def conf_ssl_proxy_cert_identifier(device=None, *args, **kwargs): """ SSL Services profile certificate identifier configuration Example :- conf_ssl_proxy_cert_identifier(device_handle=device_handle, sslprofile="sslprofile", certidentifier="ssl-inspect-ca") conf_ssl_proxy_cert_identifier(device_handle=device_handle, mode="delete", sslprofile="sslprofile", certidentifier="ssl-inspect-ca") Robot example :- conf ssl proxy cert identifier device=$(device) sslprofile=sslprofile certidentifier="ssl-inspect-ca" :param str device: **REQUIRED** Handle of the device :param str mode: *OPTIONAL* Device configuration mode ``Supported values``: set or delete ``Default value`` : set :param str sslprofile: **REQUIRED** ssl proxy profile name :param str sslplugin: **REQUIRED** ssl plugin type selection ``Supported values``: proxy, initiation or termination :param str certidentifier: **REQUIRED** Certificate identifier a mandatory option to be passed :param str commit: *OPTIONAL* commit configuration option ``Supported values``: yes or no ``Default value`` : yes :return: Returns "True" :rtype: bool """ return SslServices(device).conf_ssl_cert_identifier(*args, **kwargs)
def conf_ssl_cache_timeout(device=None, *args, **kwargs): """ SSL session cache timeout configuration Example :- configure_ssl_cache_timeout( device=device, sslprofile = "sslprofile", timeout="300") configure_ssl_cache_timeout(device=device, mode="delete", sslprofile = "sslprofile", timeout="300") Robot example :- configure ssl cache timeout device=$(device) sslprofile=sslprofile timeout=300 :param str device: **REQUIRED** Handle of the device :param str mode: *OPTIONAL* Device configuration mode ``Supported values``: set or delete ``Default value`` : set :param str sslprofile: **REQUIRED** ssl proxy profile name mandatory option to be passed :param str timeout: **REQUIRED** cache timeout for ssl session ``Supported values``: 300 to 3600 seconds :param str commit: *OPTIONAL* commit configuration option ``Supported values``: yes or no ``Default value`` : yes :return: Returns "True" :rtype: bool """ return SslServices(device).conf_ssl_cache_timeout(*args, **kwargs)
def conf_disable_ssl_proxy_resump(device=None, *args, **kwargs): """ SSL session resumption configuration Example :- conf_disable_ssl_proxy_resump(device=device, sslprofile="sslprofile") conf_disable_ssl_proxy_resump(device=device, mode="delete", sslprofile="sslprofile") Robot example :- conf disable ssl proxy resump device=$(device) sslprofile=sslprofile :param str device: **REQUIRED** Handle of the device :param str mode: *OPTIONAL* Device configuration mode ``Supported values``: set or delete ``Default value`` : set :param str sslprofile: *REQUIRED* ssl proxy profile name mandatory option to be passed :param str commit: *OPTIONAL* commit configuration option ``Supported values``: yes or no ``Default value`` : yes :return: Returns "True" :rtype: bool """ return SslServices(device).conf_disable_ssl_proxy_resump(*args, **kwargs)
def conf_ssl_proxy_whitelist(device=None, *args, **kwargs): """ Whitelist configuration with global address book Example :- conf_ssl_proxy_whitelist(device=device, whitelist="DNS-server DNS-server2", sslprofile="sslprofile") conf_ssl_proxy_whitelist(device=device, mode="delete", whitelist="DNS-server DNS-server2", sslprofile = "sslprofile") conf_ssl_proxy_whitelist(device=device, mode="delete", sslprofile="sslprofile") Robot example :- conf ssl proxy whitelist device=$(device) whitelist=DNS-server DNS-server2 sslprofile=sslprofile :param str device: **REQUIRED** Handle of the device :param str mode: *OPTIONAL* Device configuration mode ``Supported values``: set or delete ``Default value`` : set :param str whitelist: *REQUIRED* Configure whitelist with global address book : param str sslprofile: * REQUIRED * ssl proxy profile name mandatory option to be passed :param str commit: *OPTIONAL* commit configuration option ``Supported values``: yes or no ``Default value`` : yes :return: Returns "True" :rtype: bool """ return SslServices(device).conf_ssl_proxy_whitelist(*args, **kwargs)
