Avi SSLProfile Object API

CLI ``` - configure sslprofile - show sslprofile ``` Examples - **sslprofile_example**: To create a standard security SSL profile ```json {'name': 'Standard', 'accepted_versions': [{'type': 'SSL_VERSION_TLS1'}, {'type': 'SSL_VERSION_TLS1'}, {'type': 'SSL_VERSION_TLS1_1'}, {'type': 'SSL_VERSION_TLS1_2'}], 'accepted_ciphers': 'aECDSA:aECDH:kEDH:kRSA'} ```
More information: https://avinetworks.com/contact-us
Contact Info: support@avinetworks.com
Version: 20.1.9
BasePath:/api
All rights reserved
http://apache.org/licenses/LICENSE-2.0.html

Access

  1. HTTP Basic Authentication

Methods

[ Jump to Models ]

Table of Contents

  1. get /sslprofile
  2. post /sslprofile
  3. delete /sslprofile/{uuid}
  4. get /sslprofile/{uuid}
  5. patch /sslprofile/{uuid}
  6. put /sslprofile/{uuid}
Up
get /sslprofile
(sslprofileGet)

Consumes

This API call consumes the following media types via the Content-Type request header:

Query parameters

name (optional)
Query Parameter — object name
refers_to (optional)
Query Parameter — Filter to request all objects that refers to another Avi resource. Its syntax is refers_to=<obj_type>:<obj_uuid>. Eg. get all virtual services referring to pool p1 will be refers_to=pool:pool_p1_uuid
referred_by (optional)
Query Parameter — Filter to request all objects that are referred by another Avi resource. Its syntax is referred_by=<obj_type>:<obj_uuid>. Eg. get all pools referred_by virtual service vs1 - referred_by=virtualservice:vs_vs1_uuid
fields (optional)
Query Parameter — List of fields to be returned for the resource. Some fields like name, URL, uuid etc. are always returned.
include_name (optional)
Query Parameter — All the Avi REST reference URIs have a name suffix as URI#name. It is useful to get the referenced resource name without performing get on that object.
skip_default (optional)
Query Parameter — Default values are not set.
join_subresources (optional)
Query Parameter — It automatically returns additional dependent resources like runtime. Eg. join_subresources=runtime.

Return type

SSLProfileApiResponse

Example data

Content-Type: application/json
{
  "next" : "aeiou",
  "count" : 123,
  "results" : [ {
    "enable_ssl_session_reuse" : true,
    "accepted_versions" : [ {
      "type" : "aeiou"
    } ],
    "ssl_session_timeout" : 123,
    "enable_early_data" : true,
    "description" : "aeiou",
    "type" : "aeiou",
    "ciphersuites" : "aeiou",
    "uuid" : "aeiou",
    "url" : "aeiou",
    "_last_modified" : "aeiou",
    "labels" : [ {
      "value" : "aeiou",
      "key" : "aeiou"
    } ],
    "tags" : [ {
      "type" : "aeiou",
      "value" : "aeiou"
    } ],
    "send_close_notify" : true,
    "ssl_rating" : {
      "performance_rating" : "aeiou",
      "security_score" : "aeiou",
      "compatibility_rating" : "aeiou"
    },
    "accepted_ciphers" : "aeiou",
    "cipher_enums" : [ "aeiou" ],
    "dhparam" : "aeiou",
    "tenant_ref" : "aeiou",
    "name" : "aeiou",
    "prefer_client_cipher_ordering" : true,
    "markers" : [ {
      "values" : [ "aeiou" ],
      "key" : "aeiou"
    } ]
  } ]
}

Produces

This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.

