DescribeLoadBalancerHTTPSListenerAttribute

Updated at:
Copy as MD

View the HTTPS listener configuration.

Operation description

Try it now

Try this API in OpenAPI Explorer, no manual signing needed. Successful calls auto-generate SDK code matching your parameters. Download it with built-in credential security for local usage.

Test

RAM authorization

The table below describes the authorization required to call this API. You can define it in a Resource Access Management (RAM) policy. The table's columns are detailed below:

  • Action: The actions can be used in the Action element of RAM permission policy statements to grant permissions to perform the operation.

  • API: The API that you can call to perform the action.

  • Access level: The predefined level of access granted for each API. Valid values: create, list, get, update, and delete.

  • Resource type: The type of the resource that supports authorization to perform the action. It indicates if the action supports resource-level permission. The specified resource must be compatible with the action. Otherwise, the policy will be ineffective.

    • For APIs with resource-level permissions, required resource types are marked with an asterisk (*). Specify the corresponding Alibaba Cloud Resource Name (ARN) in the Resource element of the policy.

    • For APIs without resource-level permissions, it is shown as All Resources. Use an asterisk (*) in the Resource element of the policy.

  • Condition key: The condition keys defined by the service. The key allows for granular control, applying to either actions alone or actions associated with specific resources. In addition to service-specific condition keys, Alibaba Cloud provides a set of common condition keys applicable across all RAM-supported services.

  • Dependent action: The dependent actions required to run the action. To complete the action, the RAM user or the RAM role must have the permissions to perform all dependent actions.

Action

Access level

Resource type

Condition key

Dependent action

slb:DescribeLoadBalancerHTTPSListenerAttribute

get

*loadbalancer

acs:slb:{#regionId}:{#accountId}:loadbalancer/{#loadbalancerId}

  • slb:tag

  • slb:tag

  • slb:tag

None

Request parameters

Parameter

Type

Required

Description

Example

RegionId

string

No

The region ID of the Classic Load Balancer instance.

cn-hangzhou

LoadBalancerId

string

Yes

The ID of the Classic Load Balancer instance.

lb-bp1mxu5r8lau****

ListenerPort

integer

Yes

The frontend port of the instance.

Valid values: 1 to 65535.

80

Response elements

Element

Type

Description

Example

object

AclType

string

The type of the access control list (ACL). Valid values:

  • white: a whitelist. The listener forwards requests only from IP addresses or CIDR blocks in the associated access control group. A whitelist is suitable for scenarios where you want to allow access from only specific IP addresses. Using a whitelist poses service risks.

If you enable a whitelist for a listener but do not add any IP address to the access control group, the listener forwards all requests.

  • black: a blacklist. All requests from the IP addresses or CIDR blocks in the associated access control group are denied. A blacklist is suitable for scenarios where you want to deny access from specific IP addresses.

If you enable a blacklist for a listener but do not add any IP address to the access control group, the listener forwards all requests.

Note

This parameter is required if the AclStatus parameter is set to on.

white

XForwardedFor_ClientCertClientVerify

string

Indicates whether the XForwardedFor_ClientCertClientVerify header is used to retrieve the verification result of the client certificate. Valid values:

  • on: Enabled

  • off: Disabled

off

CACertificateId

string

The ID of the CA certificate.

idkp-234-cn-test-0**

RequestId

string

The request ID.

365F4154-92F6-4AE4-92F8-7FF3********

HealthCheckConnectPort

integer

The port used for health checks.

Note

This parameter applies only when the HealthCheck parameter is set to on.

8080

BackendServerPort

integer

The port used by backend servers.

8080

CookieTimeout

integer

The cookie timeout period.

500

HealthCheckDomain

string

The domain name used for health checks.

www.test.com

XForwardedFor

string

Indicates whether the X-Forwarded-For header is used to retrieve the real IP addresses of clients. Valid values:

  • on: Enabled

  • off: Disabled

on

XForwardedFor_ClientCertFingerprint

string

Indicates whether the XForwardedFor_ClientCertFingerprint header is used to retrieve the fingerprint of the client certificate. Valid values:

  • on: Enabled

  • off: Disabled

off

IdleTimeout

integer

The idle timeout for a connection, in seconds. Valid values: 1 to 60. Default value: 15.

