diff --git a/oss/client.go b/oss/client.go
index c30d795..4261d0c 100644
--- a/oss/client.go
+++ b/oss/client.go
@@ -2666,6 +2666,70 @@ func (client Client) DescribeRegionsXml(options ...Option) (string, error) {
 	return out, err
 }
 
+// PutBucketHttpsConfig set bucket https config
+// bucketName    the bucket name.
+// httpsConfig	 the https config in struct format
+// error    it's nil if no error, otherwise it's an error object.
+func (client Client) PutBucketHttpsConfig(bucketName string, httpsConfig PutBucketHttpsConfig, options ...Option) error {
+	bs, err := xml.Marshal(httpsConfig)
+	if err != nil {
+		return err
+	}
+	err = client.PutBucketHttpsConfigXml(bucketName, string(bs), options...)
+	return err
+}
+
+// PutBucketHttpsConfigXml set bucket https config
+// bucketName    the bucket name.
+// xmlData		 the bucket https config in xml format
+// error    it's nil if no error, otherwise it's an error object.
+func (client Client) PutBucketHttpsConfigXml(bucketName, xmlData string, options ...Option) error {
+	buffer := new(bytes.Buffer)
+	buffer.Write([]byte(xmlData))
+	contentType := http.DetectContentType(buffer.Bytes())
+	headers := map[string]string{}
+	headers[HTTPHeaderContentType] = contentType
+	params := map[string]interface{}{}
+	params["httpsConfig"] = nil
+	resp, err := client.do("PUT", bucketName, params, nil, buffer, options...)
+	if err != nil {
+		return err
+	}
+	defer resp.Body.Close()
+	return CheckRespCode(resp.StatusCode, []int{http.StatusOK})
+}
+
+// GetBucketHttpsConfig get bucket's https config.
+// bucketName    the bucket name.
+// GetBucketHttpsConfigResult  the https config result of bucket.
+// error    it's nil if no error, otherwise it's an error object.
+func (client Client) GetBucketHttpsConfig(bucketName string, options ...Option) (GetBucketHttpsConfigResult, error) {
+	var out GetBucketHttpsConfigResult
+	body, err := client.GetBucketHttpsConfigXml(bucketName, options...)
+	if err != nil {
+		return out, err
+	}
+	err = xmlUnmarshal(strings.NewReader(body), &out)
+	return out, err
+}
+
+// GetBucketHttpsConfigXml get bucket's https config.
+// bucketName    the bucket name.
+// string  the https config of bucket in xml format.
+// error    it's nil if no error, otherwise it's an error object.
+func (client Client) GetBucketHttpsConfigXml(bucketName string, options ...Option) (string, error) {
+	params := map[string]interface{}{}
+	params["httpsConfig"] = nil
+	resp, err := client.do("GET", bucketName, params, nil, nil, options...)
+	if err != nil {
+		return "", err
+	}
+	defer resp.Body.Close()
+	body, err := ioutil.ReadAll(resp.Body)
+	out := string(body)
+	return out, err
+}
+
 // LimitUploadSpeed set upload bandwidth limit speed,default is 0,unlimited
 // upSpeed KB/s, 0 is unlimited,default is 0
 // error it's nil if success, otherwise failure
diff --git a/oss/client_test.go b/oss/client_test.go
index 8258a2c..3077255 100644
--- a/oss/client_test.go
+++ b/oss/client_test.go
@@ -5881,3 +5881,46 @@ func (s *OssClientSuite) TestBucketResponseHeader(c *C) {
 	c.Assert(err, IsNil)
 	client.DeleteBucket(bucketName)
 }
+
+func (s *OssClientSuite) TestBucketHttpsConfig(c *C) {
+	client, err := New(endpoint, accessID, accessKey)
+	c.Assert(err, IsNil)
+
+	bucketName := bucketNamePrefix + "-https-" + RandLowStr(6)
+	err = client.CreateBucket(bucketName)
