.. _slb_template_server_ssl: slb template server-ssl ======================= Server Side SSL Template server-ssl Specification ------------------------ ===================================== ======================================================================= **Parameter** **Value** ===================================== ======================================================================= **Type** *Collection* **Object Key(s)** *name* **Collection Name** :ref:`3044_server-ssl_list` **Collection URI** /axapi/v3/slb/template/server-ssl **Element Name** server-ssl **Element URI** /axapi/v3/slb/template/server-ssl/{name} **Element Attributes** server-ssl_attributes **Partition Visibility** shared **Schema** :download:`server-ssl schema ` ===================================== ======================================================================= **Operations Allowed:** .. raw:: html .. raw:: html .. raw:: html .. raw:: html .. raw:: html .. raw:: html .. raw:: html .. raw:: html .. raw:: html .. raw:: html .. raw:: html .. raw:: html .. raw:: html .. raw:: html .. raw:: html
OperationMethodURIPayload
Create Object .. raw:: html POST .. raw:: html /axapi/v3/slb/template/server-ssl .. raw:: html :ref:`3044_server-ssl_attributes` .. raw:: html
Create List .. raw:: html POST .. raw:: html /axapi/v3/slb/template/server-ssl .. raw:: html :ref:`3044_server-ssl_attributes` .. raw:: html
Get Object .. raw:: html GET .. raw:: html /axapi/v3/slb/template/server-ssl/{name} .. raw:: html :ref:`3044_server-ssl_attributes` .. raw:: html
Get List .. raw:: html GET .. raw:: html /axapi/v3/slb/template/server-ssl .. raw:: html :ref:`3044_server-ssl_list` .. raw:: html
Modify Object .. raw:: html POST .. raw:: html /axapi/v3/slb/template/server-ssl/{name} .. raw:: html :ref:`3044_server-ssl_attributes` .. raw:: html
Replace Object .. raw:: html PUT .. raw:: html /axapi/v3/slb/template/server-ssl/{name} .. raw:: html :ref:`3044_server-ssl_attributes` .. raw:: html
Replace List .. raw:: html PUT .. raw:: html /axapi/v3/slb/template/server-ssl .. raw:: html :ref:`3044_server-ssl_list` .. raw:: html
Delete Object .. raw:: html DELETE .. raw:: html /axapi/v3/slb/template/server-ssl/{name} .. raw:: html :ref:`3044_server-ssl_attributes` .. raw:: html
.. _3044_server-ssl_list: server-ssl-list --------------- server-ssl-list is **JSON List** of :ref:`3044_server-ssl_attributes` server-ssl-list : [ { :ref:`3044_server-ssl_attributes` }, { :ref:`3044_server-ssl_attributes` }, ... ] .. _3044_server-ssl_attributes: server-ssl attributes --------------------- **alert-type** **Description** 'fatal': Log fatal alerts; **Type:** string **Supported Values:** fatal **ca-certs** **Type:** List **certificate** **Description:** certificate is a **JSON Block**. Please see below for :ref:`3044_certificate` **Type:** Object **Reference Object:** :doc:`/axapi/v3/slb/template/server-ssl/{name}/certificate ` **cipher-template** **Description** Cipher Template Name **Type:** string **Format:** string-rlx **Maximum Length:** 127 characters **Maximum Length:** 1 characters **Mutual Exclusion:** cipher-template, cipher-wo-prio, and shared-partition-cipher-template are mutually exclusive **Reference Object:** :doc:`/axapi/v3/slb/template/cipher ` **cipher-without-prio-list** **Type:** List **close-notify** **Description** Send close notification when terminate connection **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **crl-certs** **Type:** List **dgversion** **Description** Lower TLS/SSL version can be downgraded **Type:** number **Range:** 30-34 **Default:** 31 **dh-type** **Description** '1024': 1024; '1024-dsa': 1024-dsa; '2048': 2048; **Type:** string **Supported Values:** 1024, 1024-dsa, 2048 **early-data** **Description** Enable TLS 1.3 early data (0-RTT) **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **ec-list** **Type:** List **enable-ssli-ftp-alg** **Description** Enable SSLi FTP over TLS support at which port **Type:** number **Range:** 1-65535 **enable-tls-alert-logging** **Description** Enable TLS alert logging **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **forward-proxy-enable** **Description** Enable SSL forward proxy **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **handshake-logging-enable** **Description** Enable SSL handshake logging **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **name** **Description** Server SSL Template Name **Type:** string **Format:** string-rlx **Maximum Length:** 127 characters **Maximum Length:** 1 characters **ocsp-stapling** **Description** Enable ocsp-stapling support **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **renegotiation-disable** **Description** Disable SSL renegotiation **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **server-certificate-error** **Type:** List **server-name** **Description** Specify Server Name **Type:** string **Format:** string-rlx **Maximum Length:** 63 characters **Maximum Length:** 1 characters **session-cache-size** **Description** Session Cache Size (Maximum cache size. Default