sslfips
Configuration for fips resource.
Properties
(click to see Operations)
| Name | Data Type | Permissions | Description |
|---|---|---|---|
| inithsm | <String> | Read-write | FIPS initialization level. The appliance currently supports Level-2 (FIPS 140-2).<br>Possible values = Level-2 |
| sopassword | <String> | Read-write | Security officer password that will be in effect after you have configured the HSM.<br>Minimum length = 1 |
| oldsopassword | <String> | Read-write | Old password for the security officer.<br>Minimum length = 1 |
| userpassword | <String> | Read-write | The Hardware Security Modules (HSM) User password.<br>Minimum length = 1 |
| hsmlabel | <String> | Read-write | Label to identify the Hardware Security Module (HSM).<br>Minimum length = 1 |
| fipsfw | <String> | Read-write | FIPS firmware update.<br>Possible values = 4.6.1 |
| erasedata | <String> | Read-only | Erase data.<br>Default value: FIPS_ERASE<br>Minimum length = 1 |
| serial | <Integer> | Read-only | FIPS card serial number. |
| majorversion | <Integer> | Read-only | Firmware major version. |
| minorversion | <Integer> | Read-only | Firmware minor version. |
| fipshwmajorversion | <Integer> | Read-only | FIPS card hardware major version. |
| fipshwminorversion | <Integer> | Read-only | FIPS card hardware minor version. |
| fipshwversionstring | <String> | Read-only | FIPS card hardware extended version string. |
| flashmemorytotal | <Integer> | Read-only | Total size of the flash memory on card. |
| flashmemoryfree | <Integer> | Read-only | Total size of free flash memory. |
| sramtotal | <Integer> | Read-only | Total size of the SRAM memory on card. |
| sramfree | <Integer> | Read-only | Total size of free SRAM memory. |
| status | <Integer> | Read-only | Status. |
| flag | <Integer> | Read-only | Internal Flags. |
| serialno | <String> | Read-only | FIPS card serial number. |
| model | <String> | Read-only | FIPS card model info. |
| state | <Integer> | Read-only | FIPS card state. |
| firmwarereleasedate | <String> | Read-only | FIPS card firmware revision date. |
| coresmax | <Integer> | Read-only | Maximum number of crypto cores present in the FIPS card. |
| coresenabled | <Integer> | Read-only | Number of crypto cores enabled in the FIPS card. |
Operations
(click to see Properties)
UPDATE | UNSET | RESET | CHANGE | GET (ALL)
Some options that you can use for each operations:
Getting warnings in response: NITRO allows you to get warnings in an operation by specifying the "warning" query parameter as "yes". For example, to get warnings while connecting to the NetScaler appliance, the URL is as follows:
http://<netscaler-ip-address>/nitro/v1/config/login?warning=yes
If any, the warnings are displayed in the response payload with the HTTP code "209 X-NITRO-WARNING".
Authenticated access for individual NITRO operations: NITRO allows you to logon to the NetScaler appliance to perform individual operations. You can use this option instead of creating a NITRO session (using the login object) and then using that session to perform all operations,
To do this, you must specify the username and password in the request header of the NITRO request as follows:
X-NITRO-USER:<username>
X-NITRO-PASS:<password>
Note: In such cases, make sure that the request header DOES not include the following:
Cookie:NITRO_AUTH_TOKEN=<tokenvalue>
Note:
Mandatory parameters are marked in red and placeholder content is marked in <green>.
update
URL: http://<NSIP>/nitro/v1/config/
HTTP Method: PUT
Request Payload:
{
"params": {
"warning":<String_value>,
"onerror":<String_value>"
},
sessionid":"##sessionid",
"sslfips":{
"inithsm":<String_value>,
"sopassword":<String_value>,
"oldsopassword":<String_value>,
"userpassword":<String_value>,
"hsmlabel":<String_value>,
}}
Response Payload:
{ "errorcode": 0, "message": "Done", "severity":
unset
URL: http://<NSIP>/nitro/v1/config/
HTTP Method: POST
Request Payload:
object={
"params":{
"warning":<String_value>,
"onerror":<String_value>,
"action":"unset"
},
"sessionid":"##sessionid",
"sslfips":{
"hsmlabel":true,
}}
Response Payload:
{ "errorcode": 0, "message": "Done", "severity":
reset
URL: http://<NSIP>/nitro/v1/config/
HTTP Method: POST
Request Payload:
object={
"params":{
"warning":<String_value>,
"onerror":<String_value>,
"action":"reset"
},
"sessionid":"##sessionid",
"sslfips":{
}}
Response Payload:
{ "errorcode": 0, "message": "Done", "severity":
change
URL: http://<NSIP>/nitro/v1/config/
HTTP Method: POST
Request Payload:
object={
"params":{
"warning":<String_value>,
"onerror":<String_value>,
"action":"update"
},
"sessionid":"##sessionid",
"sslfips":{
"fipsfw":<String_value>,
}}
Response Payload:
{ "errorcode": 0, "message": "Done", "severity":
get (all)
URL: http://<NSIP>/nitro/v1/config/sslfips
HTTP Method: GET
Response Payload:
{ "errorcode": 0, "message": "Done", "severity": <String_value>, "sslfips": [ {
"inithsm":<String_value>,
"sopassword":<String_value>,
"userpassword":<String_value>,
"oldsopassword":<String_value>,
"erasedata":<String_value>,
"hsmlabel":<String_value>,
"serial":<Integer_value>,
"majorversion":<Integer_value>,
"minorversion":<Integer_value>,
"fipshwmajorversion":<Integer_value>,
"fipshwminorversion":<Integer_value>,
"fipshwversionstring":<String_value>,
"flashmemorytotal":<Integer_value>,
"flashmemoryfree":<Integer_value>,
"sramtotal":<Integer_value>,
"sramfree":<Integer_value>,
"status":<Integer_value>,
"flag":<Integer_value>,
"serialno":<String_value>,
"model":<String_value>,
"state":<Integer_value>,
"firmwarereleasedate":<String_value>,
"coresmax":<Integer_value>,
"coresenabled":<Integer_value>
}]}