+	c.Assert(err, IsNil)
+	time.Sleep(3 * time.Second)
+
+	_, err = client.GetBucketHttpsConfig(bucketName)
+	c.Assert(err, NotNil)
+	c.Assert(strings.Contains(err.Error(), "The specified bucket does not have a https configuration."), Equals, true)
+
+	config := PutBucketHttpsConfig{
+		TLS: HttpsConfigTLS{
+			Enable:     true,
+			TLSVersion: []string{"TLSv1.2", "TLSv1.3"},
+		},
+	}
+	err = client.PutBucketHttpsConfig(bucketName, config)
+	c.Assert(err, IsNil)
+
+	result, err := client.GetBucketHttpsConfig(bucketName)
+	c.Assert(err, IsNil)
+	c.Assert(result.TLS.Enable, Equals, true)
+	c.Assert(result.TLS.TLSVersion[0], Equals, "TLSv1.2")
+	c.Assert(result.TLS.TLSVersion[1], Equals, "TLSv1.3")
+
+	config = PutBucketHttpsConfig{
+		TLS: HttpsConfigTLS{
+			Enable: false,
+		},
+	}
+	err = client.PutBucketHttpsConfig(bucketName, config)
+	c.Assert(err, IsNil)
+
+	result, err = client.GetBucketHttpsConfig(bucketName)
+	c.Assert(err, IsNil)
+	c.Assert(result.TLS.Enable, Equals, false)
+
+	client.DeleteBucket(bucketName)
+}
diff --git a/oss/conn.go b/oss/conn.go
index 7d40475..87604dc 100644
--- a/oss/conn.go
+++ b/oss/conn.go
@@ -50,7 +50,7 @@ var signKeyList = []string{"acl", "uploads", "location", "cors",
 	"x-oss-enable-md5", "x-oss-enable-sha1", "x-oss-enable-sha256",
 	"x-oss-hash-ctx", "x-oss-md5-ctx", "transferAcceleration",
 	"regionList", "cloudboxes", "x-oss-ac-source-ip", "x-oss-ac-subnet-mask", "x-oss-ac-vpc-id", "x-oss-ac-forward-allow",
-	"metaQuery", "resourceGroup", "rtc", "x-oss-async-process", "responseHeader",
+	"metaQuery", "resourceGroup", "rtc", "x-oss-async-process", "responseHeader", "httpsConfig",
 }
 
 // init initializes Conn
diff --git a/oss/type.go b/oss/type.go
index a704e3c..1020860 100644
--- a/oss/type.go
+++ b/oss/type.go
@@ -1693,3 +1693,19 @@ type ResponseHeaderRuleFilters struct {
 type ResponseHeaderRuleHeaders struct {
 	Header []string `xml:"Header,omitempty"`
 }
+
+// PutBucketHttpsConfig define the xml of bucket's https config
+type PutBucketHttpsConfig HttpsConfigXml
+
+// GetBucketHttpsConfig define the xml of bucket's https config result
+type GetBucketHttpsConfigResult HttpsConfigXml
+
+type HttpsConfigXml struct {
+	XMLName xml.Name       `xml:"HttpsConfiguration"`
+	TLS     HttpsConfigTLS `xml:"TLS,omitempty"` // The container that stores TLS version configurations
+}
+
+type HttpsConfigTLS struct {
+	Enable     bool     `xml:"Enable"`               // Specifies whether to enable TLS version management for the bucket
+	TLSVersion []string `xml:"TLSVersion,omitempty"` // The TLS version
+}
diff --git a/oss/type_test.go b/oss/type_test.go
index f66de97..5745f37 100644
--- a/oss/type_test.go
+++ b/oss/type_test.go
@@ -2038,3 +2038,51 @@ func (s *OssTypeSuite) TestPutBucketCORS(c *C) {
 	c.Assert(err, IsNil)
 	c.Assert(string(bs), Equals, "<CORSConfiguration><CORSRule><AllowedOrigin>*</AllowedOrigin><AllowedMethod>PUT</AllowedMethod><AllowedMethod>GET</AllowedMethod><AllowedMethod>POST</AllowedMethod><MaxAgeSeconds>100</MaxAgeSeconds></CORSRule><CORSRule><AllowedOrigin>http://www.a.com</AllowedOrigin><AllowedOrigin>http://www.b.com</AllowedOrigin><AllowedMethod>GET</AllowedMethod><AllowedHeader>Authorization</AllowedHeader><ExposeHeader>x-oss-test</ExposeHeader><ExposeHeader>x-oss-test1</ExposeHeader><MaxAgeSeconds>100</MaxAgeSeconds></CORSRule><ResponseVary>true</ResponseVary></CORSConfiguration>")
