更新时间:2025-07-24 GMT+08:00

批量配置域名证书

功能介绍

将一个证书配置给多个加速域名,如果域名已配置HTTPS证书,新证书将会覆盖原有证书。

  • 单租户调用频率:20次/min。

调用方法

请参见如何调用API

URI

PUT /v1.0/cdn/domains/config-https-info

表1 Query参数

参数

是否必选

参数类型

描述

enterprise_project_id

String

参数解释:

企业项目id。您可以通过调用企业项目管理服务(EPS)的查询企业项目列表接口(ListEnterpriseProject)查询企业项目id

约束限制:

当用户开启企业项目功能时,该参数生效,表示查询资源所属项目,"all"表示所有项目

取值范围:

不涉及

默认取值:

不涉及

请求参数

表2 请求Header参数

参数

是否必选

参数类型

描述

X-Auth-Token

String

参数解释:

用户鉴权Token,通过调用IAM服务获取用户Token接口获取(响应消息头中X-Subject-Token的值)

约束限制:

不涉及

取值范围:

不涉及

默认取值:

不涉及

表3 请求Body参数

参数

是否必选

参数类型

描述

https

UpdateDomainMultiCertificatesRequestBodyContent object

参数解释:

HTTPS证书配置,配置证书后,允许客户端采用HTTPS协议访问CDN节点

约束限制:

不涉及

表4 UpdateDomainMultiCertificatesRequestBodyContent

参数

是否必选

参数类型

描述

domain_name

String

参数解释:

需要配置HTTPS证书的域名

约束限制:

  • 域名间以“,”分隔

  • 最多配置50个域名

取值范围:

不涉及

默认取值:

不涉及

https_switch

Integer

参数解释:

证书配置开关

约束限制:

https_switch为1时,证书参数不能为空

取值范围:

  • 0: 关闭

  • 1: 开启

默认取值:

不涉及

access_origin_way

Integer

参数解释:

回源协议

约束限制:

不涉及

取值范围:

  • 1: 协议跟随

  • 2: http协议

  • 3: https协议

默认取值:

2: http协议

force_redirect_https

Integer

参数解释:

是否开启HTTPS强制跳转,强制客户端使用HTTPS协议访问CDN节点

说明:
此参数即将下线,建议使用force_redirect_config修改配置

约束限制:

不涉及

取值范围:

  • 0: 关闭

  • 1: 开启

默认取值:

0: 关闭

force_redirect_config

ForceRedirect object

参数解释:

强制客户端使用HTTPS协议访问CDN节点

约束限制:

不涉及

http2

Integer

参数解释:

HTTP/2开关,支持客户端采用HTTP/2协议访问CDN节点

约束限制:

不涉及

取值范围:

  • 0: 关闭

  • 1: 开启

默认取值:

0: 关闭

cert_name

String

参数解释:

证书名称

约束限制:

https_switch为1时,该参数必填

取值范围:

3-64个字符

默认取值:

不涉及

certificate

String

参数解释:

SSL证书内容

约束限制:

  • 仅支持PEM编码格式

  • 不启用证书则无需输入

  • 初次配置证书时必传

  • 需要传入完整证书链

取值范围:

证书链长度不超过20KB

默认取值:

不涉及

private_key

String

参数解释:

SSL证书私钥内容

约束限制:

  • 仅支持PEM编码格式

  • 不启用证书则无需输入

  • 初次配置证书时必传

取值范围:

不涉及

默认取值:

不涉及

certificate_type

Integer

参数解释:

证书类型

约束限制:

不涉及

取值范围:

  • 0: 自有证书

  • 2: SCM证书

默认取值:

0: 自有证书

scm_certificate_id

String

参数解释:

SCM证书ID,可使用云证书管理服务(CCM)的查询证书列表接口获取

约束限制:

配置SCM证书时必传

取值范围:

不涉及

默认取值:

不涉及

表5 ForceRedirect

参数

是否必选

参数类型

描述

switch

Integer

参数解释:

是否开启强制跳转,强制客户端使用HTTPS或HTTP协议访问CDN节点

约束限制:

不涉及

取值范围:

  • 1: 开启

  • 0: 关闭

默认取值:

不涉及

redirect_type

String

参数解释:

强制跳转类型

约束限制:

开启强制跳转HTTPS时必须配置HTTPS证书,否则将导致访问失败

取值范围:

  • http: 强制跳转HTTP

  • https: 强制跳转HTTPS

默认取值:

不涉及

响应参数

状态码:200

表6 响应Body参数

参数

参数类型

描述

https

UpdateDomainMultiCertificatesResponseBodyContent object

https配置。

status

String

执行结果,success,fail

result

Array of result objects

详情

表7 UpdateDomainMultiCertificatesResponseBodyContent

参数

参数类型

描述

domain_name

String

域名列表。

https_switch

Integer

https开关(0:"关闭";1:"设置证书")。

access_origin_way

Integer

回源方式:1:"回源跟随";2:"HTTP"(默认),3:https(自建)。

force_redirect_https

Integer

强制跳转HTTPS(0:不强制;1:强制) 。

force_redirect_config

ForceRedirect object

参数解释:

强制客户端使用HTTPS协议访问CDN节点

约束限制:

不涉及

http2

Integer

http2.0(0:关闭;1:开启)

cert_name

String

证书名称。

certificate

String

证书内容。

certificate_type

Integer

证书类型(0为自有证书)。

expiration_time

Long

证书过期时间。

表8 ForceRedirect

参数

参数类型

描述

switch

Integer

参数解释:

是否开启强制跳转,强制客户端使用HTTPS或HTTP协议访问CDN节点

约束限制:

不涉及

取值范围:

  • 1: 开启

  • 0: 关闭

默认取值:

不涉及

redirect_type

String

参数解释:

强制跳转类型

约束限制:

开启强制跳转HTTPS时必须配置HTTPS证书,否则将导致访问失败

取值范围:

  • http: 强制跳转HTTP

  • https: 强制跳转HTTPS

默认取值:

不涉及

表9 result

参数

参数类型

描述

domain_name

String

域名名称

status

String

执行结果,success,fail

reason

String

失败原因

请求示例

{
  "https" : {
    "domain_name" : "example1.com",
    "access_origin_way" : 2,
    "http2" : 0,
    "certificate_type" : 0,
    "force_redirect_config" : {
      "redirect_type" : "https",
      "switch" : 1
    },
    "https_switch" : 1,
    "cert_name" : "cdn_test_cert",
    "certificate" : "-----BEGIN CERTIFICATE----------END CERTIFICATE-----",
    "private_key" : "-----BEGIN RSA PRIVATE KEY---------END RSA PRIVATE KEY-----"
  }
}

响应示例

状态码:200

OK

{
  "https" : {
    "domain_name" : "example1.com",
    "https_switch" : 1,
    "access_origin_way" : 2,
    "force_redirect_https" : 1,
    "force_redirect_config" : {
      "redirect_type" : "https",
      "switch" : 1
    },
    "http2" : 0,
    "expiration_time" : 1925791912000,
    "cert_name" : "cdn_test_cert",
    "certificate" : "-----BEGIN CERTIFICATE----------END CERTIFICATE-----",
    "certificate_type" : 0
  }
}

SDK代码示例

SDK代码示例如下。

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
package com.huaweicloud.sdk.test;

import com.huaweicloud.sdk.core.auth.ICredential;
import com.huaweicloud.sdk.core.auth.GlobalCredentials;
import com.huaweicloud.sdk.core.exception.ConnectionException;
import com.huaweicloud.sdk.core.exception.RequestTimeoutException;
import com.huaweicloud.sdk.core.exception.ServiceResponseException;
import com.huaweicloud.sdk.cdn.v2.region.CdnRegion;
import com.huaweicloud.sdk.cdn.v2.*;
import com.huaweicloud.sdk.cdn.v2.model.*;


public class UpdateDomainMultiCertificatesSolution {

    public static void main(String[] args) {
        // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
        // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
        String ak = System.getenv("CLOUD_SDK_AK");
        String sk = System.getenv("CLOUD_SDK_SK");

        ICredential auth = new GlobalCredentials()
                .withAk(ak)
                .withSk(sk);

        CdnClient client = CdnClient.newBuilder()
                .withCredential(auth)
                .withRegion(CdnRegion.valueOf("<YOUR REGION>"))
                .build();
        UpdateDomainMultiCertificatesRequest request = new UpdateDomainMultiCertificatesRequest();
        UpdateDomainMultiCertificatesRequestBody body = new UpdateDomainMultiCertificatesRequestBody();
        ForceRedirect forceRedirectConfigHttps = new ForceRedirect();
        forceRedirectConfigHttps.withSwitch(1)
            .withRedirectType("https");
        UpdateDomainMultiCertificatesRequestBodyContent httpsbody = new UpdateDomainMultiCertificatesRequestBodyContent();
        httpsbody.withDomainName("example1.com")
            .withHttpsSwitch(1)
            .withAccessOriginWay(2)
            .withForceRedirectConfig(forceRedirectConfigHttps)
            .withHttp2(0)
            .withCertName("cdn_test_cert")
            .withCertificate("-----BEGIN CERTIFICATE----------END CERTIFICATE-----")
            .withPrivateKey("-----BEGIN RSA PRIVATE KEY---------END RSA PRIVATE KEY-----")
            .withCertificateType(0);
        body.withHttps(httpsbody);
        request.withBody(body);
        try {
            UpdateDomainMultiCertificatesResponse response = client.updateDomainMultiCertificates(request);
            System.out.println(response.toString());
        } catch (ConnectionException e) {
            e.printStackTrace();
        } catch (RequestTimeoutException e) {
            e.printStackTrace();
        } catch (ServiceResponseException e) {
            e.printStackTrace();
            System.out.println(e.getHttpStatusCode());
            System.out.println(e.getRequestId());
            System.out.println(e.getErrorCode());
            System.out.println(e.getErrorMsg());
        }
    }
}
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
# coding: utf-8