Responses

200

OK SSLProfileApiResponse

401

log in failed

Up
post /sslprofile
(sslprofilePost)

Consumes

This API call consumes the following media types via the Content-Type request header:

Request body

body (required)
Body Parameter — SSLProfile object creation

Return type

SSLProfile

Example data

Content-Type: application/json
{
  "enable_ssl_session_reuse" : true,
  "accepted_versions" : [ {
    "type" : "aeiou"
  } ],
  "ssl_session_timeout" : 123,
  "enable_early_data" : true,
  "description" : "aeiou",
  "type" : "aeiou",
  "ciphersuites" : "aeiou",
  "uuid" : "aeiou",
  "url" : "aeiou",
  "_last_modified" : "aeiou",
  "labels" : [ {
    "value" : "aeiou",
    "key" : "aeiou"
  } ],
  "tags" : [ {
    "type" : "aeiou",
    "value" : "aeiou"
  } ],
  "send_close_notify" : true,
  "ssl_rating" : {
    "performance_rating" : "aeiou",
    "security_score" : "aeiou",
    "compatibility_rating" : "aeiou"
  },
  "accepted_ciphers" : "aeiou",
  "cipher_enums" : [ "aeiou" ],
  "dhparam" : "aeiou",
  "tenant_ref" : "aeiou",
  "name" : "aeiou",
  "prefer_client_cipher_ordering" : true,
  "markers" : [ {
    "values" : [ "aeiou" ],
    "key" : "aeiou"
  } ]
}

Produces

This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.

Responses

200

OK SSLProfile

401

log in failed

Up
delete /sslprofile/{uuid}
(sslprofileUuidDelete)

Path parameters

uuid (required)
Path Parameter — UUID of the object to fetch

Consumes

This API call consumes the following media types via the Content-Type request header:

Query parameters

name (optional)
Query Parameter — object name

Return type

String

Example data

Content-Type: application/json
"aeiou"

Produces

This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.

Responses

204

object deleted String

404

not found

Up
get /sslprofile/{uuid}
(sslprofileUuidGet)

Path parameters

uuid (required)
Path Parameter — UUID of the object to fetch

Consumes

This API call consumes the following media types via the Content-Type request header:

Query parameters

name (optional)
Query Parameter — object name
fields (optional)
Query Parameter — List of fields to be returned for the resource. Some fields like name, URL, uuid etc. are always returned.
include_name (optional)
Query Parameter — All the Avi REST reference URIs have a name suffix as URI#name. It is useful to get the referenced resource name without performing get on that object.
skip_default (optional)
Query Parameter — Default values are not set.
join_subresources (optional)
Query Parameter — It automatically returns additional dependent resources like runtime. Eg. join_subresources=runtime.

Return type

SSLProfile

Example data

Content-Type: application/json
{
  "enable_ssl_session_reuse" : true,
  "accepted_versions" : [ {
    "type" : "aeiou"
  } ],
  "ssl_session_timeout" : 123,
  "enable_early_data" : true,
  "description" : "aeiou",
  "type" : "aeiou",
  "ciphersuites" : "aeiou",
  "uuid" : "aeiou",
  "url" : "aeiou",
  "_last_modified" : "aeiou",
  "labels" : [ {
    "value" : "aeiou",
    "key" : "aeiou"
  } ],
  "tags" : [ {
    "type" : "aeiou",
    "value" : "aeiou"
  } ],
  "send_close_notify" : true,
  "ssl_rating" : {
    "performance_rating" : "aeiou",
    "security_score" : "aeiou",
    "compatibility_rating" : "aeiou"
  },
  "accepted_ciphers" : "aeiou",
  "cipher_enums" : [ "aeiou" ],
  "dhparam" : "aeiou",
  "tenant_ref" : "aeiou",
  "name" : "aeiou",
  "prefer_client_cipher_ordering" : true,
  "markers" : [ {
    "values" : [ "aeiou" ],
    "key" : "aeiou"
  } ]
}

Produces

This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.

Responses

200

OK SSLProfile

401

log in failed

Up
patch /sslprofile/{uuid}
(sslprofileUuidPatch)

Path parameters

uuid (required)
Path Parameter — UUID of the object to fetch

Consumes

This API call consumes the following media types via the Content-Type request header:

