Queries the SSL certificate that is bound to a specific domain name.


OpenAPI Explorer automatically calculates the signature value. For your convenience, we recommend that you call this operation in OpenAPI Explorer. OpenAPI Explorer dynamically generates the sample code of the operation for different SDKs.

Request parameters

Parameter Type Required Example Description
Action String Yes DescribeCertificates

The operation that you want to perform. Set the value to DescribeCertificates.

Domain String Yes www.example.com

The domain name that is added to WAF.

InstanceId String Yes waf_elasticity-cn-0xldbqt****

The ID of the WAF instance.

Note You can call the DescribeInstanceInfo operation to query the ID of the WAF instance.

Response parameters

Parameter Type Example Description
Certificates Array

The information about the SSL certificate that is bound to the domain name.

CertificateId Long 2329260

The ID of the SSL certificate.

CertificateName String CertName

The name of the SSL certificate.

CommonName String *.example.com

The domain name to which the SSL certificate is bound.

IsUsing Boolean false
Indicates whether the SSL certificate is being used by the domain name. Valid values:
  • true: yes
  • false: no
Sans List ["*.example.com"]

An array that consists of domain names that are protected by WAF and bound to the SSL certificate.

RequestId String D7861F61-5B61-46CE-A47C-6B19160D5EB0

The ID of the request.


Sample requests

&<Common request parameters>

Sample success responses

XML format

<?xml version="1.0" encoding="UTF-8" ?>

JSON format

    "Certificates": [
            "Sans": [
            "CertificateId": 2329260,
            "CertificateName": "CertName",
            "IsUsing": true,
            "CommonName": "*.example.com"
    "RequestId": "D7861F61-5B61-46CE-A47C-6B19160D5EB0"

Error codes

For a list of error codes, visit the API Error Center.