def conf_sslsp_server_cert_list(device=None, *args, **kwargs): """ SSL Server protection Server certification list configuration Example :- conf_sslsp_server_cert_list(device=device, sslprofile="sslprofile", servercert="ssl-inspect-ca") conf_sslsp_server_cert_list(device=device, mode="delete", sslprofile="sslprofile", servercert="ssl-inspect-ca") conf_sslsp_server_cert_list(device=device, mode="delete", sslprofile="sslprofile") Robot example :- conf sslsp server cert list device=$(device) sslprofile=sslprofile servercert=ssl-inspect-ca :param str device: **REQUIRED** Handle of the device :param str mode: *OPTIONAL* Device configuration mode ``Supported values``: set or delete ``Default value`` : set :param str sslprofile: *REQUIRED* ssl proxy profile name mandatory option to be passed :param servercert: *REQUIRED* Server certification list profile a mandatory option to be passed :param str commit: *OPTIONAL* commit configuration option ``Supported values``: yes or no ``Default value`` : yes :return: Returns "True" :rtype: bool """ return SslServices(device).conf_sslsp_server_cert_list(*args, **kwargs)
def conf_ssl_proxy_ignore_serv_auth(device=None, *args, **kwargs): """ SSL server certificate authentification failure ignore configuration Example :- conf_ssl_proxy_ignore_serv_auth( device=device, sslprofile="sslprofile") conf_ssl_proxy_ignore_serv_auth(device=device, mode="delete", sslprofile="sslprofile") Robot example :- conf ssl proxy ignore serv auth device=$(device) sslprofile=sslprofile :param str device: **REQUIRED** Handle of the device :param str mode: *OPTIONAL* Device configuration mode ``Supported values``: set or delete ``Default value`` : set :param str sslplugin: *OPTIONAL* SSL plugin type selection ``Supported values``: proxy, initiation or termination ``Default value`` : proxy :param str sslprofile: **REQUIRED** ssl proxy profile name mandatory option to be passed :param str commit: *OPTIONAL* commit configuration option ``Supported values``: yes or no ``Default value`` : yes :return: Returns "True" :rtype: bool """ return SslServices(device).conf_ssl_ignore_serv_auth(*args, **kwargs)
def conf_ssl_init_enable_sess_cache(device=None, *args, **kwargs): """ SSL TLS initiation and termination plugin session cache enabling configuration Example :- conf_ssl_init_enable_sess_cache(device=device, sslprofile="sslinit") conf_ssl_init_enable_sess_cache(device=device, mode="delete", sslprofile="sslinit") Robot example :- conf ssl init enable sess cache device=$(device) mode="delete" sslprofile="sslinit" :param str device: **REQUIRED** Handle of the device :param str mode: *OPTIONAL* Device configuration mode ``Supported values``: set or delete ``Default value`` : set :param str sslplugin: *REQUIRED* SSL plugin type selection ``Supported values``: initiation or termination ``Default value`` : initiation :param str sslprofile: *REQUIRED* ssl proxy profile name mandatory option to be passed :param str commit: *OPTIONAL* commit configuration option ``Supported values``: yes or no ``Default value`` : yes """ return SslServices(device).conf_ssl_enable_sess_cache(*args, **kwargs)
def conf_ssl_proxy_whitelist_url(device=None, *args, **kwargs): """ Whitelist configuration with global address book Example :- conf_ssl_proxy_whitelist(device=device, whitelist="Enhanced_Financial_Data_and_Services", sslprofile = "sslprofile") conf_ssl_proxy_whitelist(device=device, mode="delete", whitelist="Enhanced_Financial_Data_and_Services", sslprofile = "sslprofile") conf_ssl_proxy_whitelist(device=device, whitelist="Enhanced_Social_Web_Facebook", sslprofile = "sslprofile") conf_ssl_proxy_whitelist(device=device, mode="delete", sslprofile = "sslprofile") Robot example :- conf sslfp whitelist device=$(device) mode="delete" sslprofile = "sslprofile" :param str device: **REQUIRED** Handle of the device :param str mode: *OPTIONAL* Device configuration mode ``Supported values``: set or delete ``Default value`` : set :param whitelist: *REQUIRED* Configure whitelist with global address book. Not mandatory when user wants\ delete complete whitelist configuration from profile : param sslprofile: * REQUIRED * ssl proxy profile name mandatory option to be passed :param str commit: *OPTIONAL* commit configuration option ``Supported values``: yes or no ``Default value`` : yes :return: Returns "True" :rtype: bool """ return SslServices(device).conf_ssl_proxy_whitelist_url(*args, **kwargs)