 }
+
+func (s *OssTypeSuite) TestGetBucketHttpsConfigResult(c *C) {
+	xmlData := `<?xml version="1.0" encoding="UTF-8"?>
+<HttpsConfiguration>
+  <TLS>
+    <Enable>true</Enable>
+    <TLSVersion>TLSv1.2</TLSVersion>
+    <TLSVersion>TLSv1.3</TLSVersion>
+  </TLS>
+</HttpsConfiguration>`
+	var repResult GetBucketHttpsConfigResult
+	err := xmlUnmarshal(strings.NewReader(xmlData), &repResult)
+	c.Assert(err, IsNil)
+	c.Assert(repResult.TLS.Enable, Equals, true)
+	c.Assert(repResult.TLS.TLSVersion[0], Equals, "TLSv1.2")
+	c.Assert(repResult.TLS.TLSVersion[1], Equals, "TLSv1.3")
+
+	xmlData = `<?xml version="1.0" encoding="UTF-8"?>
+<HttpsConfiguration>
+ <TLS>
+   <Enable>false</Enable>
+ </TLS>
+</HttpsConfiguration>`
+	err = xmlUnmarshal(strings.NewReader(xmlData), &repResult)
+	c.Assert(err, IsNil)
+	c.Assert(repResult.TLS.Enable, Equals, false)
+}
+
+func (s *OssTypeSuite) TestPutBucketHttpsConfig(c *C) {
+	config := PutBucketHttpsConfig{
+		TLS: HttpsConfigTLS{
+			Enable:     true,
+			TLSVersion: []string{"TLSv1.2", "TLSv1.3"},
+		},
+	}
+	bs, err := xml.Marshal(config)
+	c.Assert(err, IsNil)
+	c.Assert(string(bs), Equals, "<HttpsConfiguration><TLS><Enable>true</Enable><TLSVersion>TLSv1.2</TLSVersion><TLSVersion>TLSv1.3</TLSVersion></TLS></HttpsConfiguration>")
+
+	config = PutBucketHttpsConfig{
+		TLS: HttpsConfigTLS{
+			Enable: false,
+		},
+	}
+	bs, err = xml.Marshal(config)
+	c.Assert(err, IsNil)
+	c.Assert(string(bs), Equals, "<HttpsConfiguration><TLS><Enable>false</Enable></TLS></HttpsConfiguration>")
+}
diff --git a/sample.go b/sample.go
index 519a987..366efae 100644
--- a/sample.go
+++ b/sample.go
@@ -35,6 +35,7 @@ var sampleMap = map[string]interface{}{
 	"BucketStyleSample":           sample.BucketStyleSample,
 	"BucketReplicationSample":     sample.BucketReplicationSample,
 	"BucketResponseHeaderSample":  sample.BucketResponseHeaderSample,
+	"BucketHttpsConfigSample":     sample.BucketHttpsConfigSample,
 	"ObjectACLSample":             sample.ObjectACLSample,
 	"ObjectMetaSample":            sample.ObjectMetaSample,
 	"ListObjectsSample":           sample.ListObjectsSample,
diff --git a/sample/bucket_httpsconfig.go b/sample/bucket_httpsconfig.go
new file mode 100644
index 0000000..662c5c6
--- /dev/null
+++ b/sample/bucket_httpsconfig.go
@@ -0,0 +1,40 @@
+package sample
+
+import (
+	"fmt"
+	"github.com/aliyun/aliyun-oss-go-sdk/oss"
+)
+
+// BucketHttpsConfigSample  how to set, get the bucket https config.
+func BucketHttpsConfigSample() {
+	// New client
+	client, err := oss.New(endpoint, accessID, accessKey)
+	if err != nil {
+		HandleError(err)
+	}
+	// put bucket https config
+	config := oss.PutBucketHttpsConfig{
+		TLS: oss.HttpsConfigTLS{
+			Enable:     true,
+			TLSVersion: []string{"TLSv1.2", "TLSv1.3"},
+		},
+	}
+	err = client.PutBucketHttpsConfig(bucketName, config)
+	if err != nil {
+		HandleError(err)
+	}
+	fmt.Println("Put Bucket Https Config Success!")
+
+	// get bucket https config
+	result, err := client.GetBucketHttpsConfig(bucketName)
+	if err != nil {
+		HandleError(err)
+	}
+	fmt.Printf("TLS Enable:%t\n", result.TLS.Enable)
+	for _, tls := range result.TLS.TLSVersion {
+		fmt.Printf("TLS Version:%s\n", tls)
+	}
+
+	fmt.Println("BucketHttpsConfigSample completed")
+
+}