Modifies the configurations of an SSL server.

Usage notes

  • If you modify only the name of the SSL server, the operation is synchronous. If you also modify other configurations besides the name, the operation is asynchronous.
  • When ModifySslVpnServer is an asynchronous operation, the system returns a request ID and runs the task in the background. You can call DescribeVpnGateway to query the status of the task.
    • If a VPN gateway is in the updating state, the configurations of the SSL server are being modified.
    • If a VPN gateway is in the active state, the configurations of the SSL server are modified.
  • You cannot repeatedly call ModifySslVpnServer to modify the configurations of an SSL server within the specified period of time.

Debugging

OpenAPI Explorer automatically calculates the signature value. For your convenience, we recommend that you call this operation in OpenAPI Explorer. OpenAPI Explorer dynamically generates the sample code of the operation for different SDKs.

Request parameters

Parameter Type Required Example Description
Action String Yes ModifySslVpnServer

The operation that you want to perform. Set the value to ModifySslVpnServer.

ClientToken String No 02fb3da4-130e-11e9-8e44-0016e04115b

The client token that is used to ensure the idempotence of the request.

You can use the client to generate the token, but you must make sure that the token is unique among different requests. The token can contain only ASCII characters.

Note If you do not specify this parameter, the system automatically uses request ID as the client token. The request ID may be different for each request.
RegionId String Yes cn-hangzhou

The region ID of the VPN gateway.

You can call the DescribeRegions operation to query the most recent list of regions.

SslVpnServerId String Yes vss-bp18q7hzj6largv4v****

The ID of the SSL server.

Name String No test

The name of the SSL server.

The name must be 1 to 100 characters in length, and cannot start with http:// or https://.

ClientIpPool String No 10.30.30.0/24

The client IP address pool.

LocalSubnet String No 10.20.20.0/24

The CIDR block of the client.

Proto String No UDP

The protocol that is used by the SSL server. Valid values:

  • TCP (default)
  • UDP
Cipher String No AES-128-CBC

The encryption algorithm that is used by the SSL server. Valid values:

  • AES-128-CBC (default)
  • AES-192-CBC
  • AES-256-CBC
  • none
Port Integer No 1194

The port that is used by the SSL server. Valid values of port numbers: 1 to 65535. Default value: 1194.

The following ports are not supported: 22, 2222, 22222, 9000, 9001, 9002, 7505, 80, 443, 53, 68, 123, 4510, 4560, 500, and 4500.

Compress Boolean No true

Specifies whether to enable data compression. Valid values:

  • true (default)
  • false
EnableMultiFactorAuth Boolean No false

Specifies whether to enable two-factor authentication.

  • true
  • false (default)
IDaaSInstanceId String No idaas-cn-hangzhou-****

The ID of the Identity as a Service (IDaaS) instance.

IDaaSRegionId String No cn-hangzhou

The ID of the region where the IDaaS instance is created.

Response parameters

Parameter Type Example Description
InternetIp String 47.98.XX.XX

The public IP address.

IDaaSInstanceId String idaas-cn-hangzhou-****

The ID of the IDaaS instance.

CreateTime Long 1492753580000

The time when the SSL server was created.

VpnGatewayId String vpn-bp1q8bgx4xnkm2ogj****

The ID of the VPN gateway.

Compress Boolean false

Indicates whether data compression is enabled.

Port Integer 1194

The port that is used by the SSL server.

LocalSubnet String 10.20.20.0/24

The CIDR block of the client.

RegionId String cn-hangzhou

The ID of the region where the SSL server is created.

Cipher String AES-128-CBC

The encryption algorithm.

RequestId String DF11D6F6-E35A-41C3-9B20-6FC8A901FE65

The request ID.

Connections Integer 0

The total number of current connections.

SslVpnServerId String vss-bp18q7hzj6largv4v****

The ID of the SSL server.

MaxConnections Integer 5

The maximum number of connections.

Name String test

The name of the SSL server.

EnableMultiFactorAuth Boolean false

Indicates whether two-factor authentication is enabled.

  • true
  • false (default)
ClientIpPool String 10.30.30.0/24

The client IP address pool.

Proto String UDP

The protocol that is used by the SSL server.

