Queries the TLS version and cipher suite configuration of a bucket.
Usage notes
-
This operation requires the
oss:GetBucketHttpsConfigpermission. Common examples of RAM policies. -
Each region has its own OSS endpoint. For more information about regions and endpoints, see Regions and Endpoints.
Request syntax
GET /?httpsConfig HTTP/1.1
Host: BucketName.oss.aliyuncs.com
Date: GMT Date
Authorization: SignatureValue
Request headers
This request uses only Common HTTP headers.
Response headers
This response returns only Common HTTP headers.
Response parameters
|
Header |
Type |
Example |
Description |
|
HttpsConfiguration |
Container |
N/A |
Container for HTTPS configurations. |
|
TLS |
Container |
N/A |
Container for TLS version configurations. |
|
Enable |
Boolean |
true |
Whether TLS version management is enabled. Valid values:
|
|
TLSVersion |
String |
TLSv1.2 |
The TLS version. Supported versions and usage scenarios are described in Configure the TLS version. |
|
CipherSuite |
Container |
N/A |
Container for cipher suite configuration. |
|
Enable |
Boolean |
true |
Whether cipher suite configuration is enabled.
|
|
StrongCipherSuite |
Boolean |
true |
Whether to use the enhanced cipher suite.
|
|
CustomCipherSuite |
String |
ECDHE-ECDSA-AES128-SHA256 |
Custom cipher suites supported by TLS 1.2. |
|
TLS13CustomCipherSuite |
String |
ECDHE-ECDSA-AES256-CCM8 |
Custom cipher suites supported by TLS 1.3. |
Examples
-
Sample request
GET /?httpsConfig HTTP/1.1 Host: oss-example.oss-cn-hangzhou.aliyuncs.com Date: Thu, 17 Apr 2025 08:40:17 GMT Authorization: OSS4-HMAC-SHA256 Credential=LTAI********************/20250417/cn-hangzhou/oss/aliyun_v4_request,Signature=a7c3554c729d71929e0b84489addee6b2e8d5cb48595adfc51868c299c0c218e -
Sample response
HTTP/1.1 200 OK x-oss-request-id: 534B371674E88A4D8906**** Date: Sat, 8 May 2021 07:51:28 GMT Connection: keep-alive Content-Length: 154 Server: AliyunOSS <?xml version="1.0" encoding="UTF-8"?> <HttpsConfiguration> <TLS> <Enable>true</Enable> <TLSVersion>TLSv1.2</TLSVersion> <TLSVersion>TLSv1.3</TLSVersion> </TLS> <CipherSuite> <Enable>true/false</Enable> <StrongCipherSuite>true/false</StrongCipherSuite> <CustomCipherSuite>ECDHE-ECDSA-AES128-SHA256</CustomCipherSuite> <CustomCipherSuite>ECDHE-RSA-AES128-GCM-SHA256</CustomCipherSuite> <CustomCipherSuite>ECDHE-ECDSA-AES256-CCM8</CustomCipherSuite> <TLS13CustomCipherSuite>ECDHE-ECDSA-AES256-CCM8</CustomCipherSuite> <TLS13CustomCipherSuite>ECDHE-ECDSA-AES256-CCM8</CustomCipherSuite> <TLS13CustomCipherSuite>ECDHE-ECDSA-AES256-CCM8</CustomCipherSuite> </CipherSuite> </HttpsConfiguration>
ossutil
For information about the ossutil command that corresponds to the GetBucketHttpsConfig operation, see get-bucket-https-config.