Class: OCI::LoadBalancer::Models::SSLConfiguration
- Inherits:
-
Object
- Object
- OCI::LoadBalancer::Models::SSLConfiguration
- Defined in:
- lib/oci/load_balancer/models/ssl_configuration.rb
Overview
A listener's SSL handling configuration.
To use SSL, a listener must be associated with a Certificate.
Warning: Oracle recommends that you avoid using any confidential information when you supply string values using the API.
Constant Summary collapse
- SERVER_ORDER_PREFERENCE_ENUM =
[ SERVER_ORDER_PREFERENCE_ENABLED = 'ENABLED'.freeze, SERVER_ORDER_PREFERENCE_DISABLED = 'DISABLED'.freeze, SERVER_ORDER_PREFERENCE_UNKNOWN_ENUM_VALUE = 'UNKNOWN_ENUM_VALUE'.freeze ].freeze
Instance Attribute Summary collapse
-
#certificate_ids ⇒ Array<String>
Ids for OCI certificates service certificates.
-
#certificate_name ⇒ String
A friendly name for the certificate bundle.
-
#cipher_suite_name ⇒ String
The name of the cipher suite to use for HTTPS or SSL connections.
-
#protocols ⇒ Array<String>
A list of SSL protocols the load balancer must support for HTTPS or SSL connections.
-
#server_order_preference ⇒ String
When this attribute is set to ENABLED, the system gives preference to the server ciphers over the client ciphers.
-
#trusted_certificate_authority_ids ⇒ Array<String>
Ids for OCI certificates service CA or CA bundles for the load balancer to trust.
-
#verify_depth ⇒ Integer
[Required] The maximum depth for peer certificate chain verification.
-
#verify_peer_certificate ⇒ BOOLEAN
[Required] Whether the load balancer listener should verify peer certificates.
Class Method Summary collapse
-
.attribute_map ⇒ Object
Attribute mapping from ruby-style variable name to JSON key.
-
.swagger_types ⇒ Object
Attribute type mapping.
Instance Method Summary collapse
-
#==(other) ⇒ Object
Checks equality by comparing each attribute.
-
#build_from_hash(attributes) ⇒ Object
Builds the object from hash.
- #eql?(other) ⇒ Boolean
-
#hash ⇒ Fixnum
Calculates hash code according to all attributes.
-
#initialize(attributes = {}) ⇒ SSLConfiguration
constructor
Initializes the object.
-
#to_hash ⇒ Hash
Returns the object in the form of hash.
-
#to_s ⇒ String
Returns the string representation of the object.
Constructor Details
#initialize(attributes = {}) ⇒ SSLConfiguration
Initializes the object
173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 |
# File 'lib/oci/load_balancer/models/ssl_configuration.rb', line 173 def initialize(attributes = {}) return unless attributes.is_a?(Hash) # convert string to symbol for hash key attributes = attributes.each_with_object({}) { |(k, v), h| h[k.to_sym] = v } self.verify_depth = attributes[:'verifyDepth'] if attributes[:'verifyDepth'] raise 'You cannot provide both :verifyDepth and :verify_depth' if attributes.key?(:'verifyDepth') && attributes.key?(:'verify_depth') self.verify_depth = attributes[:'verify_depth'] if attributes[:'verify_depth'] self.verify_peer_certificate = attributes[:'verifyPeerCertificate'] unless attributes[:'verifyPeerCertificate'].nil? self.verify_peer_certificate = false if verify_peer_certificate.nil? && !attributes.key?(:'verifyPeerCertificate') # rubocop:disable Style/StringLiterals raise 'You cannot provide both :verifyPeerCertificate and :verify_peer_certificate' if attributes.key?(:'verifyPeerCertificate') && attributes.key?(:'verify_peer_certificate') self.verify_peer_certificate = attributes[:'verify_peer_certificate'] unless attributes[:'verify_peer_certificate'].nil? self.verify_peer_certificate = false if verify_peer_certificate.nil? && !attributes.key?(:'verifyPeerCertificate') && !attributes.key?