Configure the HTTPS listener
Operation description
You have created a Classic Load Balancer (see CreateLoadBalancer).
You have created an HTTPS listener (see CreateLoadBalancerHTTPSListener).
Try it now
Test
RAM authorization
|
Action |
Access level |
Resource type |
Condition key |
Dependent action |
|
slb:SetLoadBalancerHTTPSListenerAttribute |
update |
acl
*certificate
*loadbalancer
|
|
None |
Request parameters
|
Parameter |
Type |
Required |
Description |
Example |
| RegionId |
string |
No |
The region ID of the Classic Load Balancer instance. You can call the DescribeRegions operation to query the most recent region list. |
cn-hangzhou |
| LoadBalancerId |
string |
Yes |
The ID of the Classic Load Balancer instance. |
lb-sjhfdji**** |
| ListenerPort |
integer |
Yes |
The frontend port used by the Classic Load Balancer instance. Valid values: 1 to 65535. |
80 |
| Bandwidth |
integer |
No |
The peak bandwidth of the listener. Unit: Mbit/s. Valid values:
|
-1 |
| XForwardedFor |
string |
No |
Specifies whether to use the
|
on |
| Scheduler |
string |
No |
The scheduling algorithm. Valid values:
|
wrr |
| StickySession |
string |
No |
Specifies whether to enable sticky sessions. Valid values:
|
on |
| StickySessionType |
string |
No |
The method that is used to handle cookies. Valid values:
Note
This parameter is required if StickySession is set to on. |
insert |
| CookieTimeout |
integer |
No |
The timeout period of a cookie. Valid values: 1 to 86400. Unit: seconds. Note
This parameter is required if StickySession is set to on and StickySessionType is set to insert. |
500 |
| Cookie |
string |
No |
The cookie that is configured on the backend server. The cookie name must be 1 to 200 characters in length and can contain only ASCII letters and digits. It cannot contain commas (,), semicolons (;), or spaces. It cannot start with a dollar sign ($). Note
This parameter is required if StickySession is set to on and StickySessionType is set to server. |
testCookie |
| HealthCheck |
string |
No |
Specifies whether to enable health checks. Valid values:
|
on |
| HealthCheckMethod |
string |
No |
The HTTP method that is used for health checks. Valid values: head and get. Note
This parameter takes effect only if HealthCheck is set to on. |
get |
| HealthCheckDomain |
string |
No |
The domain name that is used for health checks. Valid values:
Note
This parameter takes effect only if the HealthCheck parameter is set to on. |
172.XX.XX.16 |
| HealthCheckURI |
string |
No |
The URI that is used for health checks. The URI must be 1 to 80 characters in length and must start with a forward slash (/). It can contain letters, digits, and the following special characters: Note
This parameter takes effect only if the HealthCheck parameter is set to on. |
/test/index.html |
| HealthyThreshold |
integer |
No |
The number of consecutive successful health checks required to change the health check status of the backend server from fail to success. Valid values: 2 to 10. Note
This parameter takes effect only if the HealthCheck parameter is set to on. |
4 |
| UnhealthyThreshold |
integer |
No |
The number of consecutive health check failures required to change the health check status of a backend server from success to fail. Valid values: 2 to 10. Note
This parameter takes effect only if the HealthCheck parameter is set to on. |
4 |
| HealthCheckTimeout |
integer |
No |
The timeout period for a health check response. If a backend server, such as an Elastic Compute Service (ECS) instance, does not return a health check response within the specified timeout period, the health check fails. Unit: seconds. Valid values: 1 to 300. Note
This parameter takes effect only if the HealthCheck parameter is set to on. |
3 |
| HealthCheckInterval |
integer |
No |
The interval at which health checks are performed. Unit: seconds. Valid values: 1 to 50. Note
This parameter takes effect only if the HealthCheck parameter is set to on. |
5 |
| HealthCheckConnectPort |
integer |
No |
The port that is used for health checks. Valid values: 1 to 65535. Note
This parameter takes effect only if the HealthCheck parameter is set to on. |
8080 |
| HealthCheckHttpCode |
string |
No |
The HTTP status codes that indicate a successful health check. Separate multiple HTTP status codes with commas (,). Valid values: http_2xx, http_3xx, http_4xx, and http_5xx. Note
This parameter takes effect only if the HealthCheck parameter is set to on. |
http_2xx,http_3xx |
| ServerCertificateId |
string |
No |
The ID of the server certificate. |
idkp-123-cn-te**** |
| CACertificateId |
string |
No |
The ID of the CA certificate.
