All Products
Search
Document Center

Web Application Firewall:ModifyDomainCert

Last Updated:Oct 30, 2025

Modifies the certificate for a domain name.

Try it now

Try this API in OpenAPI Explorer, no manual signing needed. Successful calls auto-generate SDK code matching your parameters. Download it with built-in credential security for local usage.

Test

RAM authorization

No authorization for this operation. If you encounter issues with this operation, contact technical support.

Request syntax

POST  HTTP/1.1

Request parameters

Parameter

Type

Required

Description

Example

InstanceId

string

Yes

The ID of the Web Application Firewall (WAF) instance.

Note

Call DescribeInstance to query the ID of the current WAF instance.

waf_v2_public_cn-ww**b06

Domain

string

Yes

The domain name.

www.example.com

CertId

string

Yes

The ID of the certificate.

123-cn-hangzhou

TLSVersion

string

No

The Transport Layer Security (TLS) version. Valid values:

  • tlsv1

  • tlsv1.1

  • tlsv1.2

tlsv1

CipherSuite

string

No

The type of the cipher suite. Valid values:

  • 1: all cipher suites.

  • 2: strong cipher suites.

  • 99: custom cipher suites.

1

CustomCiphers

array

No

The custom cipher suites. This parameter is available only when you set CipherSuite to 99.

string

No

A custom cipher suite.

ECDHE-ECDSA-AES256-SHA384

EnableTLSv3

boolean

No

Specifies whether to enable TLS 1.3. Valid values:

  • true: enables TLS 1.3.

  • false: disables TLS 1.3.

false

RegionId

string

Yes

The region where the WAF instance resides. Valid values:

  • cn-hangzhou: the Chinese mainland.

  • ap-southeast-1: outside the Chinese mainland.

cn-hangzhou

Response elements

Element

Type

Description

Example

object

The response schema.

RequestId

string

The ID of the request.

03E3B4DD-2BE7-5D9D-80E8-***

Examples

Success response

JSON format

{
  "RequestId": "03E3B4DD-2BE7-5D9D-80E8-***"
}

Error codes

HTTP status code

Error code

Error message

Description

400 Waf.Pullin.MustListenHTTPS The domain name must listen to the HTTPS protocol. Domain:%s.

See Error Codes for a complete list.

Release notes

See Release Notes for a complete list.