(:'verify_peer_certificate') # rubocop:disable Style/StringLiterals self. = attributes[:'trustedCertificateAuthorityIds'] if attributes[:'trustedCertificateAuthorityIds'] raise 'You cannot provide both :trustedCertificateAuthorityIds and :trusted_certificate_authority_ids' if attributes.key?(:'trustedCertificateAuthorityIds') && attributes.key?(:'trusted_certificate_authority_ids') self. = attributes[:'trusted_certificate_authority_ids'] if attributes[:'trusted_certificate_authority_ids'] self.certificate_ids = attributes[:'certificateIds'] if attributes[:'certificateIds'] raise 'You cannot provide both :certificateIds and :certificate_ids' if attributes.key?(:'certificateIds') && attributes.key?(:'certificate_ids') self.certificate_ids = attributes[:'certificate_ids'] if attributes[:'certificate_ids'] self.certificate_name = attributes[:'certificateName'] if attributes[:'certificateName'] raise 'You cannot provide both :certificateName and :certificate_name' if attributes.key?(:'certificateName') && attributes.key?(:'certificate_name') self.certificate_name = attributes[:'certificate_name'] if attributes[:'certificate_name'] self.server_order_preference = attributes[:'serverOrderPreference'] if attributes[:'serverOrderPreference'] self.server_order_preference = "ENABLED" if server_order_preference.nil? && !attributes.key?(:'serverOrderPreference') # rubocop:disable Style/StringLiterals raise 'You cannot provide both :serverOrderPreference and :server_order_preference' if attributes.key?(:'serverOrderPreference') && attributes.key?(:'server_order_preference') self.server_order_preference = attributes[:'server_order_preference'] if attributes[:'server_order_preference'] self.server_order_preference = "ENABLED" if server_order_preference.nil? && !attributes.key?(:'serverOrderPreference') && !attributes.key?(:'server_order_preference') # rubocop:disable Style/StringLiterals self.cipher_suite_name = attributes[:'cipherSuiteName'] if attributes[:'cipherSuiteName'] self.cipher_suite_name = "oci-default-ssl-cipher-suite-v1" if cipher_suite_name.nil? && !attributes.key?(:'cipherSuiteName') # rubocop:disable Style/StringLiterals raise 'You cannot provide both :cipherSuiteName and :cipher_suite_name' if attributes.key?(:'cipherSuiteName') && attributes.key?(:'cipher_suite_name') self.cipher_suite_name = attributes[:'cipher_suite_name'] if attributes[:'cipher_suite_name'] self.cipher_suite_name = "oci-default-ssl-cipher-suite-v1" if cipher_suite_name.nil? && !attributes.key?(:'cipherSuiteName') && !attributes.key?(:'cipher_suite_name') # rubocop:disable Style/StringLiterals self.protocols = attributes[:'protocols'] if attributes[:'protocols'] end |
Instance Attribute Details
#certificate_ids ⇒ Array<String>
Ids for OCI certificates service certificates. Currently only a single Id may be passed.
Example: [ocid1.certificate.oc1.us-ashburn-1.amaaaaaaav3bgsaa5o2q7rh5nfmkkukfkogasqhk6af2opufhjlqg7m6jqzq]
49 50 51 |
# File 'lib/oci/load_balancer/models/ssl_configuration.rb', line 49 def certificate_ids @certificate_ids end |
#certificate_name ⇒ String
A friendly name for the certificate bundle. It must be unique and it cannot be changed. Valid certificate bundle names include only alphanumeric characters, dashes, and underscores. Certificate bundle names cannot contain spaces. Avoid entering confidential information.
Example: example_certificate_bundle
58 59 60 |
# File 'lib/oci/load_balancer/models/ssl_configuration.rb', line 58 def certificate_name @certificate_name end |
#cipher_suite_name ⇒ String
The name of the cipher suite to use for HTTPS or SSL connections.