def conf_ssl_init_protocol_version(device=None, *args, **kwargs): """ SSL TLS version configuration Example :- conf_ssl_init_protocol_version(device=device, sslprofile="sslinit", tls_version="tls11") conf_ssl_init_protocol_version(device=device, mode="delete", sslprofile="sslinit",\ tls_version="tls11") Robot example :- conf ssl init protocol version device=$(device) sslprofile=sslinit \ tls_version=tls11 :param str device: **REQUIRED** Handle of the device :param str device: **REQUIRED** Handle of the device :param str mode: *OPTIONAL* Device configuration mode ``Supported values``: set or delete ``Default value`` : set :param str sslplugin: *OPTIONAL* SSL plugin type selection ``Supported values``: proxy, initiation or termination ``Default value`` : initiation :param str sslprofile: *REQUIRED* ssl proxy profile name mandatory option to be passed :param str tls_version: *REQUIRED* TLS version for ssl initiation profile "all", "tls11", "tls12" & "tls1" :param str commit: *OPTIONAL* commit configuration option ``Supported values``: yes or no ``Default value`` : yes """ return SslServices(device).conf_ssl_protocol_version(sslplugin="initiation", *args, **kwargs)
def conf_ssl_proxy_renegotiation(device=None, *args, **kwargs): """ SSL session renegotiation configuration Example :- conf_ssl_proxy_renegotiation(device=device, sslprofile="sslprofile", renegotiation="allow-secure") conf_ssl_proxy_renegotiation(device=device, mode="delete", sslprofile="sslprofile", renegotiation="allow") Robot example :- conf ssl proxy renegotiation device=$(device) sslprofile=sslprofile renegotiation=allow-secure :param str device: **REQUIRED** Handle of the device :param str mode: *OPTIONAL* Device configuration mode ``Supported values``: set or delete ``Default value`` : set :param str sslprofile: *REQUIRED* ssl proxy profile name mandatory option to be passed :param renegotiation: *REQUIRED* renegotiation configuration options "allow", "allow-secure" or "drop" :param str commit: *OPTIONAL* commit configuration option ``Supported values``: yes or no ``Default value`` : yes :return: Returns "True" :rtype: bool """ return SslServices(device).conf_ssl_proxy_renegotiation(*args, **kwargs)
def conf_ssl_proxy_flow_trace(device=None, *args, **kwargs): """ Flow trace configuration in global ssl service level Example :- conf_ssl_proxy_flow_trace(device=device, sslprofile ="sslprofile") conf_ssl_proxy_flow_trace(device=device, mode="delete", sslprofile ="sslprofile") Robot example :- conf ssl proxy flow trace device=$(device) sslprofile=sslprofile :param str device: **REQUIRED** Handle of the device :param str mode: *OPTIONAL* Device configuration mode ``Supported values``: set or delete ``Default value`` : set :param str sslplugin: *OPTIONAL* SSL plugin type selection ``Supported values``: proxy, initiation or termination ``Default value`` : proxy :param str sslprofile: * REQUIRED * ssl proxy profile name mandatory option to be passed :param str commit: *OPTIONAL* commit configuration option ``Supported values``: yes or no ``Default value`` : yes :return: Returns "True" :rtype: bool """ return SslServices(device).conf_ssl_flow_trace(*args, **kwargs)