If a connection is idle for longer than the timeout period, the load balancer closes it. A new connection is established when the next request arrives.

23

ListenerPort

integer

The frontend port used by the load balancer instance.

80

HealthCheckURI

string

The URI for health checks.

/test/index.html

XForwardedFor_SLBPORT

string

Indicates whether the XForwardedFor_SLBPORT header is used to retrieve the listener port of the load balancer instance. Valid values:

  • on: Enabled

  • off: Disabled

off

StickySessionType

string

The cookie handling method.

Valid values: insert and server.

  • insert: inserts a cookie.

    The load balancer inserts a cookie into the first response from a client. Subsequent requests from the client that contain this cookie are forwarded to the same backend server.

  • server: rewrites a cookie.

    The load balancer rewrites a user-defined cookie. Subsequent requests containing the new cookie are forwarded to the same backend server.

insert

Scheduler

string

The scheduling algorithm. Valid values: wrr and rr.

  • wrr: Backend servers with higher weights receive more requests than backend servers with lower weights.

  • rr: Requests are distributed to backend servers in turn.

wrr

XForwardedFor_proto

string

Indicates whether the X-Forwarded-Proto header is used to retrieve the listener protocol. Valid values:

  • on: Enabled

  • off: Disabled

on

HealthCheckMethod

string

The health check method used for HTTP health checks. Valid values: head and get.

Note

This parameter is returned only if the HealthCheck parameter is set to on.

get

TLSCipherPolicy

string

The TLS security policy. This parameter can be set only for a guaranteed-performance instance.

Each security policy defines the supported TLS protocol versions and cipher suites.

  • tls_cipher_policy_1_0

    Supported TLS versions: TLS 1.0, TLS 1.1, and TLS 1.2.

    Supported cipher suites: ECDHE-RSA-AES128-GCM-SHA256, ECDHE-RSA-AES256-GCM-SHA384, ECDHE-RSA-AES128-SHA256, ECDHE-RSA-AES256-SHA384, AES128-GCM-SHA256, AES256-GCM-SHA384, AES128-SHA256, AES256-SHA256, ECDHE-RSA-AES128-SHA, ECDHE-RSA-AES256-SHA, AES128-SHA, AES256-SHA, and DES-CBC3-SHA.

  • tls_cipher_policy_1_1

    Supported TLS versions: TLS 1.1 and TLS 1.2.

    Supported cipher suites: ECDHE-RSA-AES128-GCM-SHA256, ECDHE-RSA-AES256-GCM-SHA384, ECDHE-RSA-AES128-SHA256, ECDHE-RSA-AES256-SHA384, AES128-GCM-SHA256, AES256-GCM-SHA384, AES128-SHA256, AES256-SHA256, ECDHE-RSA-AES128-SHA, ECDHE-RSA-AES256-SHA, AES128-SHA, AES256-SHA, and DES-CBC3-SHA.

  • tls_cipher_policy_1_2

    Supported TLS version: TLS 1.2.

    Supported cipher suites: ECDHE-RSA-AES128-GCM-SHA256, ECDHE-RSA-AES256-GCM-SHA384, ECDHE-RSA-AES128-SHA256, ECDHE-RSA-AES256-SHA384, AES128-GCM-SHA256, AES256-GCM-SHA384, AES128-SHA256, AES256-SHA256, ECDHE-RSA-AES128-SHA, ECDHE-RSA-AES256-SHA, AES128-SHA, AES256-SHA, and DES-CBC3-SHA.

  • tls_cipher_policy_1_2_strict

    Supported TLS version: TLS 1.2.

    Supported cipher suites: ECDHE-RSA-AES128-GCM-SHA256, ECDHE-RSA-AES256-GCM-SHA384, ECDHE-RSA-AES128-SHA256, ECDHE-RSA-AES256-SHA384, ECDHE-RSA-AES128-SHA, and ECDHE-RSA-AES256-SHA.