If this field is not specified, the default is oci-default-ssl-cipher-suite-v1
.
Notes:
-
You must ensure compatibility between the specified SSL protocols and the ciphers configured in the cipher suite. Clients cannot perform an SSL handshake if there is an incompatible configuration.
-
You must ensure compatibility between the ciphers configured in the cipher suite and the configured certificates. For example, RSA-based ciphers require RSA certificates and ECDSA-based ciphers require ECDSA certificates.
-
If the cipher configuration is not modified after load balancer creation, the
GET
operation returnsoci-default-ssl-cipher-suite-v1
as the value of this field in the SSL configuration for existing listeners that predate this feature. -
If the cipher configuration was modified using Oracle operations after load balancer creation, the
GET
operation returnsoci-customized-ssl-cipher-suite
as the value of this field in the SSL configuration for existing listeners that predate this feature. -
The
GET
operation returnsoci-wider-compatible-ssl-cipher-suite-v1
as the value of this field in the SSL configuration for existing backend sets that predate this feature. -
If the
GET
operation on a listener returnsoci-customized-ssl-cipher-suite
as the value of this field, you must specify an appropriate predefined or custom cipher suite name when updating the resource. -
The
oci-customized-ssl-cipher-suite
Oracle reserved cipher suite name is not accepted as valid input for this field.
example: example_cipher_suite
96 97 98 |
# File 'lib/oci/load_balancer/models/ssl_configuration.rb', line 96 def cipher_suite_name @cipher_suite_name end |
#protocols ⇒ Array<String>
A list of SSL protocols the load balancer must support for HTTPS or SSL connections.
The load balancer uses SSL protocols to establish a secure connection between a client and a server. A secure connection ensures that all data passed between the client and the server is private.
The Load Balancing service supports the following protocols:
-
TLSv1
-
TLSv1.1
-
TLSv1.2
-
TLSv1.3
If this field is not specified, TLSv1.2 is the default.
Warning: All SSL listeners created on a given port must use the same set of SSL protocols.
Notes:
-
The handshake to establish an SSL connection fails if the client supports none of the specified protocols.
-
You must ensure compatibility between the specified SSL protocols and the ciphers configured in the cipher suite.
-
For all existing load balancer listeners and backend sets that predate this feature, the
GET
operation displays a list of SSL protocols currently used by those resources.
example: [\"TLSv1.1\", \"TLSv1.2\"]
125 126 127 |
# File 'lib/oci/load_balancer/models/ssl_configuration.rb', line 125 def protocols @protocols end |
#server_order_preference ⇒ String
When this attribute is set to ENABLED, the system gives preference to the server ciphers over the client ciphers.
Note: This configuration is applicable only when the load balancer is acting as an SSL/HTTPS server. This field is ignored when the SSLConfiguration
object is associated with a backend set.
67 68 69 |
# File 'lib/oci/load_balancer/models/ssl_configuration.rb', line 67 def server_order_preference @server_order_preference end |
#trusted_certificate_authority_ids ⇒ Array<String>
Ids for OCI certificates service CA or CA bundles for the load balancer to trust.
Example: [ocid1.cabundle.oc1.us-ashburn-1.amaaaaaaav3bgsaagl4zzyqdop5i2vuwoqewdvauuw34llqa74otq2jdsfyq]
42 43 44 |
# File 'lib/oci/load_balancer/models/ssl_configuration.rb', line 42 def @trusted_certificate_authority_ids end |
#verify_depth ⇒ Integer
[Required] The maximum depth for peer certificate chain verification.
Example: 3
28 29 30 |
# File 'lib/oci/load_balancer/models/ssl_configuration.rb', line 28 def verify_depth @verify_depth end |
#verify_peer_certificate ⇒ BOOLEAN
[Required] Whether the load balancer listener should verify peer certificates.
