

    Supported cipher suites: ECDHE-RSA-AES128-GCM-SHA256, ECDHE-RSA-AES256-GCM-SHA384, ECDHE-RSA-AES128-SHA256, ECDHE-RSA-AES256-SHA384, AES128-GCM-SHA256, AES256-GCM-SHA384, AES128-SHA256, AES256-SHA256, ECDHE-RSA-AES128-SHA, ECDHE-RSA-AES256-SHA, AES128-SHA, AES256-SHA, and DES-CBC3-SHA

  • tls_cipher_policy_1_2

    Supported TLS version: TLS 1.2

    Supported cipher suites: ECDHE-RSA-AES128-GCM-SHA256, ECDHE-RSA-AES256-GCM-SHA384, ECDHE-RSA-AES128-SHA256, ECDHE-RSA-AES256-SHA384, AES128-GCM-SHA256, AES256-GCM-SHA384, AES128-SHA256, AES256-SHA256, ECDHE-RSA-AES128-SHA, ECDHE-RSA-AES256-SHA, AES128-SHA, AES256-SHA, and DES-CBC3-SHA

  • tls_cipher_policy_1_2_strict

    Supported TLS version: TLS 1.2

    Supported cipher suites: ECDHE-RSA-AES128-GCM-SHA256, ECDHE-RSA-AES256-GCM-SHA384, ECDHE-RSA-AES128-SHA256, ECDHE-RSA-AES256-SHA384, ECDHE-RSA-AES128-SHA, and ECDHE-RSA-AES256-SHA

  • tls_cipher_policy_1_2_strict_with_1_3

    Supported TLS versions: TLS 1.2 and TLS 1.3

    TLS_AES_128_GCM_SHA256, TLS_AES_256_GCM_SHA384, TLS_CHACHA20_POLY1305_SHA256, TLS_AES_128_CCM_SHA256, TLS_AES_128_CCM_8_SHA256, ECDHE-ECDSA-AES128-GCM-SHA256, ECDHE-ECDSA-AES256-GCM-SHA384, ECDHE-ECDSA-AES128-SHA256, ECDHE-ECDSA-AES256-SHA384, ECDHE-RSA-AES128-GCM-SHA256, ECDHE-RSA-AES256-GCM-SHA384, ECDHE-RSA-AES128-SHA256, ECDHE-RSA-AES256-SHA384, ECDHE-ECDSA-AES128-SHA, ECDHE-ECDSA-AES256-SHA, ECDHE-RSA-AES128-SHA, and ECDHE-RSA-AES256-SHA

XForwardedFor_ClientCertClientVerify String off

Indicates whether the XForwardedFor_ClientCertClientVerify header is used to obtain the verification result of the client certificate. Valid values:

  • on: yes
  • off: no
XForwardedFor_ClientCertFingerprint String off

Indicates whether the XForwardedFor_ClientCertFingerprint header is used to obtain the fingerprint of the client certificate. Valid values:

  • on: yes
  • off: no
XForwardedFor_ClientCertIssuerDN String off

Indicates whether the XForwardedFor_ClientCertIssuerDN header is used to obtain information about the authority that issues the client certificate. Valid values:

  • on: yes
  • off: no
XForwardedFor_ClientCertSubjectDN String off

Indicates whether the XForwardedFor_ClientCertSubjectDN header is used to obtain information about the owner of the client certificate. Valid values:

  • on: yes
  • off: no
XForwardedFor_ClientSrcPort String off

Indicates whether the XForwardedFor_ClientSrcPort header is used to retrieve the client port. Valid values:

  • on: yes
  • off: no
XForwardedFor_SLBID String on

Indicates whether the SLB-ID header is used to retrieve the ID of the CLB instance. Valid values:

  • on: yes
  • off: no
XForwardedFor_SLBIP String on

Indicates whether to use the SLB-IP header to retrieve the virtual IP address (VIP) requested by the client. Valid values:

  • on: yes
  • off: no
XForwardedFor_SLBPORT String off

Indicates whether the XForwardedFor_SLBPORT header is used to retrieve the listener port. Valid values:

  • on: yes
  • off: no
XForwardedFor_proto String on

Indicates whether the X-Forwarded-Proto header is used to retrieve the listener protocol. Valid values:

  • on: yes
  • off: no

Examples

Sample requests

http(s)://[Endpoint]/?Action=DescribeLoadBalancerHTTPSListenerAttribute
&ListenerPort=80
&LoadBalancerId=lb-bp1mxu5r8lau****
&<Common request parameters>

