InlineLBClientSslProfile1
{
"cipher_group_label": "string",
"ciphers": [
"string"
],
"is_fips": false,
"is_secure": false,
"prefer_server_ciphers": false,
"protocols": [
"string"
],
"session_cache_enabled": false,
"session_cache_timeout": 0
}
It is a label of cipher group which is mostly consumed by GUI.
Supported SSL cipher list to client side.
This flag is set to true when all the ciphers and protocols are FIPS compliant. It is set to false when one of the ciphers or protocols are not FIPS compliant..
This flag is set to true when all the ciphers and protocols are secure. It is set to false when one of the ciphers or protocols is insecure.
During SSL handshake as part of the SSL client Hello client sends an ordered list of ciphers that it can support (or prefers) and typically server selects the first one from the top of that list it can also support. For Perfect Forward Secrecy(PFS), server could override the client's preference.
SSL versions TLS1.1 and TLS1.2 are supported and enabled by default. SSLv2, SSLv3, and TLS1.0 are supported, but disabled by default.
SSL session caching allows SSL client and server to reuse previously negotiated security parameters avoiding the expensive public key operation during handshake.
Session cache timeout specifies how long the SSL session parameters are held on to and can be reused.