def conf_ssl_termination(device=None, *args, **kwargs): """ Configuring SSL proxy in either client or server protection mode Example :- conf_ssl_termination(device=device, sslprofile='sslterm', certidentifier='ssl-inspect-ca', enable_flow_trace="TrUe", ciphersuite='rsa-with-rc4-128-md5 rsa-with-rc4-128-shA', tls_version='all', enable_session_cache='true' ) conf_ssl_termination(mode='delete', sslprofile='sslterm') Robot example :- conf ssl termination sslprofile='sslterm' mode='delete' :param str device: **REQUIRED** Handle of the device :param str mode: *OPTIONAL* Device configuration mode ``Supported values``: set or delete ``Default value`` : set :param sslprofile: * REQUIRED * ssl proxy profile name :param str certidentifier: **REQUIRED** Certificate identifier a mandatory option to be passed :param str enable_flow_trace: *OPTIONAL* Enable flow trace for the ssl profile ``Supported values``: True :param str ciphersuite: *OPTIONAL* cipher suite ``Supported values``: Values for preferred cipher suite medium Use ciphers with key strength of 128-bits or greater strong Use ciphers with key strength of 168-bits or greater weak Use ciphers with key strength of 40-bits or greater Values for custom cipher suite rsa-with-rc4-128-md5 RSA, 128bit rc4, md5 hash rsa-with-rc4-128-sha RSA, 128bit rc4, sha hash rsa-with-des-cbc-sha RSA, des cbc, sha hash rsa-with-3des-ede-cbc-sha RSA, 3des ede/cbc, sha hash rsa-with-aes-128-cbc-sha RSA, 128 bit aes/cbc, sha hash rsa-with-aes-256-cbc-sha RSA, 256 bit aes/cbc, sha hash rsa-export-with-rc4-40-md5 RSA-export, 40 bit rc4, md5 hash rsa-export-with-des40-cbc-sha RSA-export, 40 bit des/cbc, sha :param str tls_version: *OPTIONAL* TLS version for ssl profile ``Supported values``: all, tls11, tls12 or tls1 :param str enable_session_cache: *OPTIONAL* enable session cache ``Supported values``: true :param str commit: *OPTIONAL* commit configuration option ``Supported values``: yes or no ``Default value`` : yes :return: Returns "True" :rtype: bool """ return SslServices(device).conf_ssl_termination(*args, **kwargs)
def conf_ssl_trace_options(device=None, *args, **kwargs): """ ssl proxy/init/terminate trace options configuration Example :- configure_ssl_trace_options(device=device, filename="ssl-userfile", maxfiles="10", size="100", worldreadable="yes",flag="cli-configuration", level="extensive", noremotetrace="yes") configure_ssl_trace_options(device=device, mode="delete", filename="ssl-userfile", maxfiles="10", size="100", worldreadable="yes", flag="cli-configuration", level="extensive", noremotetrace="yes") Robot example :- configure ssl trace options device=$(device) mode=delete filename=ssl-userfile maxfiles=10 size=100 worldreadable=yes flag=cli-configuration level=extensive noremotetrace=yes :param str device: **REQUIRED** Handle of the device :param str mode: *OPTIONAL* Device configuration mode ``Supported values``: set or delete ``Default value`` : set :param str filename: *OPTIONAL* Name of the ssl traceoptions file to log traces ``Default value`` : ssl_trace :param int maxfiles: *OPTIONAL* Maximum no of trace files to be created on system ``Default value`` : 3 :param int size: *OPTIONAL* Maximum size of the trace file ``Default value`` : 128000 :param str worldreadable: *OPTIONAL* world-readable configuration ``Supported values``: true or false :param str flag: *OPTIONAL* Configure trace flag options ``Supported values``: all, cli-configuration, initiation, proxy, selected-profile or termination :param str level: *OPTIONAL* Configure trace level options ``Supported values``: brief, detail, extensive or verbose ``Default value`` : brief :param str noremotetrace: *OPTIONAL* Disable remote tracing ``Supported values``: yes or no :param str commit: *OPTIONAL* commit configuration option ``Supported values``: yes or no ``Default value`` : yes :return: Returns "True" :rtype: bool """ return SslServices(device).conf_ssl_trace_options(*args, **kwargs)