Sample success responses

XML format

<DescribeLoadBalancerHTTPSListenerAttributeResponse>
  <CookieTimeout>500</CookieTimeout>
  <VServerGroupId>rsp-cige6j5e********</VServerGroupId>
  <Description>test</Description>
  <UnhealthyThreshold>4</UnhealthyThreshold>
  <HealthCheckURI>/test/index.html</HealthCheckURI>
  <Scheduler>wrr</Scheduler>
  <HealthCheck>on</HealthCheck>
  <DomainExtensions>
        <DomainExtension>
              <DomainExtensionId>12</DomainExtensionId>
              <ServerCertificateId>13344444****</ServerCertificateId>
              <Domain>www.example.com</Domain>
        </DomainExtension>
  </DomainExtensions>
  <IdleTimeout>23</IdleTimeout>
  <BackendServerPort>8080</BackendServerPort>
  <XForwardedFor_SLBID>on</XForwardedFor_SLBID>
  <XForwardedFor_SLBPORT>off</XForwardedFor_SLBPORT>
  <HealthCheckConnectPort>8080</HealthCheckConnectPort>
  <HealthCheckMethod>get</HealthCheckMethod>
  <SecurityStatus>on</SecurityStatus>
  <Bandwidth>-1</Bandwidth>
  <Gzip>on</Gzip>
  <ServerCertificateId>idkp-123-cn-test-0**</ServerCertificateId>
  <StickySessionType>insert</StickySessionType>
  <XForwardedFor_SLBIP>on</XForwardedFor_SLBIP>
  <HealthCheckHttpCode>http_2xx,http_3xx</HealthCheckHttpCode>
  <Cookie>B490B5EBF6F3CD402E515D22BCDA1598</Cookie>
  <Status>stopped</Status>
  <RequestTimeout>43</RequestTimeout>
  <ListenerPort>80</ListenerPort>
  <TLSCipherPolicy>tls_cipher_policy_1_0</TLSCipherPolicy>
  <HealthCheckInterval>5</HealthCheckInterval>
  <RequestId>365F4154-92F6-4AE4-92F8-7FF3********</RequestId>
  <CACertificateId>idkp-234-cn-test-0**</CACertificateId>
  <XForwardedFor_ClientCertSubjectDN>off</XForwardedFor_ClientCertSubjectDN>
  <AclId>nacl-a2do9e413e0spzasx****</AclId>
  <HealthCheckTimeout>3</HealthCheckTimeout>
  <Rules>
        <Rule>
              <VServerGroupId>12</VServerGroupId>
              <RuleId>23</RuleId>
              <Domain>www.example.com</Domain>
              <Url>/example</Url>
              <RuleName>example</RuleName>
        </Rule>
  </Rules>
  <XForwardedFor_ClientCertIssuerDN>off</XForwardedFor_ClientCertIssuerDN>
  <StickySession>on</StickySession>
  <AclStatus>off</AclStatus>
  <HealthyThreshold>4</HealthyThreshold>
  <XForwardedFor_ClientSrcPort>off</XForwardedFor_ClientSrcPort>
  <XForwardedFor>on</XForwardedFor>
  <HealthCheckDomain>www.test.com</HealthCheckDomain>
  <AclType>white</AclType>
  <XForwardedFor_proto>on</XForwardedFor_proto>
  <EnableHttp2>off</EnableHttp2>
  <XForwardedFor_ClientCertClientVerify>off</XForwardedFor_ClientCertClientVerify>
  <XForwardedFor_ClientCertFingerprint>off</XForwardedFor_ClientCertFingerprint>
</DescribeLoadBalancerHTTPSListenerAttributeResponse>

JSON format

{
    "CookieTimeout": 500,
    "VServerGroupId": "rsp-cige6j5e********",
    "Description": "test",
    "UnhealthyThreshold": 4,
    "HealthCheckURI": "/test/index.html",
    "Scheduler": "wrr",
    "HealthCheck": "on",
    "DomainExtensions": {
        "DomainExtension": {
            "DomainExtensionId": 12,
            "ServerCertificateId": "13344444****",
            "Domain": "www.example.com"
        }
    },
    "IdleTimeout": 23,
    "BackendServerPort": 8080,
    "XForwardedFor_SLBID": "on",
    "XForwardedFor_SLBPORT": "off",
    "HealthCheckConnectPort": 8080,
    "HealthCheckMethod": "get",
    "SecurityStatus": "on",
    "Bandwidth": -1,
    "Gzip": "on",
    "ServerCertificateId": "idkp-123-cn-test-0**",
    "StickySessionType": "insert",
    "XForwardedFor_SLBIP": "on",
    "HealthCheckHttpCode": "http_2xx,http_3xx",
    "Cookie": "B490B5EBF6F3CD402E515D22BCDA1598",
    "Status": "stopped",
    "RequestTimeout": 43,
    "ListenerPort": 80,
    "TLSCipherPolicy": "tls_cipher_policy_1_0",
    "HealthCheckInterval": 5,
    "RequestId": "365F4154-92F6-4AE4-92F8-7FF3********",
    "CACertificateId": "idkp-234-cn-test-0**",
    "XForwardedFor_ClientCertSubjectDN": "off",
    "AclId": "nacl-a2do9e413e0spzasx****",
    "HealthCheckTimeout": 3,
    "Rules": {
        "Rule": {
            "VServerGroupId": 12,
            "RuleId": 23,
            "Domain": "www.example.com",
            "Url": "/example",
            "RuleName": "example"
        }
    },
    "XForwardedFor_ClientCertIssuerDN": "off",
    "StickySession": "on",
    "AclStatus": "off",
    "HealthyThreshold": 4,
    "XForwardedFor_ClientSrcPort": "off",
    "XForwardedFor": "on",
    "HealthCheckDomain": "www.test.com",
    "AclType": "white",
    "XForwardedFor_proto": "on",
    "EnableHttp2": "off",
    "XForwardedFor_ClientCertClientVerify": "off",
    "XForwardedFor_ClientCertFingerprint": "off"
}

Error codes

For a list of error codes, visit the API Error Center.