Request body

body (required)
Body Parameter — SSLProfile object creation

Query parameters

name (optional)
Query Parameter — object name

Return type

SSLProfile

Example data

Content-Type: application/json
{
  "enable_ssl_session_reuse" : true,
  "accepted_versions" : [ {
    "type" : "aeiou"
  } ],
  "ssl_session_timeout" : 123,
  "enable_early_data" : true,
  "description" : "aeiou",
  "type" : "aeiou",
  "ciphersuites" : "aeiou",
  "uuid" : "aeiou",
  "url" : "aeiou",
  "_last_modified" : "aeiou",
  "labels" : [ {
    "value" : "aeiou",
    "key" : "aeiou"
  } ],
  "tags" : [ {
    "type" : "aeiou",
    "value" : "aeiou"
  } ],
  "send_close_notify" : true,
  "ssl_rating" : {
    "performance_rating" : "aeiou",
    "security_score" : "aeiou",
    "compatibility_rating" : "aeiou"
  },
  "accepted_ciphers" : "aeiou",
  "cipher_enums" : [ "aeiou" ],
  "dhparam" : "aeiou",
  "tenant_ref" : "aeiou",
  "name" : "aeiou",
  "prefer_client_cipher_ordering" : true,
  "markers" : [ {
    "values" : [ "aeiou" ],
    "key" : "aeiou"
  } ]
}

Produces

This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.

Responses

200

OK SSLProfile

401

log in failed

Up
put /sslprofile/{uuid}
(sslprofileUuidPut)

Path parameters

uuid (required)
Path Parameter — UUID of the object to fetch

Consumes

This API call consumes the following media types via the Content-Type request header:

Request body

body (required)
Body Parameter — SSLProfile object creation

Query parameters

name (optional)
Query Parameter — object name

Return type

SSLProfile

Example data

Content-Type: application/json
{
  "enable_ssl_session_reuse" : true,
  "accepted_versions" : [ {
    "type" : "aeiou"
  } ],
  "ssl_session_timeout" : 123,
  "enable_early_data" : true,
  "description" : "aeiou",
  "type" : "aeiou",
  "ciphersuites" : "aeiou",
  "uuid" : "aeiou",
  "url" : "aeiou",
  "_last_modified" : "aeiou",
  "labels" : [ {
    "value" : "aeiou",
    "key" : "aeiou"
  } ],
  "tags" : [ {
    "type" : "aeiou",
    "value" : "aeiou"
  } ],
  "send_close_notify" : true,
  "ssl_rating" : {
    "performance_rating" : "aeiou",
    "security_score" : "aeiou",
    "compatibility_rating" : "aeiou"
  },
  "accepted_ciphers" : "aeiou",
  "cipher_enums" : [ "aeiou" ],
  "dhparam" : "aeiou",
  "tenant_ref" : "aeiou",
  "name" : "aeiou",
  "prefer_client_cipher_ordering" : true,
  "markers" : [ {
    "values" : [ "aeiou" ],
    "key" : "aeiou"
  } ]
}

Produces

This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.

Responses

200

OK SSLProfile

401

log in failed

Up

Models

[ Jump to Methods ]

Table of Contents

  1. KeyValue
  2. RoleFilterMatchLabel
  3. SSLProfile
  4. SSLProfileApiResponse
  5. SSLRating
  6. SSLVersion
  7. Tag

KeyValue Up

key
String Key.
value (optional)
String Value.

RoleFilterMatchLabel Up

key
String Key for filter match. Field introduced in 20.1.3.
values (optional)
array[String] Values for filter match. Multiple values will be evaluated as OR. Example key = value1 OR key = value2. Behavior for match is key = * if this field is empty. Field introduced in 20.1.3.

