{ "id":"/axapi/v3/slb/template/server-ssl/{name}", "type":"object", "node-type":"list", "title":"server-ssl", "partition-visibility":"shared", "description":"Server Side SSL Template", "properties":{ "name":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":127, "partition-visibility":"shared", "description":"Server SSL Template Name", "optional":false }, "ca-certs":{ "type":"array", "minItems":1, "items":{ "type":"object" }, "uniqueItems":true, "array":[ { "properties":{ "ca-cert":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":245, "partition-visibility":"shared", "description":"Specify CA certificate" }, "ca-cert-partition-shared":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"private", "description":"CA Certificate Partition Shared" }, "server-ocsp-srvr":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":63, "partition-visibility":"shared", "$ref":"/axapi/v3/aam/authentication/server/ocsp", "description":"Specify authentication server" }, "server-ocsp-sg":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":127, "partition-visibility":"shared", "$ref":"/axapi/v3/aam/authentication/service-group", "description":"Specify service-group (Service group name)" } } } ] }, "server-name":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":63, "partition-visibility":"shared", "description":"Specify Server Name", "optional":true }, "crl-certs":{ "type":"array", "minItems":1, "items":{ "type":"object" }, "uniqueItems":true, "array":[ { "properties":{ "crl":{ "type":"string", "format":"string", "minLength":1, "maxLength":255, "partition-visibility":"shared", "description":"Certificate Revocation Lists (Certificate Revocation Lists file name)" }, "crl-partition-shared":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"private", "description":"Certificate Revocation Lists Partition Shared" } } } ] }, "cipher-without-prio-list":{ "type":"array", "minItems":1, "items":{ "type":"object" }, "uniqueItems":true, "array":[ { "properties":{ "cipher-wo-prio":{ "type":"string", "format":"enum", "partition-visibility":"shared", "not-list":[ "cipher-template", "shared-partition-cipher-template" ], "description":"'SSL3_RSA_DES_192_CBC3_SHA': TLS_RSA_WITH_3DES_EDE_CBC_SHA (0x000A); 'SSL3_RSA_RC4_128_MD5': TLS_RSA_WITH_RC4_128_MD5 (0x0004); 'SSL3_RSA_RC4_128_SHA': TLS_RSA_WITH_RC4_128_SHA (0x0005); 'TLS1_RSA_AES_128_SHA': TLS_RSA_WITH_AES_128_CBC_SHA (0x002F); 'TLS1_RSA_AES_256_SHA': TLS_RSA_WITH_AES_256_CBC_SHA (0x0035); 'TLS1_RSA_AES_128_SHA256': TLS_RSA_WITH_AES_128_CBC_SHA256 (0x003C); 'TLS1_RSA_AES_256_SHA256': TLS_RSA_WITH_AES_256_CBC_SHA256 (0x003D); 'TLS1_DHE_RSA_AES_128_GCM_SHA256': TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 (0x009E); 'TLS1_DHE_RSA_AES_128_SHA': TLS_DHE_RSA_WITH_AES_128_CBC_SHA (0x0033); 'TLS1_DHE_RSA_AES_128_SHA256': TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 (0x0067); 'TLS1_DHE_RSA_AES_256_GCM_SHA384': TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 (0x009F); 'TLS1_DHE_RSA_AES_256_SHA': TLS_DHE_RSA_WITH_AES_256_CBC_SHA (0x0039); 'TLS1_DHE_RSA_AES_256_SHA256': TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 (0x006B); 'TLS1_ECDHE_ECDSA_AES_128_GCM_SHA256': TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 (0xC02B); 'TLS1_ECDHE_ECDSA_AES_128_SHA': TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA (0xC009); 'TLS1_ECDHE_ECDSA_AES_128_SHA256': TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 (0xC023); 'TLS1_ECDHE_ECDSA_AES_256_GCM_SHA384': TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 (0xC02C); 'TLS1_ECDHE_ECDSA_AES_256_SHA': TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA (0xC00A); 'TLS1_ECDHE_RSA_AES_128_GCM_SHA256': TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xC02F); 'TLS1_ECDHE_RSA_AES_128_SHA': TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (0xC013); 'TLS1_ECDHE_RSA_AES_128_SHA256': TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 (0xC027); 'TLS1_ECDHE_RSA_AES_256_GCM_SHA384': TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (0xC030); 'TLS1_ECDHE_RSA_AES_256_SHA': TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xC014); 'TLS1_RSA_AES_128_GCM_SHA256': TLS_RSA_WITH_AES_128_GCM_SHA256 (0x009C); 'TLS1_RSA_AES_256_GCM_SHA384': TLS_RSA_WITH_AES_256_GCM_SHA384 (0x009D); 'TLS1_ECDHE_RSA_AES_256_SHA384': TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 (0xC028); 'TLS1_ECDHE_ECDSA_AES_256_SHA384': TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 (0xC024); 'TLS1_ECDHE_RSA_CHACHA20_POLY1305_SHA256': TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 (0xCCA8); 'TLS1_ECDHE_ECDSA_CHACHA20_POLY1305_SHA256': TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 (0xCCA9); 'TLS1_DHE_RSA_CHACHA20_POLY1305_SHA256': TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 (0xCCAA); ", "enum":[ "SSL3_RSA_DES_192_CBC3_SHA", "SSL3_RSA_RC4_128_MD5", "SSL3_RSA_RC4_128_SHA", "TLS1_RSA_AES_128_SHA", "TLS1_RSA_AES_256_SHA", "TLS1_RSA_AES_128_SHA256", "TLS1_RSA_AES_256_SHA256", "TLS1_DHE_RSA_AES_128_GCM_SHA256", "TLS1_DHE_RSA_AES_128_SHA", "TLS1_DHE_RSA_AES_128_SHA256", "TLS1_DHE_RSA_AES_256_GCM_SHA384", "TLS1_DHE_RSA_AES_256_SHA", "TLS1_DHE_RSA_AES_256_SHA256", "TLS1_ECDHE_ECDSA_AES_128_GCM_SHA256", "TLS1_ECDHE_ECDSA_AES_128_SHA", "TLS1_ECDHE_ECDSA_AES_128_SHA256", "TLS1_ECDHE_ECDSA_AES_256_GCM_SHA384", "TLS1_ECDHE_ECDSA_AES_256_SHA", "TLS1_ECDHE_RSA_AES_128_GCM_SHA256", "TLS1_ECDHE_RSA_AES_128_SHA", "TLS1_ECDHE_RSA_AES_128_SHA256", "TLS1_ECDHE_RSA_AES_256_GCM_SHA384", "TLS1_ECDHE_RSA_AES_256_SHA", "TLS1_RSA_AES_128_GCM_SHA256", "TLS1_RSA_AES_256_GCM_SHA384", "TLS1_ECDHE_RSA_AES_256_SHA384", "TLS1_ECDHE_ECDSA_AES_256_SHA384", "TLS1_ECDHE_RSA_CHACHA20_POLY1305_SHA256", "TLS1_ECDHE_ECDSA_CHACHA20_POLY1305_SHA256", "TLS1_DHE_RSA_CHACHA20_POLY1305_SHA256" ] } } } ] }, "dh-type":{ "type":"string", "format":"enum", "partition-visibility":"shared", "description":"'1024': 1024; '1024-dsa': 1024-dsa; '2048': 2048; ", "enum":[ "1024", "1024-dsa", "2048" ], "optional":true }, "ec-list":{ "type":"array", "minItems":1, "items":{ "type":"object" }, "uniqueItems":true, "array":[ { "properties":{ "ec":{ "type":"string", "format":"enum", "partition-visibility":"shared", "description":"'secp256r1': X9_62_prime256v1; 'secp384r1': secp384r1; ", "enum":[ "secp256r1", "secp384r1" ] } } } ] }, "enable-tls-alert-logging":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Enable TLS alert logging", "optional":true }, "alert-type":{ "type":"string", "format":"enum", "partition-visibility":"shared", "description":"'fatal': Log fatal alerts; ", "enum":[ "fatal" ], "optional":true }, "handshake-logging-enable":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Enable SSL handshake logging", "optional":true }, "close-notify":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Send close notification when terminate connection", "optional":true }, "forward-proxy-enable":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Enable SSL forward proxy", "optional":true }, "session-ticket-enable":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Enable server side session ticket support", "optional":true }, "version":{ "type":"number", "format":"number", "minimum":30, "maximum":34, "default":33, "partition-visibility":"shared", "description":"TLS/SSL version, default is the highest number supported (TLS/SSL version: 30-SSLv3.0, 31-TLSv1.0, 32-TLSv1.1, 33-TLSv1.2 and 34-TLSv1.3)", "optional":true }, "dgversion":{ "type":"number", "format":"number", "minimum":30, "maximum":34, "default":31, "partition-visibility":"shared", "description":"Lower TLS/SSL version can be downgraded", "optional":true }, "server-certificate-error":{ "type":"array", "minItems":1, "items":{ "type":"object" }, "uniqueItems":true, "array":[ { "properties":{ "error-type":{ "type":"string", "format":"enum", "partition-visibility":"shared", "description":"'email': Notify