SslForwardProxyProfile¶
-
class
oci.network_firewall.models.
SslForwardProxyProfile
(**kwargs)¶ Bases:
oci.network_firewall.models.decryption_profile.DecryptionProfile
SSLForwardProxy used on the firewall policy rules.
Attributes
TYPE_SSL_FORWARD_PROXY
str(object=’’) -> str TYPE_SSL_INBOUND_INSPECTION
str(object=’’) -> str are_certificate_extensions_restricted
Gets the are_certificate_extensions_restricted of this SslForwardProxyProfile. is_auto_include_alt_name
Gets the is_auto_include_alt_name of this SslForwardProxyProfile. is_expired_certificate_blocked
Gets the is_expired_certificate_blocked of this SslForwardProxyProfile. is_out_of_capacity_blocked
Gets the is_out_of_capacity_blocked of this SslForwardProxyProfile. is_revocation_status_timeout_blocked
Gets the is_revocation_status_timeout_blocked of this SslForwardProxyProfile. is_unknown_revocation_status_blocked
Gets the is_unknown_revocation_status_blocked of this SslForwardProxyProfile. is_unsupported_cipher_blocked
Gets the is_unsupported_cipher_blocked of this SslForwardProxyProfile. is_unsupported_version_blocked
Gets the is_unsupported_version_blocked of this SslForwardProxyProfile. is_untrusted_issuer_blocked
Gets the is_untrusted_issuer_blocked of this SslForwardProxyProfile. name
[Required] Gets the name of this DecryptionProfile. parent_resource_id
[Required] Gets the parent_resource_id of this DecryptionProfile. type
[Required] Gets the type of this DecryptionProfile. Methods
__init__
(**kwargs)Initializes a new SslForwardProxyProfile object with values from keyword arguments. get_subtype
(object_dictionary)Given the hash representation of a subtype of this class, use the info in the hash to return the class of the subtype. -
TYPE_SSL_FORWARD_PROXY
= 'SSL_FORWARD_PROXY'¶
-
TYPE_SSL_INBOUND_INSPECTION
= 'SSL_INBOUND_INSPECTION'¶
-
__init__
(**kwargs)¶ Initializes a new SslForwardProxyProfile object with values from keyword arguments. The default value of the
type
attribute of this class isSSL_FORWARD_PROXY
and it should not be changed. The following keyword arguments are supported (corresponding to the getters/setters of this class):Parameters: - type (str) – The value to assign to the type property of this SslForwardProxyProfile. Allowed values for this property are: “SSL_INBOUND_INSPECTION”, “SSL_FORWARD_PROXY”
- name (str) – The value to assign to the name property of this SslForwardProxyProfile.
- parent_resource_id (str) – The value to assign to the parent_resource_id property of this SslForwardProxyProfile.
- is_expired_certificate_blocked (bool) – The value to assign to the is_expired_certificate_blocked property of this SslForwardProxyProfile.
- is_untrusted_issuer_blocked (bool) – The value to assign to the is_untrusted_issuer_blocked property of this SslForwardProxyProfile.
- is_revocation_status_timeout_blocked (bool) – The value to assign to the is_revocation_status_timeout_blocked property of this SslForwardProxyProfile.
- is_unsupported_version_blocked (bool) – The value to assign to the is_unsupported_version_blocked property of this SslForwardProxyProfile.
- is_unsupported_cipher_blocked (bool) – The value to assign to the is_unsupported_cipher_blocked property of this SslForwardProxyProfile.
- is_unknown_revocation_status_blocked (bool) – The value to assign to the is_unknown_revocation_status_blocked property of this SslForwardProxyProfile.
- are_certificate_extensions_restricted (bool) – The value to assign to the are_certificate_extensions_restricted property of this SslForwardProxyProfile.
- is_auto_include_alt_name (bool) – The value to assign to the is_auto_include_alt_name property of this SslForwardProxyProfile.