  • tls_cipher_policy_1_2_strict_with_1_3

    Supported TLS versions: TLS 1.2 and TLS 1.3.

    Supported cipher suites: TLS_AES_128_GCM_SHA256, TLS_AES_256_GCM_SHA384, TLS_CHACHA20_POLY1305_SHA256, TLS_AES_128_CCM_SHA256, TLS_AES_128_CCM_8_SHA256, ECDHE-ECDSA-AES128-GCM-SHA256, ECDHE-ECDSA-AES256-GCM-SHA384, ECDHE-ECDSA-AES128-SHA256, ECDHE-ECDSA-AES256-SHA384, ECDHE-RSA-AES128-GCM-SHA256, ECDHE-RSA-AES256-GCM-SHA384, ECDHE-RSA-AES128-SHA256, ECDHE-RSA-AES256-SHA384, ECDHE-ECDSA-AES128-SHA, ECDHE-ECDSA-AES256-SHA, ECDHE-RSA-AES128-SHA, and ECDHE-RSA-AES256-SHA.

tls_cipher_policy_1_0

Status

string

The status of the listener. Valid values:

  • running: The listener is running.

  • stopped: The listener is stopped.

stopped

VServerGroupId

string

The ID of the associated server group.

rsp-cige6j5e********

XForwardedFor_ClientSrcPort

string

Indicates whether the XForwardedFor_ClientSrcPort header is used to retrieve the port of the client that accesses the load balancer instance. Valid values:

  • on: Enabled

  • off: Disabled

off

Cookie

string

The cookie configured on the backend server.

testCookie

Gzip

string

Indicates whether to enable Gzip compression. Valid values:

  • on: Enabled

  • off: Disabled

on

EnableHttp2

string

Indicates whether to enable HTTP/2. Valid values:

  • on: Enabled

  • off: Disabled

off

Bandwidth

integer

The peak bandwidth for the listener. Unit: Mbit/s.

10

Description

string

The description of the listener.

HTTPS_443

HealthCheckTimeout

integer

The response timeout for a health check, in seconds.

3

AclStatus

string

Indicates whether to enable access control. Valid values:

  • on: Enabled

  • off: Disabled

off

UnhealthyThreshold

integer

The number of consecutive failed health checks required to declare a backend server unhealthy.

4

XForwardedFor_SLBID

string

Indicates whether the SLB-ID header is used to retrieve the ID of the load balancer instance. Valid values:

  • on: Enabled

  • off: Disabled

on

XForwardedFor_ClientCertSubjectDN

string

Indicates whether the XForwardedFor_ClientCertSubjectDN header is used to retrieve information about the owner of the client certificate. Valid values:

  • on: Enabled

  • off: Disabled

off

SecurityStatus

string

Indicates whether the listener is in a secure state. Valid values:

  • on: Secure

  • off: Insecure

on

HealthCheckHttpCode

string

The HTTP status codes indicating a successful health check.

http_2xx,http_3xx

RequestTimeout

integer

The request timeout, in seconds. Valid values: 1 to 180. Default value: 60.

If a backend server fails to respond within this period, the load balancer returns an HTTP 504 error to the client.

43

HealthCheckInterval

integer

The interval between consecutive health checks, in seconds.

5

ServerCertificateId

string

The ID of the server certificate.

idkp-123-cn-test-0**

AclId

string

The ID of the access control group associated with the listener.

Note

This parameter is required if the AclStatus parameter is set to on.

acl-a2do9e413e0spzasx****

XForwardedFor_ClientCertIssuerDN

string

Indicates whether the XForwardedFor_ClientCertIssuerDN header is used to retrieve information about the issuer of the client certificate. Valid values:

  • on: Enabled

  • off: Disabled

off

HealthyThreshold

integer

The number of consecutive successful health checks required to declare a backend server healthy.

4

XForwardedFor_SLBIP

string

Indicates whether the SLB-IP header is used to retrieve the virtual IP address (VIP) of the load balancer instance. Valid values:

  • on: Enabled

  • off: Disabled

on

StickySession

string

Indicates whether session persistence is enabled. Valid values:

  • on: Enabled

  • off: Disabled

on

HealthCheck

string

Indicates whether health checks are enabled. Valid values:

  • on: Enabled

  • off: Disabled

on

AclIds

object

AclId

array

The IDs of the access control groups associated with the listener.

