LBHttpSslCondition

This condition is used to match SSL handshake and SSL connection at all phases.If multiple properties are configured, the rule is considered a match when all the configured properties are matched.


Properties

client_certificate_issuer_dn Optional

The issuer DN match condition of the client certificate for an established SSL connection.


client_certificate_subject_dn Optional

The subject DN match condition of the client certificate for an established SSL connection.


array of string
client_supported_ssl_ciphers Optional

Cipher list which supported by client.

Possible values are: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384TLS_ECDHE_RSA_WITH_AES_256_CBC_SHATLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHATLS_ECDH_ECDSA_WITH_AES_256_CBC_SHATLS_ECDH_RSA_WITH_AES_256_CBC_SHATLS_RSA_WITH_AES_256_CBC_SHATLS_RSA_WITH_AES_128_CBC_SHATLS_RSA_WITH_3DES_EDE_CBC_SHATLS_ECDHE_RSA_WITH_AES_128_CBC_SHATLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384TLS_RSA_WITH_AES_128_CBC_SHA256TLS_RSA_WITH_AES_128_GCM_SHA256TLS_RSA_WITH_AES_256_CBC_SHA256TLS_RSA_WITH_AES_256_GCM_SHA384TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHATLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHATLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384TLS_ECDH_RSA_WITH_AES_128_CBC_SHATLS_ECDH_RSA_WITH_AES_128_CBC_SHA256TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384


boolean
inverse Optional

A flag to indicate whether reverse the match result of this condition


string
session_reused Optional

The type of SSL session reused.

Possible values are: IGNOREREUSEDNEW


string
type Required

Type of load balancer rule condition

Possible values are: LBHttpRequestUriConditionLBHttpRequestHeaderConditionLBHttpRequestMethodConditionLBHttpRequestUriArgumentsConditionLBHttpRequestVersionConditionLBHttpRequestCookieConditionLBHttpRequestBodyConditionLBHttpResponseHeaderConditionLBTcpHeaderConditionLBIpHeaderConditionLBVariableConditionLBHttpSslCondition


string
used_protocol Optional

Protocol of an established SSL connection.

Possible values are: SSL_V2SSL_V3TLS_V1TLS_V1_1TLS_V1_2


string
used_ssl_cipher Optional

Cipher used for an established SSL connection.

Possible values are: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384TLS_ECDHE_RSA_WITH_AES_256_CBC_SHATLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHATLS_ECDH_ECDSA_WITH_AES_256_CBC_SHATLS_ECDH_RSA_WITH_AES_256_CBC_SHATLS_RSA_WITH_AES_256_CBC_SHATLS_RSA_WITH_AES_128_CBC_SHATLS_RSA_WITH_3DES_EDE_CBC_SHATLS_ECDHE_RSA_WITH_AES_128_CBC_SHATLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384TLS_RSA_WITH_AES_128_CBC_SHA256TLS_RSA_WITH_AES_128_GCM_SHA256TLS_RSA_WITH_AES_256_CBC_SHA256TLS_RSA_WITH_AES_256_GCM_SHA384TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHATLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHATLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384TLS_ECDH_RSA_WITH_AES_128_CBC_SHATLS_ECDH_RSA_WITH_AES_128_CBC_SHA256TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384

Extends

LBRuleCondition

JSON Example

{
    "type": "string"
}
Feedback

Was this page helpful?