- is_out_of_capacity_blocked (bool) – The value to assign to the is_out_of_capacity_blocked property of this SslForwardProxyProfile.
-
are_certificate_extensions_restricted
¶ Gets the are_certificate_extensions_restricted of this SslForwardProxyProfile. Whether to block sessions if the server’s certificate uses extensions other than key usage and/or extended key usage.
Returns: The are_certificate_extensions_restricted of this SslForwardProxyProfile. Return type: bool
-
static
get_subtype
(object_dictionary)¶ Given the hash representation of a subtype of this class, use the info in the hash to return the class of the subtype.
-
is_auto_include_alt_name
¶ Gets the is_auto_include_alt_name of this SslForwardProxyProfile. Whether to automatically append SAN to impersonating certificate if server certificate is missing SAN.
Returns: The is_auto_include_alt_name of this SslForwardProxyProfile. Return type: bool
-
is_expired_certificate_blocked
¶ Gets the is_expired_certificate_blocked of this SslForwardProxyProfile. Whether to block sessions if server’s certificate is expired.
Returns: The is_expired_certificate_blocked of this SslForwardProxyProfile. Return type: bool
-
is_out_of_capacity_blocked
¶ Gets the is_out_of_capacity_blocked of this SslForwardProxyProfile. Whether to block sessions if the firewall is temporarily unable to decrypt their traffic.
Returns: The is_out_of_capacity_blocked of this SslForwardProxyProfile. Return type: bool
-
is_revocation_status_timeout_blocked
¶ Gets the is_revocation_status_timeout_blocked of this SslForwardProxyProfile. Whether to block sessions if the revocation status check for server’s certificate does not succeed within the maximum allowed time (defaulting to 5 seconds).
Returns: The is_revocation_status_timeout_blocked of this SslForwardProxyProfile. Return type: bool
-
is_unknown_revocation_status_blocked
¶ Gets the is_unknown_revocation_status_blocked of this SslForwardProxyProfile. Whether to block sessions if the revocation status check for server’s certificate results in “unknown”.
Returns: The is_unknown_revocation_status_blocked of this SslForwardProxyProfile. Return type: bool
-
is_unsupported_cipher_blocked
¶ Gets the is_unsupported_cipher_blocked of this SslForwardProxyProfile. Whether to block sessions if SSL cipher suite is not supported.
Returns: The is_unsupported_cipher_blocked of this SslForwardProxyProfile. Return type: bool
-
is_unsupported_version_blocked
¶ Gets the is_unsupported_version_blocked of this SslForwardProxyProfile. Whether to block sessions if SSL version is not supported.
Returns: The is_unsupported_version_blocked of this SslForwardProxyProfile. Return type: bool
-
is_untrusted_issuer_blocked
¶ Gets the is_untrusted_issuer_blocked of this SslForwardProxyProfile. Whether to block sessions if server’s certificate is issued by an untrusted certificate authority (CA).
Returns: The is_untrusted_issuer_blocked of this SslForwardProxyProfile. Return type: bool
-
name
¶ [Required] Gets the name of this DecryptionProfile. Unique Name of the decryption profile.
Returns: The name of this DecryptionProfile. Return type: str
-
parent_resource_id
¶ [Required] Gets the parent_resource_id of this DecryptionProfile. OCID of the Network Firewall Policy this decryption profile belongs to.
Returns: The parent_resource_id of this DecryptionProfile. Return type: str
-
type
¶ [Required] Gets the type of this DecryptionProfile. Describes the type of Decryption Profile SslForwardProxy or SslInboundInspection.
Allowed values for this property are: “SSL_INBOUND_INSPECTION”, “SSL_FORWARD_PROXY”, ‘UNKNOWN_ENUM_VALUE’. Any unrecognized values returned by a service will be mapped to ‘UNKNOWN_ENUM_VALUE’.
Returns: The type of this DecryptionProfile. Return type: str
-