InlineCustomPolicyLbVirtualServer1
{
"app_protocol": "string",
"client_ssl_certificate_ids": [
"string"
],
"client_ssl_settings": "string",
"default_client_ssl_certificate_id": "string",
"server_auth_ca_certificate_ids": [
"string"
],
"server_ssl_settings": "string"
}
As the custom type allows for more complex settings than the simplified PolicyLbVirtualServer types, also specify the desired protocol for receiving all client connections.
Client-side SSL profile binding allows multiple certificates, for different hostnames, to be bound to the same virtual server. The setting is used when load balancer acts as an SSL server and terminating the client SSL connection
Security settings representing various security settings when the VirtualServer acts as an SSL server
- BASE_SECURE_111317
- MODERATE_SECURE_111317
- HIGH_SECURE_111317
The setting is used when load balancer acts as an SSL server and terminating the client SSL connection. A default certificate should be specified which will be used if the server does not host multiple hostnames on the same IP address or if the client does not support SNI extension.
To support client authentication (load balancer acting as a client authenticating to the backend server), server_ssl_certificate_id can be specified. When supplied, the backend server certificate must be signed by one of the trusted Certificate Authorities (CAs), also referred to as root CAs, whose self signed certificates are specified. This setting is only applicable for L7 protocols and will be rejected in combination with TCP or UDP.
Indicates whether to enable server side SSL. Server side SSL will be enabled when a specific security setting is selected. The selected security setting or profile represents various configurations related to SSL when the VirtualServer acts as a client connecting over SSL to the backend server. This setting is only applicable for L7 protocols and will be rejected in combination with TCP or UDP.
- BASE_SECURE_111317
- MODERATE_SECURE_111317
- HIGH_SECURE_111317
- DISABLED