value 0 (Session ID reuse disabled)) **Type:** number **Range:** 0-128 **Default:** 0 **session-cache-timeout** **Description** Session Cache Timeout (Timeout value, in seconds. Default no timeout.) **Type:** number **Range:** 1-7200 **session-ticket-enable** **Description** Enable server side session ticket support **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **shared-partition-cipher-template** **Description** Reference a cipher template from shared partition **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **Mutual Exclusion:** shared-partition-cipher-template, cipher-wo-prio, and cipher-template are mutually exclusive **ssli-logging** **Description** SSLi logging level, default is error logging only **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **sslilogging** **Description** 'disable': Disable all logging; 'all': enable all logging(error, info); **Type:** string **Supported Values:** disable, all **template-cipher-shared** **Description** Cipher Template Name **Type:** string **Format:** string-rlx **Maximum Length:** 127 characters **Maximum Length:** 1 characters **Reference Object:** :doc:`/axapi/v3/slb/template/cipher ` **use-client-sni** **Description** use client SNI **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **user-tag** **Description** Customized tag **Type:** string **Format:** string-rlx **Maximum Length:** 127 characters **Maximum Length:** 1 characters **uuid** **Description** uuid of the object **Type:** string **Maximum Length:** 64 characters **Maximum Length:** 1 characters **version** **Description** TLS/SSL version, default is the highest number supported (TLS/SSL version: 30-SSLv3.0, 31-TLSv1.0, 32-TLSv1.1, 33-TLSv1.2 and 34-TLSv1.3) **Type:** number **Range:** 30-34 **Default:** 33 .. _3044_crl-certs: crl-certs ^^^^^^^^^ =============================== =================================================== **Specification** **Value** =============================== =================================================== **Type** *list* **Block object keys** =============================== =================================================== **crl** **Description** Certificate Revocation Lists (Certificate Revocation Lists file name) **Type:** string **Maximum Length:** 255 characters **Maximum Length:** 1 characters **crl-partition-shared** **Description** Certificate Revocation Lists Partition Shared **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 .. _3044_certificate: certificate ^^^^^^^^^^^ =============================== =================================================== **Specification** **Value** =============================== =================================================== **Type** *object* =============================== =================================================== **cert** **Description** Certificate Name **Type:** string **Format:** string-rlx **Maximum Length:** 245 characters **Maximum Length:** 1 characters **encrypted** **Description** Do NOT use this option manually. (This is an A10 reserved keyword.) (The ENCRYPTED password string) **key** **Description** Client private-key (Key Name) **Type:** string **Format:** string-rlx **Maximum Length:** 245 characters **Maximum Length:** 1 characters **passphrase** **Description** Password Phrase **Type:** string **Format:** password **Maximum Length:** 63 characters **Maximum Length:** 1 characters **shared** **Description** Client Certificate and Key Partition Shared **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **uuid** **Description** uuid of the object **Type:** string **Maximum Length:** 64 characters **Maximum Length:** 1 characters .. _3044_ec-list: ec-list ^^^^^^^ =============================== =================================================== **Specification** **Value** =============================== =================================================== **Type** *list* **Block object keys** =============================== =================================================== **ec** **Description** 'secp256r1': X9_62_prime256v1; 'secp384r1': secp384r1; **Type:** string **Supported Values:** secp256r1, secp384r1 .. _3044_server-certificate-error: server-certificate-error ^^^^^^^^^^^^^^^^^^^^^^^^ =============================== =================================================== **Specification** **Value** =============================== =================================================== **Type** *list* **Block object keys** =============================== =================================================== **error-type** **Description** 'email': Notify the error via email; 'ignore': Ignore the error, which mean the connection can continue; 'logging': Log the error; 'trap': Notify the error by SNMP trap; **Type:** string **Supported Values:** email, ignore, logging, trap .. _3044_ca-certs: ca-certs ^^^^^^^^ =============================== =================================================== **Specification** **Value** =============================== =================================================== **Type** *list* **Block