Example: true
35 36 37 |
# File 'lib/oci/load_balancer/models/ssl_configuration.rb', line 35 def verify_peer_certificate @verify_peer_certificate end |
Class Method Details
.attribute_map ⇒ Object
Attribute mapping from ruby-style variable name to JSON key.
128 129 130 131 132 133 134 135 136 137 138 139 140 141 |
# File 'lib/oci/load_balancer/models/ssl_configuration.rb', line 128 def self.attribute_map { # rubocop:disable Style/SymbolLiteral 'verify_depth': :'verifyDepth', 'verify_peer_certificate': :'verifyPeerCertificate', 'trusted_certificate_authority_ids': :'trustedCertificateAuthorityIds', 'certificate_ids': :'certificateIds', 'certificate_name': :'certificateName', 'server_order_preference': :'serverOrderPreference', 'cipher_suite_name': :'cipherSuiteName', 'protocols': :'protocols' # rubocop:enable Style/SymbolLiteral } end |
.swagger_types ⇒ Object
Attribute type mapping.
144 145 146 147 148 149 150 151 152 153 154 155 156 157 |
# File 'lib/oci/load_balancer/models/ssl_configuration.rb', line 144 def self.swagger_types { # rubocop:disable Style/SymbolLiteral 'verify_depth': :'Integer', 'verify_peer_certificate': :'BOOLEAN', 'trusted_certificate_authority_ids': :'Array<String>', 'certificate_ids': :'Array<String>', 'certificate_name': :'String', 'server_order_preference': :'String', 'cipher_suite_name': :'String', 'protocols': :'Array<String>' # rubocop:enable Style/SymbolLiteral } end |
Instance Method Details
#==(other) ⇒ Object
Checks equality by comparing each attribute.
250 251 252 253 254 255 256 257 258 259 260 261 262 |
# File 'lib/oci/load_balancer/models/ssl_configuration.rb', line 250 def ==(other) return true if equal?(other) self.class == other.class && verify_depth == other.verify_depth && verify_peer_certificate == other.verify_peer_certificate && == other. && certificate_ids == other.certificate_ids && certificate_name == other.certificate_name && server_order_preference == other.server_order_preference && cipher_suite_name == other.cipher_suite_name && protocols == other.protocols end |
#build_from_hash(attributes) ⇒ Object
Builds the object from hash
287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 |
# File 'lib/oci/load_balancer/models/ssl_configuration.rb', line 287 def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) self.class.swagger_types.each_pair do |key, type| if type =~ /^Array<(.*)>/i # check to ensure the input is an array given that the the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) public_method("#{key}=").call( attributes[self.class.attribute_map[key]] .map { |v| OCI::Internal::Util.convert_to_type(Regexp.last_match(1), v) } ) end elsif !attributes[self.class.attribute_map[key]].nil? public_method("#{key}=").call( OCI::Internal::Util.convert_to_type(type, attributes[self.class.attribute_map[key]]) ) end # or else data not found in attributes(hash), not an issue as the data can be optional end self end |
#eql?(other) ⇒ Boolean
267 268 269 |
# File 'lib/oci/load_balancer/models/ssl_configuration.rb', line 267 def eql?(other) self == other end |
#hash ⇒ Fixnum
Calculates hash code according to all attributes.
276 277 278 |
# File 'lib/oci/load_balancer/models/ssl_configuration.rb', line 276 def hash [verify_depth, verify_peer_certificate, , certificate_ids, certificate_name, server_order_preference, cipher_suite_name, protocols].hash end |
#to_hash ⇒ Hash
Returns the object in the form of hash
320 321 322 323 324 325 326 327 328 329 |
# File 'lib/oci/load_balancer/models/ssl_configuration.rb', line 320 def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = public_method(attr).call next if value.nil? && !instance_variable_defined?("@#{attr}") hash[param] = _to_hash(value) end hash end |
#to_s ⇒ String
Returns the string representation of the object
314 315 316 |
# File 'lib/oci/load_balancer/models/ssl_configuration.rb', line 314 def to_s to_hash.to_s end |