Open matthew-on-git opened 6 years ago
I looked into it and you're correct.
Currently only supporting: cert, key, proxy_ssl, proxy_ssl_passthrough, ssl_forward_proxy, ssl_forward_proxy_bypass, peer_cert_mode, authenticate, retain_certificate, and authenticate_depth.
The rest of the properties to manage: https://devcentral.f5.com/Wiki/iControlREST.APIRef_tm_ltm_profile_client-ssl.ashx
@matthewmdn Thanks for your input. Property of 'ciphers' is not supported yet. There are 80+ parameters for client-side proxy SSL profile configuration, and it will take time to support all.
Above said, please help provide some details of your request: 1) list of properties/parameters requested (other than 'ciphers') 2) your use cases for each/all
With such, we can prioritize and plan it. thanks -Eric
I am trying to duplicate an ssl client profile that was manually created The relevant parameters are:
{Certificate Key Chain} under advanced configuration including;
These settings would allow me to create a profile with our certificates and allowed protocols/ciphers for SSL offloading. For now It looks like all the other parameters are inherited and don't need to be specified.
One other thing I didn't see mentioned is {Parent Profile} under general settings. If it automatically takes the default of [clientssl] when created, then I don't need to change it.
@matthewmdn I opened a PR #57 for the chain cert parameter.
Server Error: no parameter named 'ciphers'
Trying to get a new ssl client profile I made into puppet, but it doesn't seem like I can actually manage any real options. Is this correct or am I just missing something?