import os
from huaweicloudsdkcore.auth.credentials import GlobalCredentials
from huaweicloudsdkcdn.v2.region.cdn_region import CdnRegion
from huaweicloudsdkcore.exceptions import exceptions
from huaweicloudsdkcdn.v2 import *

if __name__ == "__main__":
    # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
    # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
    ak = os.environ["CLOUD_SDK_AK"]
    sk = os.environ["CLOUD_SDK_SK"]

    credentials = GlobalCredentials(ak, sk)

    client = CdnClient.new_builder() \
        .with_credentials(credentials) \
        .with_region(CdnRegion.value_of("<YOUR REGION>")) \
        .build()

    try:
        request = UpdateDomainMultiCertificatesRequest()
        forceRedirectConfigHttps = ForceRedirect(
            switch=1,
            redirect_type="https"
        )
        httpsbody = UpdateDomainMultiCertificatesRequestBodyContent(
            domain_name="example1.com",
            https_switch=1,
            access_origin_way=2,
            force_redirect_config=forceRedirectConfigHttps,
            http2=0,
            cert_name="cdn_test_cert",
            certificate="-----BEGIN CERTIFICATE----------END CERTIFICATE-----",
            private_key="-----BEGIN RSA PRIVATE KEY---------END RSA PRIVATE KEY-----",
            certificate_type=0
        )
        request.body = UpdateDomainMultiCertificatesRequestBody(
            https=httpsbody
        )
        response = client.update_domain_multi_certificates(request)
        print(response)
    except exceptions.ClientRequestException as e:
        print(e.status_code)
        print(e.request_id)
        print(e.error_code)
        print(e.error_msg)
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
package main

import (
	"fmt"
	"github.com/huaweicloud/huaweicloud-sdk-go-v3/core/auth/global"
    cdn "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/cdn/v2"
	"github.com/huaweicloud/huaweicloud-sdk-go-v3/services/cdn/v2/model"
    region "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/cdn/v2/region"
)

func main() {
    // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
    // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
    ak := os.Getenv("CLOUD_SDK_AK")
    sk := os.Getenv("CLOUD_SDK_SK")

    auth := global.NewCredentialsBuilder().
        WithAk(ak).
        WithSk(sk).
        Build()

    client := cdn.NewCdnClient(
        cdn.CdnClientBuilder().
            WithRegion(region.ValueOf("<YOUR REGION>")).
            WithCredential(auth).
            Build())

    request := &model.UpdateDomainMultiCertificatesRequest{}
	redirectTypeForceRedirectConfig:= "https"
	forceRedirectConfigHttps := &model.ForceRedirect{
		Switch: int32(1),
		RedirectType: &redirectTypeForceRedirectConfig,
	}
	accessOriginWayHttps:= int32(2)
	http2Https:= int32(0)
	certNameHttps:= "cdn_test_cert"
	certificateHttps:= "-----BEGIN CERTIFICATE----------END CERTIFICATE-----"
	privateKeyHttps:= "-----BEGIN RSA PRIVATE KEY---------END RSA PRIVATE KEY-----"
	certificateTypeHttps:= int32(0)
	httpsbody := &model.UpdateDomainMultiCertificatesRequestBodyContent{
		DomainName: "example1.com",
		HttpsSwitch: int32(1),
		AccessOriginWay: &accessOriginWayHttps,
		ForceRedirectConfig: forceRedirectConfigHttps,
		Http2: &http2Https,
		CertName: &certNameHttps,
		Certificate: &certificateHttps,
		PrivateKey: &privateKeyHttps,
		CertificateType: &certificateTypeHttps,
	}
	request.Body = &model.UpdateDomainMultiCertificatesRequestBody{
		Https: httpsbody,
	}
	response, err := client.UpdateDomainMultiCertificates(request)
	if err == nil {
        fmt.Printf("%+v\n", response)
    } else {
        fmt.Println(err)
    }
}

更多编程语言的SDK代码示例,请参见API Explorer的代码示例页签,可生成自动对应的SDK代码示例。

状态码

状态码

描述

200

OK

错误码

请参见错误码