Rules

object

Rule

array<object>

The list of forwarding rules.

object

The list of forwarding rules.

VServerGroupId

string

The ID of the destination server group specified in the forwarding rule.

rsp-cige6j5e********

Url

string

The request path.

/example

Domain

string

The domain name.

www.example.com

RuleName

string

The name of the forwarding rule.

example

RuleId

string

The ID of the forwarding rule.

23

DomainExtensions

object

DomainExtension

array<object>

A list of additional domain names.

object

A list of additional domain names.

ServerCertificateId

string

The ID of the certificate associated with the domain name.

13344444****

Domain

string

The domain name.

www.example.com

DomainExtensionId

string

The ID of the additional domain name.

12

LoadBalancerId

string

The ID of the Classic Load Balancer (CLB) instance.

lb-bp1mxu5r8lau****

Tags

object

Tag

array<object>

The list of tags.

object

The list of tags.

TagKey

string

The tag key of the listener.

TestKey

TagValue

string

The tag value of the listener.

TestValue

Examples

Success response

JSON format

{
  "AclType": "white",
  "XForwardedFor_ClientCertClientVerify": "off",
  "CACertificateId": "idkp-234-cn-test-0**",
  "RequestId": "365F4154-92F6-4AE4-92F8-7FF3********",
  "HealthCheckConnectPort": 8080,
  "BackendServerPort": 8080,
  "CookieTimeout": 500,
  "HealthCheckDomain": "www.test.com",
  "XForwardedFor": "on",
  "XForwardedFor_ClientCertFingerprint": "off",
  "IdleTimeout": 23,
  "ListenerPort": 80,
  "HealthCheckURI": "/test/index.html",
  "XForwardedFor_SLBPORT": "off",
  "StickySessionType": "insert",
  "Scheduler": "wrr",
  "XForwardedFor_proto": "on",
  "HealthCheckMethod": "get",
  "TLSCipherPolicy": "tls_cipher_policy_1_0",
  "Status": "stopped",
  "VServerGroupId": "rsp-cige6j5e********",
  "XForwardedFor_ClientSrcPort": "off",
  "Cookie": "testCookie",
  "Gzip": "on",
  "EnableHttp2": "off",
  "Bandwidth": 10,
  "Description": "HTTPS_443",
  "HealthCheckTimeout": 3,
  "AclStatus": "off",
  "UnhealthyThreshold": 4,
  "XForwardedFor_SLBID": "on",
  "XForwardedFor_ClientCertSubjectDN": "off",
  "SecurityStatus": "on",
  "HealthCheckHttpCode": "http_2xx,http_3xx",
  "RequestTimeout": 43,
  "HealthCheckInterval": 5,
  "ServerCertificateId": "idkp-123-cn-test-0**",
  "AclId": "acl-a2do9e413e0spzasx****",
  "XForwardedFor_ClientCertIssuerDN": "off",
  "HealthyThreshold": 4,
  "XForwardedFor_SLBIP": "on",
  "StickySession": "on",
  "HealthCheck": "on",
  "AclIds": {
    "AclId": [
      ""
    ]
  },
  "Rules": {
    "Rule": [
      {
        "VServerGroupId": "rsp-cige6j5e********",
        "Url": "/example",
        "Domain": "www.example.com",
        "RuleName": "example",
        "RuleId": "23"
      }
    ]
  },
  "DomainExtensions": {
    "DomainExtension": [
      {
        "ServerCertificateId": "13344444****",
        "Domain": "www.example.com",
        "DomainExtensionId": "12"
      }
    ]
  },
  "LoadBalancerId": "lb-bp1mxu5r8lau****",
  "Tags": {
    "Tag": [
      {
        "TagKey": "TestKey",
        "TagValue": "TestValue"
      }
    ]
  }
}

Error codes

See Error Codes for a complete list.

Release notes

See Release Notes for a complete list.