def conf_ssl_proxy_custom_cipher(device=None, *args, **kwargs): """ SSL custom cipher suite configurations Example :- conf_ssl_proxy_custom_cipher( device=device, sslprofile="sslprofile", ciphersuite="rsa-with-rc4-128-md5 rsa-with-rc4-128-sha rsa-with-des-cbc-sha rsa-export-with-rc4-40-md5") conf_ssl_proxy_custom_cipher(device=device, mode="delete", sslprofile="sslprofile", ciphersuite="rsa-with-rc4-128-md5 rsa-with-rc4-128-sha") conf_ssl_proxy_custom_cipher(device=device, mode="delete" , sslprofile="sslprofile") Robot example :- conf ssl proxy custom cipher device=$(device) sslprofile=sslprofile ciphersuite=rsa-with-rc4-128-md5 rsa-with-rc4-128-sha rsa-with-des-cbc-sha rsa-export-with-rc4-40-md5 :param str device: **REQUIRED** Handle of the device :param str mode: *OPTIONAL* Device configuration mode ``Supported values``: set or delete ``Default value`` : set :param str ciphersuite: **REQUIRED** custom cipher suite to be configured ``Supported values``: rsa-with-rc4-128-md5 RSA, 128bit rc4, md5 hash rsa-with-rc4-128-sha RSA, 128bit rc4, sha hash rsa-with-des-cbc-sha RSA, des cbc, sha hash rsa-with-3des-ede-cbc-sha RSA, 3des ede/cbc, sha hash rsa-with-aes-128-cbc-sha RSA, 128 bit aes/cbc, sha hash rsa-with-aes-256-cbc-sha RSA, 256 bit aes/cbc, sha hash rsa-export-with-rc4-40-md5 RSA-export, 40 bit rc4, md5 hash rsa-export-with-des40-cbc-sha RSA-export, 40 bit des/cbc, sha :param str sslplugin: *OPTIONAL* SSL plugin type selection ``Supported values``: proxy, initiation or termination ``Default value`` : proxy :param str sslprofile: **REQUIRED** ssl proxy profile name mandatory option to be passed :param str commit: *OPTIONAL* commit configuration option ``Supported values``: yes or no ``Default value`` : yes :return: Returns "True" :rtype: bool """ return SslServices(device).conf_ssl_custom_cipher(*args, **kwargs)
def clear_ssl_statistics(device=None, *args, **kwargs): """ Keyword to clear ssl proxy statistics Example :- clear_ssl_statistics( device=device) clear_ssl_statistics( device=device, node="node0") Robot example :- clear ssl statistics device=$(device) node="node0" :param str device: **REQUIRED** Handle of the device :param str node: *OPTIONAL* HA node selection ``Supported values``: node0 or node1 ``Default value`` : local """ return SslServices(device).clear_ssl_statistics(*args, **kwargs)
def conf_ssl_proxy_crl(device=None, *args, **kwargs): """ SSL CRL configuration Example :- conf_ssl_proxy_crl( device=device, sslprofile="sslprofile", crlaction="if-not-present",ifnotpresent="allow") conf_ssl_proxy_crl( device=device, sslprofile="sslprofile", crlaction="disable") conf_ssl_proxy_crl( device=device, sslprofile="sslprofile", crlaction="ignore-hold-instruction-code") conf_ssl_proxy_crl(device=device, mode="delete", sslprofile="sslprofile") Robot example :- conf ssl proxy crl device=$(device) sslprofile=sslprofile crlaction=if-not-present ifnotpresent=allow :param str device: **REQUIRED** Handle of the device :param str mode: *OPTIONAL* Device configuration mode ``Supported values``: set or delete ``Default value`` : set :param str sslplugin: *OPTIONAL* SSL plugin type selection ``Supported values``: proxy, initiation or termination ``Default value`` : proxy :param str sslprofile: **REQUIRED** ssl proxy profile name mandatory option to be passed :param str crlaction: **REQUIRED** crl action configuration options ``Supported values``: disable, if-not-present or ignore-hold-instruction-code :param str ifnotpresent: **REQUIRED** if-not-present action should be parsed when crlaction is "if-not-present" ``Supported values``: allow or drop :param str commit: *OPTIONAL* commit configuration option ``Supported values``: yes or no ``Default value`` : yes :return: Returns "True" :rtype: bool """ return SslServices(device).conf_ssl_crl(*args, **kwargs)