object keys** =============================== =================================================== **ca-cert** **Description** Specify CA certificate **Type:** string **Format:** string-rlx **Maximum Length:** 245 characters **Maximum Length:** 1 characters **ca-cert-partition-shared** **Description** CA Certificate Partition Shared **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **server-ocsp-sg** **Description** Specify service-group (Service group name) **Type:** string **Format:** string-rlx **Maximum Length:** 127 characters **Maximum Length:** 1 characters **Reference Object:** :doc:`/axapi/v3/aam/authentication/service-group ` **server-ocsp-srvr** **Description** Specify authentication server **Type:** string **Format:** string-rlx **Maximum Length:** 63 characters **Maximum Length:** 1 characters **Reference Object:** :doc:`/axapi/v3/aam/authentication/server/ocsp ` .. _3044_cipher-without-prio-list: cipher-without-prio-list ^^^^^^^^^^^^^^^^^^^^^^^^ =============================== =================================================== **Specification** **Value** =============================== =================================================== **Type** *list* **Block object keys** =============================== =================================================== **cipher-wo-prio** **Description** 'SSL3_RSA_DES_192_CBC3_SHA': TLS_RSA_WITH_3DES_EDE_CBC_SHA (0x000A); 'SSL3_RSA_RC4_128_MD5': TLS_RSA_WITH_RC4_128_MD5 (0x0004); 'SSL3_RSA_RC4_128_SHA': TLS_RSA_WITH_RC4_128_SHA (0x0005); 'TLS1_RSA_AES_128_SHA': TLS_RSA_WITH_AES_128_CBC_SHA (0x002F); 'TLS1_RSA_AES_256_SHA': TLS_RSA_WITH_AES_256_CBC_SHA (0x0035); 'TLS1_RSA_AES_128_SHA256': TLS_RSA_WITH_AES_128_CBC_SHA256 (0x003C); 'TLS1_RSA_AES_256_SHA256': TLS_RSA_WITH_AES_256_CBC_SHA256 (0x003D); 'TLS1_DHE_RSA_AES_128_GCM_SHA256': TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 (0x009E); 'TLS1_DHE_RSA_AES_128_SHA': TLS_DHE_RSA_WITH_AES_128_CBC_SHA (0x0033); 'TLS1_DHE_RSA_AES_128_SHA256': TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 (0x0067); 'TLS1_DHE_RSA_AES_256_GCM_SHA384': TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 (0x009F); 'TLS1_DHE_RSA_AES_256_SHA': TLS_DHE_RSA_WITH_AES_256_CBC_SHA (0x0039); 'TLS1_DHE_RSA_AES_256_SHA256': TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 (0x006B); 'TLS1_ECDHE_ECDSA_AES_128_GCM_SHA256': TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 (0xC02B); 'TLS1_ECDHE_ECDSA_AES_128_SHA': TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA (0xC009); 'TLS1_ECDHE_ECDSA_AES_128_SHA256': TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 (0xC023); 'TLS1_ECDHE_ECDSA_AES_256_GCM_SHA384': TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 (0xC02C); 'TLS1_ECDHE_ECDSA_AES_256_SHA': TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA (0xC00A); 'TLS1_ECDHE_RSA_AES_128_GCM_SHA256': TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xC02F); 'TLS1_ECDHE_RSA_AES_128_SHA': TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (0xC013); 'TLS1_ECDHE_RSA_AES_128_SHA256': TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 (0xC027); 'TLS1_ECDHE_RSA_AES_256_GCM_SHA384': TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (0xC030); 'TLS1_ECDHE_RSA_AES_256_SHA': TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xC014); 'TLS1_RSA_AES_128_GCM_SHA256': TLS_RSA_WITH_AES_128_GCM_SHA256 (0x009C); 'TLS1_RSA_AES_256_GCM_SHA384': TLS_RSA_WITH_AES_256_GCM_SHA384 (0x009D); 'TLS1_ECDHE_RSA_AES_256_SHA384': TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 (0xC028); 'TLS1_ECDHE_ECDSA_AES_256_SHA384': TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 (0xC024); 'TLS1_ECDHE_RSA_CHACHA20_POLY1305_SHA256': TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 (0xCCA8); 'TLS1_ECDHE_ECDSA_CHACHA20_POLY1305_SHA256': TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 (0xCCA9); 'TLS1_DHE_RSA_CHACHA20_POLY1305_SHA256': TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 (0xCCAA); **Type:** string **Supported Values:** SSL3_RSA_DES_192_CBC3_SHA, SSL3_RSA_RC4_128_MD5, SSL3_RSA_RC4_128_SHA, TLS1_RSA_AES_128_SHA, TLS1_RSA_AES_256_SHA, TLS1_RSA_AES_128_SHA256, TLS1_RSA_AES_256_SHA256, TLS1_DHE_RSA_AES_128_GCM_SHA256, TLS1_DHE_RSA_AES_128_SHA, TLS1_DHE_RSA_AES_128_SHA256, TLS1_DHE_RSA_AES_256_GCM_SHA384, TLS1_DHE_RSA_AES_256_SHA, TLS1_DHE_RSA_AES_256_SHA256, TLS1_ECDHE_ECDSA_AES_128_GCM_SHA256, TLS1_ECDHE_ECDSA_AES_128_SHA, TLS1_ECDHE_ECDSA_AES_128_SHA256, TLS1_ECDHE_ECDSA_AES_256_GCM_SHA384, TLS1_ECDHE_ECDSA_AES_256_SHA, TLS1_ECDHE_RSA_AES_128_GCM_SHA256, TLS1_ECDHE_RSA_AES_128_SHA, TLS1_ECDHE_RSA_AES_128_SHA256, TLS1_ECDHE_RSA_AES_256_GCM_SHA384, TLS1_ECDHE_RSA_AES_256_SHA, TLS1_RSA_AES_128_GCM_SHA256, TLS1_RSA_AES_256_GCM_SHA384, TLS1_ECDHE_RSA_AES_256_SHA384, TLS1_ECDHE_ECDSA_AES_256_SHA384, TLS1_ECDHE_RSA_CHACHA20_POLY1305_SHA256, TLS1_ECDHE_ECDSA_CHACHA20_POLY1305_SHA256, TLS1_DHE_RSA_CHACHA20_POLY1305_SHA256 **Mutual Exclusion:** cipher-wo-prio, cipher-template, and shared-partition-cipher-template are mutually exclusive