the error via email; 'ignore': Ignore the error, which mean the connection can continue; 'logging': Log the error; 'trap': Notify the error by SNMP trap; ", "enum":[ "email", "ignore", "logging", "trap" ] } } } ] }, "ssli-logging":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"SSLi logging level, default is error logging only", "optional":true }, "sslilogging":{ "type":"string", "format":"enum", "partition-visibility":"shared", "description":"'disable': Disable all logging; 'all': enable all logging(error, info); ", "enum":[ "disable", "all" ], "optional":true }, "ocsp-stapling":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Enable ocsp-stapling support", "optional":true }, "use-client-sni":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"use client SNI", "optional":true }, "renegotiation-disable":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Disable SSL renegotiation", "optional":true }, "session-cache-size":{ "type":"number", "format":"number", "minimum":0, "maximum":128, "default":0, "partition-visibility":"shared", "description":"Session Cache Size (Maximum cache size. Default value 0 (Session ID reuse disabled))", "optional":true }, "session-cache-timeout":{ "type":"number", "format":"number", "minimum":1, "maximum":7200, "partition-visibility":"shared", "description":"Session Cache Timeout (Timeout value, in seconds. Default no timeout.)", "optional":true }, "cipher-template":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":127, "partition-visibility":"shared", "$ref":"/axapi/v3/slb/template/cipher", "not-list":[ "cipher-wo-prio", "shared-partition-cipher-template" ], "description":"Cipher Template Name", "optional":true }, "shared-partition-cipher-template":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "not-list":[ "cipher-wo-prio", "cipher-template" ], "description":"Reference a cipher template from shared partition", "optional":true }, "template-cipher-shared":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":127, "partition-visibility":"shared", "$ref":"/axapi/v3/slb/template/cipher", "description":"Cipher Template Name", "optional":true }, "enable-ssli-ftp-alg":{ "type":"number", "format":"number", "minimum":1, "maximum":65535, "partition-visibility":"shared", "description":"Enable SSLi FTP over TLS support at which port", "optional":true }, "early-data":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Enable TLS 1.3 early data (0-RTT)", "optional":true }, "uuid":{ "type":"string", "format":"string", "minLength":1, "maxLength":64, "partition-visibility":"shared", "modify-not-allowed":1, "description":"uuid of the object", "optional":true }, "user-tag":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":127, "partition-visibility":"shared", "description":"Customized tag", "optional":true }, "certificate":{ "type":"object", "$ref":"/axapi/v3/slb/template/server-ssl/{name}/certificate", "properties":{ "cert":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":245, "partition-visibility":"shared", "description":"Certificate Name" }, "key":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":245, "partition-visibility":"shared", "description":"Client private-key (Key Name)" }, "passphrase":{ "type":"string", "format":"password", "minLength":1, "maxLength":63, "partition-visibility":"shared", "description":"Password Phrase" }, "encrypted":{ "type":"encrypted", "format":"encrypted", "partition-visibility":"shared", "description":"Do NOT use this option manually. (This is an A10 reserved keyword.) (The ENCRYPTED password string)" }, "shared":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"private", "description":"Client Certificate and Key Partition Shared" }, "uuid":{ "type":"string", "format":"string", "minLength":1, "maxLength":64, "partition-visibility":"shared", "modify-not-allowed":1, "description":"uuid of the object" } } } }, "object-keys":[ "name" ], "required":[ "name" ] }