def conf_ssl_proxy_preferred_cipher(device=None, *args, **kwargs): """ SSL preferred cipher suite configurations Example :- conf_ssl_proxy_preferred_cipher( device=device, sslprofile="sslprofile", ciphersuite="strong") conf_ssl_proxy_preferred_cipher(device=device, mode="delete", sslprofile="sslprofile") Robot example :- conf ssl proxy preferred cipher device=$(device) sslprofile="sslprofile" ciphersuite="strong" :param str device: **REQUIRED** Handle of the device :param str mode: *OPTIONAL* Device configuration mode ``Supported values``: set or delete ``Default value`` : set :param str ciphersuite: **REQUIRED** custom cipher suite to be configured ``Supported values``: custom Configure custom cipher suite and order of preference medium Use ciphers with key strength of 128-bits or greater strong Use ciphers with key strength of 168-bits or greater weak Use ciphers with key strength of 40-bits or greater :param str sslplugin: *OPTIONAL* SSL plugin type selection ``Supported values``: proxy, initiation or termination ``Default value`` : proxy :param str sslprofile: **REQUIRED** ssl proxy profile name mandatory option to be passed :param str commit: *OPTIONAL* commit configuration option ``Supported values``: yes or no ``Default value`` : yes :return: Returns "True" :rtype: bool """ return SslServices(device).conf_ssl_preferred_cipher(*args, **kwargs)
def conf_ssl_proxy_trusted_ca(device=None, *args, **kwargs): """ Trusted certificate configuration Example :- conf_ssl_proxy_trusted_ca(device=device, trusted_ca_list="all", sslprofile ="sslprofile") conf_ssl_proxy_trusted_ca(device=device, mode="delete", trusted_ca_list="all", sslprofile = "sslprofile") conf_ssl_proxy_trusted_ca(device=device, trusted_ca_list="all test1 test2 test3", sslprofile = "sslprofile") conf_ssl_proxy_trusted_ca(device=device, mode="delete", trusted_ca_list="all test1 test2 test3", sslprofile = "sslprofile") conf_ssl_proxy_trusted_ca(device=device, mode="delete", sslprofile = "sslprofile") Robot example :- conf ssl proxy trusted ca device=$(device) trusted_ca_list=all sslprofile =sslprofile :param str device: **REQUIRED** Handle of the device :param str mode: *OPTIONAL* Device configuration mode ``Supported values``: set or delete ``Default value`` : set :param str trusted_ca_list: *REQUIRED* Configure trusted CAs :param str sslplugin: *OPTIONAL* SSL plugin type selection ``Supported values``: proxy, initiation or termination ``Default value`` : proxy :param str sslprofile: * REQUIRED * ssl proxy profile name mandatory option to be passed :param str commit: *OPTIONAL* commit configuration option ``Supported values``: yes or no ``Default value`` : yes :return: Returns "True" :rtype: bool """ return SslServices(device).conf_ssl_trusted_ca(*args, **kwargs)
def conf_ssl_proxy_logging(device=None, *args, **kwargs): """ SSLFP logging configuration Example: - conf_ssl_proxy_logging(device=device, sslprofile= "sslprofile", log="sessions-whitelisted") conf_ssl_proxy_logging(device=device, mode="delete", sslprofile="sslprofile", log = "all") Robot example :- conf ssl proxy logging device=$(device) sslprofile=sslprofile log=sessions-whitelisted :param str device: **REQUIRED** Handle of the device :param str mode: *OPTIONAL* Device configuration mode ``Supported values``: set or delete ``Default value`` : set :param str sslprofile: * REQUIRED * ssl proxy profile name mandatory option to be passed :param log: * REQUIRED * log action configuration options: ``Supported values``: all Log all events errors Log all error events info Log all information events sessions-allowed Log ssl session allow events after an error sessions-dropped Log only ssl session drop events sessions-ignored Log session ignore events sessions-whitelisted Log ssl session whitelist events warning Log all warning events :param str commit: *OPTIONAL* commit configuration option ``Supported values``: yes or no ``Default value`` : yes :return: Returns "True" :rtype: bool """ return SslServices(device).conf_ssl_proxy_logging(*args, **kwargs)
def get_ssl_statistics(device=None, *args, **kwargs): """ Keyword to fetch ssl proxy statistics Example :- get_ssl_statistics(device=device, ) get_ssl_statistics(device=device, node="node0") get_ssl_statistics( pic="fpc1 pic1") Robot example :- get ssl statistics device=$(device) node="node0" :param str device: **REQUIRED** Handle of the device :param str node: *OPTIONAL* HA node selection ``Supported values``: node0 or node1 ``Default value`` : local :param str pic: *OPTIONAL* Pass pic value to fetch details for the respective pic alone ``Supported values``: "fpc1 pic0", "fpc2 pic1" etc as per requirement :return: Returns the dict object with values of each of the counters from statistics output :rtype: dict """ return SslServices(device).get_ssl_statistics(*args, **kwargs)