SSLProfile Up

_last_modified (optional)
String UNIX time since epoch in microseconds. Units(MICROSECONDS).
accepted_ciphers (optional)
String Ciphers suites represented as defined by https //www.openssl.org/docs/apps/ciphers.html.
accepted_versions (optional)
array[SSLVersion] Set of versions accepted by the server. Minimum of 1 items required.
cipher_enums (optional)
array[String] Enum options - TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_256_GCM_SHA384, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_256_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_3DES_EDE_CBC_SHA, TLS_AES_256_GCM_SHA384, TLS_CHACHA20_POLY1305_SHA256, TLS_AES_128_GCM_SHA256. Allowed in Basic(Allowed values- TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,TLS_RSA_WITH_AES_128_GCM_SHA256,TLS_RSA_WITH_AES_256_GCM_SHA384,TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_256_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA,TLS_RSA_WITH_3DES_EDE_CBC_SHA) edition, Essentials(Allowed values- TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,TLS_RSA_WITH_AES_128_GCM_SHA256,TLS_RSA_WITH_AES_256_GCM_SHA384,TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_256_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA,TLS_RSA_WITH_3DES_EDE_CBC_SHA) edition, Enterprise edition.
ciphersuites (optional)
String TLS 1.3 Ciphers suites represented as defined by U(https //www.openssl.org/docs/manmaster/man1/ciphers.html). Field introduced in 18.2.6. Allowed in Basic edition, Essentials edition, Enterprise edition. Special default for Basic edition is TLS_AES_256_GCM_SHA384-TLS_AES_128_GCM_SHA256, Essentials edition is TLS_AES_256_GCM_SHA384-TLS_AES_128_GCM_SHA256, Enterprise is TLS_AES_256_GCM_SHA384-TLS_CHACHA20_POLY1305_SHA256-TLS_AES_128_GCM_SHA256.
description (optional)
String User defined description for the object.
dhparam (optional)
String DH Parameters used in SSL. At this time, it is not configurable and is set to 2048 bits.
enable_early_data (optional)
Boolean Enable early data processing for TLS1.3 connections. Field introduced in 18.2.6. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition.
enable_ssl_session_reuse (optional)
Boolean Enable SSL session re-use.
labels (optional)
array[KeyValue] Key value pairs for granular object access control. Also allows for classification and tagging of similar objects. Field deprecated in 20.1.5. Field introduced in 20.1.2. Maximum of 4 items allowed.
markers (optional)
array[RoleFilterMatchLabel] List of labels to be used for granular RBAC. Field introduced in 20.1.5. Allowed in Basic edition, Essentials edition, Enterprise edition.
name
String Name of the object.
prefer_client_cipher_ordering (optional)
Boolean Prefer the SSL cipher ordering presented by the client during the SSL handshake over the one specified in the SSL Profile.
send_close_notify (optional)
Boolean Send 'close notify' alert message for a clean shutdown of the SSL connection.
ssl_rating (optional)
SSLRating Placeholder for description of property ssl_rating of obj type SSLProfile field type str type object
ssl_session_timeout (optional)
Integer The amount of time in seconds before an SSL session expires. Unit is SEC. format: int32
tags (optional)
array[Tag] Placeholder for description of property tags of obj type SSLProfile field type str type object
tenant_ref (optional)
String It is a reference to an object of type Tenant.
type (optional)
String SSL Profile Type. Enum options - SSL_PROFILE_TYPE_APPLICATION, SSL_PROFILE_TYPE_SYSTEM. Field introduced in 17.2.8.
url (optional)
String url
uuid (optional)
String Unique object identifier of the object.

SSLProfileApiResponse Up

count
Integer format: int32
results
next (optional)

SSLRating Up

compatibility_rating (optional)
String Enum options - SSL_SCORE_NOT_SECURE, SSL_SCORE_VERY_BAD, SSL_SCORE_BAD, SSL_SCORE_AVERAGE, SSL_SCORE_GOOD, SSL_SCORE_EXCELLENT.
performance_rating (optional)
String Enum options - SSL_SCORE_NOT_SECURE, SSL_SCORE_VERY_BAD, SSL_SCORE_BAD, SSL_SCORE_AVERAGE, SSL_SCORE_GOOD, SSL_SCORE_EXCELLENT.
security_score (optional)
String security_score of SSLRating.

SSLVersion Up

type
String Enum options - SSL_VERSION_SSLV3, SSL_VERSION_TLS1, SSL_VERSION_TLS1_1, SSL_VERSION_TLS1_2, SSL_VERSION_TLS1_3. Allowed in Basic(Allowed values- SSL_VERSION_SSLV3,SSL_VERSION_TLS1,SSL_VERSION_TLS1_1,SSL_VERSION_TLS1_2) edition, Essentials(Allowed values- SSL_VERSION_SSLV3,SSL_VERSION_TLS1,SSL_VERSION_TLS1_1,SSL_VERSION_TLS1_2) edition, Enterprise edition.

Tag Up

type (optional)
String Enum options - AVI_DEFINED, USER_DEFINED, VCENTER_DEFINED.
value
String value of Tag.