Examples

Sample requests

https://vpc.aliyuncs.com/?Action=ModifySslVpnServer
&RegionId=cn-hangzhou
&SslVpnServerId=vss-bp18q7hzj6largv4****
&<Common request parameters>

Sample success responses

XML format

HTTP/1.1 200 OK
Content-Type:application/xml

<ModifySslVpnServerResponse>
    <InternetIp>47.98.XX.XX</InternetIp>
    <IDaaSInstanceId>idaas-cn-hangzhou-****</IDaaSInstanceId>
    <CreateTime>1492753580000</CreateTime>
    <VpnGatewayId>vpn-bp1q8bgx4xnkm2ogj****</VpnGatewayId>
    <Compress>false</Compress>
    <Port>1194</Port>
    <LocalSubnet>10.20.20.0/24</LocalSubnet>
    <RegionId>cn-hangzhou</RegionId>
    <Cipher>AES-128-CBC</Cipher>
    <RequestId>DF11D6F6-E35A-41C3-9B20-6FC8A901FE65</RequestId>
    <Connections>0</Connections>
    <SslVpnServerId>vss-bp18q7hzj6largv4v****</SslVpnServerId>
    <MaxConnections>5</MaxConnections>
    <Name>test</Name>
    <EnableMultiFactorAuth>false</EnableMultiFactorAuth>
    <ClientIpPool>10.30.30.0/24</ClientIpPool>
    <Proto>UDP</Proto>
</ModifySslVpnServerResponse>

JSON format

HTTP/1.1 200 OK
Content-Type:application/json

{
  "InternetIp" : "47.98.XX.XX",
  "IDaaSInstanceId" : "idaas-cn-hangzhou-****",
  "CreateTime" : 1492753580000,
  "VpnGatewayId" : "vpn-bp1q8bgx4xnkm2ogj****",
  "Compress" : false,
  "Port" : 1194,
  "LocalSubnet" : "10.20.20.0/24",
  "RegionId" : "cn-hangzhou",
  "Cipher" : "AES-128-CBC",
  "RequestId" : "DF11D6F6-E35A-41C3-9B20-6FC8A901FE65",
  "Connections" : 0,
  "SslVpnServerId" : "vss-bp18q7hzj6largv4v****",
  "MaxConnections" : 5,
  "Name" : "test",
  "EnableMultiFactorAuth" : false,
  "ClientIpPool" : "10.30.30.0/24",
  "Proto" : "UDP"
}

Error codes

HttpCode Error code Error message Description
400 InvalidName The name is not valid The format of the name is invalid.
400 VpnGateway.Configuring The specified service is configuring. The operation is not allowed when the specified service is being configured. Try again later.
400 VpnGateway.FinancialLocked The specified service is financial locked. The service is suspended due to overdue payments. Top up your account first.
400 SslVpnServer.AddRouteError Add route error whose destination is client IP pool, please check vpc route entry and relevant quota. The system failed to add the route that points to the client CIDR block. Check the VPC route and quota.
400 ClientIpPool.NetmaskInvalid The netmask length of client IP pool must be greater than or equal to 16 and less than or equal to 29. The subnet mask of the client IP pool must range from 16 to 29.
400 ClientIpPool.SubnetInvalid The specified client IP pool cannot be used. The client CIDR block is unavailable.
400 MissingParameter.IDaaSInstanceId The input parameter IDaaSInstanceId is mandatory when enable multi-factor authentication. You must specify the IDaaSInstanceId parameter when you enable two-factor authentication.
400 OperationFailed.NoRamPermission Vpn Service has no permission to operate your IDaaS instances. The VPN service does not have the permissions to manage your IDaaS instance.
400 SystemBusy The system is busy. Please try again later. The system is unavailable. Try again later.
400 SslVpnServerPort.Illegal The server port is not in the range of [1-65535]. The port of the SSL server must be from 1 to 65535.
403 Forbbiden.SubUser User not authorized to operate on the specified resource as your account is created by another user. You are unauthorized to perform this operation on the specified resource. You can apply for the required permissions and try again.
403 Forbidden User not authorized to operate on the specified resource. You are unauthorized to perform this operation on the specified resource. You can apply for the required permissions and try again.
404 InvalidRegionId.NotFound The specified region is not found during access authentication. The specified area is not found during authentication.

For a list of error codes, see Service error codes.