def conf_cert_cache_config(device=None, **kwargs): """ SSL session cache timeout configuration Example :- conf_cert_cache_config( device=device, cmd = "certificate-cache-timeout", timeout="300") conf_cert_cache_config(device=device, mode="delete", cmd = "certificate-cache-timeout", timeout="300") conf_cert_cache_config( device=device, cmd = "disable-cert-cache") conf_cert_cache_config(device=device, mode="delete", cmd = "disable-cert-cache") Robot example :- conf cert cache config device=$(device) cmd=certificate-cache-timeout timeout=300 conf cert cache config device=$(device) cmd=disable-cert-cache :param str device: **REQUIRED** Handle of the device :param str mode: *OPTIONAL* Device configuration mode ``Supported values``: set or delete ``Default value`` : set :param str cmd: **REQUIRED** cmd name mandatory argument to be passed :param str timeout: **REQUIRED** cache timeout for cert cache if cmd is certificate-cache-timeout ``Supported values``: 300 to 3600 seconds :param str commit: *OPTIONAL* commit configuration option ``Supported values``: yes or no ``Default value`` : yes :return: Returns "True" :rtype: bool """ return SslServices(device).conf_cert_cache_config(**kwargs)
def conf_ssl_proxy_scale(device=None, *args, **kwargs): """ Configuring SSL proxy in either client or server protection mode Example :- conf_ssl_proxy_scale(device=device_handle, sslplugin='forward_proxy', sslprofile='sslprofile', certidentifier='ssl-inspect-ca', whitelist_url="Enhanced_Financial_Data_and_Services Enhanced_Social_Web_Facebook", log="all", renegotiation="allow", resumption="disable", enable_flow_trace="true", trusted_ca_list='all', ignore_server_auth="true", ciphersuite='rsa-with-rc4-128-md5 rsa-with-rc4-128-sha', crlaction='if-not-present', ifnotpresent='allow', tls_version='all', count='250', commitcount='50' ) conf_ssl_proxy_scale(device=device_handle, sslprofile='sslprofile', mode='deLeTe') Robot example :- conf ssl proxy scale device=${handle} sslprofile='sslprofile' mode='delete' :param str device: **REQUIRED** Handle of the device :param str mode: *OPTIONAL* Device configuration mode ``Supported values``: set or delete ``Default value`` : set :param sslprofile: * REQUIRED * ssl proxy profile name :param str certidentifier: **REQUIRED** Certificate identifier a mandatory option to be passed :param str sslplugin: **REQUIRED** ssl plugin type selection ``Supported values``: forward_proxy or reverse_proxy :param str whitelist_url: *OPTIONAL* Configure whitelist url categories :param str whitelist: *OPTIONAL* Configure whitelist with global address book. Not mandatory when user wants delete complete whitelist configuration from profile :param str log: *OPTIONAL* log action configuration options: ``Supported values``: all Log all events errors Log all error events info Log all information events sessions-allowed Log ssl session allow events after error sessions-dropped Log only ssl session drop events sessions-ignored Log session ignore events sessions-whitelisted Log ssl session whitelist events warning Log all warning events :param str renegotiation: *OPTIONAL* renegotiation configuration options ``Supported values``: allow, allow-secure or drop :param str resumption: *OPTIONAL* disable resumption ``Supported values``: disable :param str enable_flow_trace: *OPTIONAL* Enable flow trace for the ssl profile ``Supported values``: True :param str trusted_ca_list: *OPTIONAL* trusted CAs list :param str ignore_server_auth: *OPTIONAL* Enabling ignore server certificate authentication ``Supported values``: True :param str ciphersuite: *OPTIONAL* cipher suite ``Supported values``: Values for preferred cipher suite medium Use ciphers with key strength of 128-bits or greater strong Use