|
139a00604ad-cn-east-**** |
| VServerGroup |
string |
No |
Specifies whether to use a vServer group. Valid values:
|
on |
| VServerGroupId |
string |
No |
The ID of the vServer group. |
rsp-cige6j**** |
| XForwardedFor_SLBIP |
string |
No |
Specifies whether to use the
|
on |
| XForwardedFor_SLBID |
string |
No |
Specifies whether to use the
|
on |
| XForwardedFor_proto |
string |
No |
Specifies whether to use the
|
on |
| Gzip |
string |
No |
Specifies whether to enable
|
on |
| AclId |
string |
No |
The ID of the network access control list (ACL) that is associated with the listener. This parameter is required if AclStatus is set to on. |
acl-a2do9e413e0spzasx**** |
| AclType |
string |
No |
The type of the network ACL. Valid values:
Note
This parameter is required if AclStatus is set to on. |
white |
| AclStatus |
string |
No |
Specifies whether to enable access control. Valid values:
|
off |
| IdleTimeout |
integer |
No |
The timeout period of an idle connection. Unit: seconds. Valid values: 1 to 60. Default value: 15. If no request is received within the specified timeout period, CLB closes the connection. When a new request is received, CLB establishes a new connection. |
23 |
| RequestTimeout |
integer |
No |
The timeout period of a request. Unit: seconds. Valid values: 1 to 180. Default value: 60. If a backend server does not respond within the specified timeout period, CLB returns an HTTP 504 error code to the client. |
223 |
| EnableHttp2 |
string |
No |
Specifies whether to enable HTTP/2. Valid values:
|
off |
| TLSCipherPolicy |
string |
No |
The Transport Layer Security (TLS) security policy. Each security policy contains TLS protocol versions and cipher suites.
|
tls_cipher_policy_1_2 |
| Description |
string |
No |
The name of the listener. The name must be 1 to 256 characters in length and can contain letters, digits, hyphens (-), forward slashes (/), periods (.), and underscores (_). |
https_80 |
| XForwardedFor_SLBPORT |
string |
No |
Specifies whether to use the
|
off |
| XForwardedFor_ClientSrcPort |
string |
No |
Specifies whether to use the
|
off |
| DryRun |
boolean |
No |
Response elements
|
Element |
Type |
Description |
Example |
|
object |
|||
| RequestId |
string |
The request ID. |
CEF72CEB-54B6-4AE8-B225-F876FF7BA984 |
Examples
Success response
JSON format
{
"RequestId": "CEF72CEB-54B6-4AE8-B225-F876FF7BA984"
}
Error codes
|
HTTP status code |
Error code |
Error message |
Description |
|---|---|---|---|
| 400 | ParamDuplicateError | The specified parameter value of XForwardedFor_ClientCertSubjectDNAlias is duplicate. Please change to a different one. | |
| 400 | IpVersionConflict | The ip version of this LoadBalancer and the Acl is conflict. | |
| 400 | InvalidParameter.IdleTimeout | The specified IdleTimeout exceeds the limit. | |
| 400 | InvalidParameter.RequestTimeout | The specified RequestTimeout exceeds the limit. | |
| 400 | ListenerForwardNotSupport | X-Forward-For is not supported to a ipv6 instance. | |
| 400 | InvalidParameter.RegionNotSupport | The region does not support the parameter: %s. | |
| 400 | InvalidParameter.SpecNotSupport | The loadBalancer of shared spec does not support the parameter: %s. | |
| 400 | OperationFailed.ServerGroupInUse | The VServerGroup or MasterSlaveServerGroup can not be close for this listener. | |
| 400 | InvalidParameter.VServerGroupId | The MasterSlaveServerGroup can not be attached to HTTP or HTTPS listener. | |
| 400 | MissingParam.HealthCheckDomain | The HealthCheckDomain is required when HealthCheckHttpVersion is http1.1. | |
| 400 | InvalidParameter.HealthCheckHttpVersion | The param HealthCheckHttpVersion is invalid. | |
| 400 | Duplicated.AclEntry | %s. | %s |
| 400 | CertificateNotExist | The specified CertificateId does not exist. | |
| 400 | InvalidTLSPolicyId.NotExist | The specified TLS cipher policy does not exist. | |
| 400 | TLSPolicyConfiguring | The specified TLS cipher policy is configuring. | |
| 400 | TLSCipherPolicyVipRelationOverLimit | The number of listeners associated with a policy has exceeded. | |
| 400 | TooManyCertificates | The number of certificates must not be greater than one. | |
| 400 | CertificateTypeMismatched | The certificate type does not match. | |
| 400 | MissingParam.ServerCertificates | Server certificates are required. | |
| 400 | CnCertificateNotSupport | The cn certificate is not support. | |
| 400 | InvalidParam.CertificateBindingType | The param CertificateBindingType is invalid. | |
| 400 | InvalidParamSize.ServerCertificates | The size of param ServerCertificates is invalid. | |
| 400 | TooManyCertificates.ServerCertificates | The number of certificates must not be greater than one. | |
| 400 | AclListenerOverLimit | This acl has reached the limit of binding to listeners. | |
| 400 | QuotaLimitExceeds.AclAttachedToListener | The number of Acl bound listeners has reached the quota limit | |
| 400 | QuotaLimitExceeds.TotalAclEntry | The number of Acl entries has reached the quota limit. | |
| 400 | QuotaLimitExceeds.AclListenerOverLimit | This acl has reached the limit of binding to listeners. | |
| 400 | DryRunOperation | Request validation has been passed with DryRun flag set. | Request validation has been passed with DryRun flag set. |
| 404 | ResourceNotFound.Certificate | The specified resource is not found. |
See Error Codes for a complete list.
Release notes
See Release Notes for a complete list.