Queries the TLS security policies that are supported by HTTPS listeners.

Description

You can select a TLS security policy when you create and modify an HTTPS listener. This API operation is used to query the TLS security policies that are supported by HTTPS listeners.

Debugging

OpenAPI Explorer automatically calculates the signature value. For your convenience, we recommend that you call this operation in OpenAPI Explorer. OpenAPI Explorer dynamically generates the sample code of the operation for different SDKs.

Request parameters

Parameter Type Required Example Description
Action String Yes ListSystemSecurityPolicies

The operation that you want to perform. Set the value to ListSystemSecurityPolicies.

RegionId String No cn-hangzhou

The ID of the region where the Global Accelerator (GA) instance is deployed. Set the value to cn-hangzhou.

PageNumber Integer No 1

The number of the page to return. Default value: 1.

PageSize Integer No 10

The number of entries to return on each page. Maximum value: 100. Default value: 10.

Response parameters

Parameter Type Example Description
RequestId String A9B4E54C-9CCD-4002-91A9-D38C6C209192

The ID of the request.

TotalCount Integer 2

The total number of entries returned.

PageSize Integer 10

The number of entries returned per page.

PageNumber Integer 1

The page number of the returned page.

SecurityPolicies Array of SecurityPolicies

The security policies.

SecurityPolicyId String tls_cipher_policy_1_1

The ID of the security policy.

TlsVersions Array of String ["TLSv1.0","TLSv1.2"]

The supported TLS protocol versions. Valid values: TLSv1.0, TLSv1.1, TLSv1.2, and TLSv1.3.

Ciphers Array of String ["ECDHE-ECDSA-AES128-SHA","ECDHE-RSA-AES128-GCM-SHA256"]

The supported cipher suites, which depend on the TLSVersions value.

The specified cipher suites must be supported by at least one TLS protocol version that you select. For example, if you set the TLSVersions.N parameter to TLSv1.3, you can specify only cipher suites that are supported by TLSv1.3.

  • TLSv1.0 and TLSv1.1 support the following cipher suites:
    • ECDHE-ECDSA-AES128-SHA
    • ECDHE-ECDSA-AES256-SHA
    • ECDHE-RSA-AES128-SHA
    • ECDHE-RSA-AES256-SHA
    • AES128-SHA
    • AES256-SHA
    • DES-CBC3-SHA
  • TLS 1.2 supports the following cipher suites:
    • ECDHE-ECDSA-AES128-SHA
    • ECDHE-ECDSA-AES256-SHA
    • ECDHE-RSA-AES128-SHA
    • ECDHE-RSA-AES256-SHA
    • AES128-SHA
    • AES256-SHA
    • DES-CBC3-SHA
    • ECDHE-ECDSA-AES128-GCM-SHA256
    • ECDHE-ECDSA-AES256-GCM-SHA384
    • ECDHE-ECDSA-AES128-SHA256
    • ECDHE-ECDSA-AES256-SHA384
    • ECDHE-RSA-AES128-GCM-SHA256
    • ECDHE-RSA-AES256-GCM-SHA384
    • ECDHE-RSA-AES128-SHA256
    • ECDHE-RSA-AES256-SHA384
    • AES128-GCM-SHA256
    • AES256-GCM-SHA384
    • AES128-SHA256
    • AES256-SHA256
  • TLSv1.3 supports the following cipher suites:
    • TLS_AES_128_GCM_SHA256
    • TLS_AES_256_GCM_SHA384
    • TLS_CHACHA20_POLY1305_SHA256
    • TLS_AES_128_CCM_SHA256
    • TLS_AES_128_CCM_8_SHA256

Examples

Sample requests

http(s)://[Endpoint]/?Action=ListSystemSecurityPolicies
&RegionId=cn-hangzhou
&PageNumber=1
&PageSize=10
&Common request parameters

Sample success responses

XML format

HTTP/1.1 200 OK
Content-Type:application/xml

<ListSystemSecurityPoliciesResponse>
    <RequestId>A9B4E54C-9CCD-4002-91A9-D38C6C209192</RequestId>
    <TotalCount>2</TotalCount>
    <PageSize>10</PageSize>
    <PageNumber>1</PageNumber>
    <SecurityPolicies>
        <SecurityPolicyId>tls_cipher_policy_1_1</SecurityPolicyId>
        <TlsVersions>["TLSv1.0","TLSv1.2"]</TlsVersions>
        <Ciphers>["ECDHE-ECDSA-AES128-SHA","ECDHE-RSA-AES128-GCM-SHA256"]</Ciphers>
    </SecurityPolicies>
</ListSystemSecurityPoliciesResponse>

JSON format

HTTP/1.1 200 OK
Content-Type:application/json

{
  "RequestId" : "A9B4E54C-9CCD-4002-91A9-D38C6C209192",
  "TotalCount" : 2,
  "PageSize" : 10,
  "PageNumber" : 1,
  "SecurityPolicies" : [ {
    "SecurityPolicyId" : "tls_cipher_policy_1_1",
    "TlsVersions" : [ "[\"TLSv1.0\",\"TLSv1.2\"]" ],
    "Ciphers" : [ "[\"ECDHE-ECDSA-AES128-SHA\",\"ECDHE-RSA-AES128-GCM-SHA256\"]" ]
  } ]
}

Error codes

For a list of error codes, visit the API Error Center.