ciphers with key strength of 168-bits or greater weak Use ciphers with key strength of 40-bits or greater Values for custom cipher suite rsa-with-rc4-128-md5 RSA, 128bit rc4, md5 hash rsa-with-rc4-128-sha RSA, 128bit rc4, sha hash rsa-with-des-cbc-sha RSA, des cbc, sha hash rsa-with-3des-ede-cbc-sha RSA, 3des ede/cbc, sha hash rsa-with-aes-128-cbc-sha RSA, 128 bit aes/cbc, sha hash rsa-with-aes-256-cbc-sha RSA, 256 bit aes/cbc, sha hash rsa-export-with-rc4-40-md5 RSA-export, 40 bit rc4, md5 hash rsa-export-with-des40-cbc-sha RSA-export, 40 bit des/cbc, sha :param str crlaction: *OPTIONAL* crl action configuration options ``Supported values``: disable, if-not-present or ignore-hold-instruction-code :param str ifnotpresent: *OPTIONAL* if "if-not-present" action is parsed with crlaction then "if-not-present" argument is REQUIRED ``Supported values``: allow or drop :param str tls_version: *OPTIONAL* TLS version for ssl profile ``Supported values``: all, tls11, tls12 or tls1 :param str commit: *OPTIONAL* commit configuration option ``Supported values``: yes or no ``Default value`` : yes :param str count: *OPTIONAL* no of profiles to be configured ``Default value`` : 100 :param str commitcount: *OPTIONAL* iteration limit count to commit ``Default value`` : 25 :return: Returns "True" :rtype: bool """ return SslServices(device).conf_ssl_proxy_scale(*args, **kwargs)
def conf_ssl_init_profile(device=None, *args, **kwargs): """ Configuring SSL proxy in either client or server protection mode Example :- conf_ssl_init_profile(device=device, sslprofile='sslinit', certidentifier='ssl-inspect-ca', enable_flow_trace="TrUe", trusted_ca_list='all', ignore_server_auth="true", ciphersuite='rsa-with-rc4-128-md5 rsa-with-rc4-128-shA', crlaction='if-not-present', ifnotpresent='aLLow', tls_version='all', enable_session_cache='true' ) conf_ssl_init_profile(mode='delete', sslprofile='sslinit') Robot example :- conf ssl init profile sslprofile='sslinit' mode='delete' :param str device: **REQUIRED** Handle of the device :param str mode: *OPTIONAL* Device configuration mode ``Supported values``: set or delete ``Default value`` : set :param sslprofile: * REQUIRED * ssl proxy profile name :param str certidentifier: **REQUIRED** Certificate identifier a mandatory option to be passed :param str enable_flow_trace: *OPTIONAL* Enable flow trace for the ssl profile ``Supported values``: True :param str trusted_ca_list: *OPTIONAL* trusted CAs list :param str ignore_server_auth: *OPTIONAL* Enabling ignore server certificate authentication ``Supported values``: True :param str ciphersuite: *OPTIONAL* cipher suite ``Supported values``: Values for preferred cipher suite medium Use ciphers with key strength of 128-bits or greater strong Use ciphers with key strength of 168-bits or greater weak Use ciphers with key strength of 40-bits or greater Values for custom cipher suite rsa-with-rc4-128-md5 RSA, 128bit rc4, md5 hash rsa-with-rc4-128-sha RSA, 128bit rc4, sha hash rsa-with-des-cbc-sha RSA, des cbc, sha hash rsa-with-3des-ede-cbc-sha RSA, 3des ede/cbc, sha hash rsa-with-aes-128-cbc-sha RSA, 128 bit aes/cbc, sha hash rsa-with-aes-256-cbc-sha RSA, 256 bit aes/cbc, sha hash rsa-export-with-rc4-40-md5 RSA-export, 40 bit rc4, md5 hash rsa-export-with-des40-cbc-sha RSA-export, 40 bit des/cbc, sha :param str crlaction: *OPTIONAL* crl action configuration options ``Supported values``: disable, if-not-present or ignore-hold-instruction-code :param str ifnotpresent: *OPTIONAL* if "if-not-present" action is parsed with crlaction then "if-not-present" argument is REQUIRED ``Supported values``: allow or drop :param str tls_version: *OPTIONAL* TLS version for ssl profile ``Supported values``: all, tls11, tls12 or tls1 :param str enable_session_cache: *OPTIONAL* enable session cache ``Supported values``: true :param str commit: *OPTIONAL* commit configuration option ``Supported values``: yes or no ``Default value`` : yes """ return SslServices(device).conf_ssl_initiation(*args, **kwargs)