SSLProfile

Description

API


    POST /api/sslprofile
    PUT /api/sslprofile/<key>
    DELETE /api/sslprofile/<key>
    GET /api/sslprofile
    GET /api/sslprofile/<key>

CLI


    configure sslprofile <key>
    show sslprofile <key>

Examples

To create a standard security SSL profile

 POST /api/sslprofile

{
    "accepted_ciphers": "aECDSA:aECDH:kEDH:kRSA", 
    "accepted_versions": [
        {
            "type": "SSL_VERSION_TLS1"
        }, 
        {
            "type": "SSL_VERSION_TLS1"
        }, 
        {
            "type": "SSL_VERSION_TLS1_1"
        }, 
        {
            "type": "SSL_VERSION_TLS1_2"
        }
    ], 
    "name": "Standard"
}
 

Data

SSLProfile

uuid

Type
string
Category
required
Description

name

Type
string
Category
required
Description

accepted_versions

Type
SSLVersion
Category
repeated
Description
Set of versions accepted by the server

accepted_ciphers

Type
string
Category
optional
Description
Ciphers suites represented as defined by http://www.openssl.org/docs/apps/ciphers.html
Default
AES:3DES:RC4

cipher_enums

Type
enum
Category
repeated
Description
Choices
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, TLS_RSA_WITH_AES_256_CBC_SHA256, TLS_RSA_WITH_RC4_128_SHA, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, TLS_RSA_WITH_3DES_EDE_CBC_SHA, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA

tags

Type
Tag
Category
repeated
Description

ssl_rating

Type
SSLRating
Category
optional
Description

send_close_notify

Type
bool
Category
optional
Description
Send 'close notify' alert message for a clean shutdown of the SSL connection.
Default
True

description

Type
string
Category
optional
Description

tenant_ref

Type
Reference to Tenant
Category
required
Description

SSLVersion

type

Type
enum
Category
required
Description
Default
SSL_VERSION_TLS1_1
Choices
SSL_VERSION_TLS1_1, SSL_VERSION_TLS1, SSL_VERSION_TLS1_2

Tag

value

Type
string
Category
required
Description

type

Type
enum
Category
optional
Description
Default
USER_DEFINED
Choices
VCENTER_DEFINED, AVI_DEFINED, USER_DEFINED

SSLRating

security_score

Type
string
Category
optional
Description

performance_rating

Type
enum
Category
optional
Description
Choices
SSL_SCORE_GOOD, SSL_SCORE_BAD, SSL_SCORE_EXCELLENT, SSL_SCORE_VERY_BAD, SSL_SCORE_NOT_SECURE, SSL_SCORE_AVERAGE

compatibility_rating

Type
enum
Category
optional
Description
Choices
SSL_SCORE_GOOD, SSL_SCORE_BAD, SSL_SCORE_EXCELLENT, SSL_SCORE_VERY_BAD, SSL_SCORE_NOT_SECURE, SSL_SCORE_AVERAGE

References

Tenant

Sub Objects