SslForwardProxyProfile¶

class oci.network_firewall.models.SslForwardProxyProfile(**kwargs)¶

Bases: oci.network_firewall.models.decryption_profile.DecryptionProfile

SSLForwardProxy used on the firewall policy rules.

Attributes

`TYPE_SSL_FORWARD_PROXY`	str(object=’’) -> str
`TYPE_SSL_INBOUND_INSPECTION`	str(object=’’) -> str
`are_certificate_extensions_restricted`	[Required] Gets the are_certificate_extensions_restricted of this SslForwardProxyProfile.
`is_auto_include_alt_name`	[Required] Gets the is_auto_include_alt_name of this SslForwardProxyProfile.
`is_expired_certificate_blocked`	[Required] Gets the is_expired_certificate_blocked of this SslForwardProxyProfile.
`is_out_of_capacity_blocked`	[Required] Gets the is_out_of_capacity_blocked of this SslForwardProxyProfile.
`is_revocation_status_timeout_blocked`	[Required] Gets the is_revocation_status_timeout_blocked of this SslForwardProxyProfile.
`is_unknown_revocation_status_blocked`	[Required] Gets the is_unknown_revocation_status_blocked of this SslForwardProxyProfile.
`is_unsupported_cipher_blocked`	[Required] Gets the is_unsupported_cipher_blocked of this SslForwardProxyProfile.
`is_unsupported_version_blocked`	[Required] Gets the is_unsupported_version_blocked of this SslForwardProxyProfile.
`is_untrusted_issuer_blocked`	[Required] Gets the is_untrusted_issuer_blocked of this SslForwardProxyProfile.
`type`	[Required] Gets the type of this DecryptionProfile.

Methods

`__init__`(**kwargs)	Initializes a new SslForwardProxyProfile object with values from keyword arguments.
`get_subtype`(object_dictionary)	Given the hash representation of a subtype of this class, use the info in the hash to return the class of the subtype.

TYPE_SSL_FORWARD_PROXY = 'SSL_FORWARD_PROXY'¶

TYPE_SSL_INBOUND_INSPECTION = 'SSL_INBOUND_INSPECTION'¶

__init__(**kwargs)¶

Initializes a new SslForwardProxyProfile object with values from keyword arguments. The default value of the type attribute of this class is SSL_FORWARD_PROXY and it should not be changed. The following keyword arguments are supported (corresponding to the getters/setters of this class):

Parameters:

type (str) – The value to assign to the type property of this SslForwardProxyProfile. Allowed values for this property are: “SSL_INBOUND_INSPECTION”, “SSL_FORWARD_PROXY”
is_expired_certificate_blocked (bool) – The value to assign to the is_expired_certificate_blocked property of this SslForwardProxyProfile.
is_untrusted_issuer_blocked (bool) – The value to assign to the is_untrusted_issuer_blocked property of this SslForwardProxyProfile.
is_revocation_status_timeout_blocked (bool) – The value to assign to the is_revocation_status_timeout_blocked property of this SslForwardProxyProfile.
is_unsupported_version_blocked (bool) – The value to assign to the is_unsupported_version_blocked property of this SslForwardProxyProfile.
is_unsupported_cipher_blocked (bool) – The value to assign to the is_unsupported_cipher_blocked property of this SslForwardProxyProfile.
is_unknown_revocation_status_blocked (bool) – The value to assign to the is_unknown_revocation_status_blocked property of this SslForwardProxyProfile.
are_certificate_extensions_restricted (bool) – The value to assign to the are_certificate_extensions_restricted property of this SslForwardProxyProfile.
is_auto_include_alt_name (bool) – The value to assign to the is_auto_include_alt_name property of this SslForwardProxyProfile.
is_out_of_capacity_blocked (bool) – The value to assign to the is_out_of_capacity_blocked property of this SslForwardProxyProfile.

are_certificate_extensions_restricted¶

[Required] Gets the are_certificate_extensions_restricted of this SslForwardProxyProfile. Whether to block sessions if the server’s certificate uses extensions other than key usage and/or extended key usage.

Returns:	The are_certificate_extensions_restricted of this SslForwardProxyProfile.
Return type:	bool

static get_subtype(object_dictionary)¶: Given the hash representation of a subtype of this class, use the info in the hash to return the class of the subtype.

is_auto_include_alt_name¶

[Required] Gets the is_auto_include_alt_name of this SslForwardProxyProfile. Whether to automatically append SAN to impersonating certificate if server certificate is missing SAN.

Returns:	The is_auto_include_alt_name of this SslForwardProxyProfile.
Return type:	bool

is_expired_certificate_blocked¶

[Required] Gets the is_expired_certificate_blocked of this SslForwardProxyProfile. Whether to block sessions if server’s certificate is expired.

Returns:	The is_expired_certificate_blocked of this SslForwardProxyProfile.
Return type:	bool

is_out_of_capacity_blocked¶

[Required] Gets the is_out_of_capacity_blocked of this SslForwardProxyProfile. Whether to block sessions if the firewall is temporarily unable to decrypt their traffic.

Returns:	The is_out_of_capacity_blocked of this SslForwardProxyProfile.
Return type:	bool

is_revocation_status_timeout_blocked¶

[Required] Gets the is_revocation_status_timeout_blocked of this SslForwardProxyProfile. Whether to block sessions if the revocation status check for server’s certificate does not succeed within the maximum allowed time (defaulting to 5 seconds).

Returns:	The is_revocation_status_timeout_blocked of this SslForwardProxyProfile.
Return type:	bool

is_unknown_revocation_status_blocked¶

[Required] Gets the is_unknown_revocation_status_blocked of this SslForwardProxyProfile. Whether to block sessions if the revocation status check for server’s certificate results in “unknown”.

Returns:	The is_unknown_revocation_status_blocked of this SslForwardProxyProfile.
Return type:	bool

is_unsupported_cipher_blocked¶

[Required] Gets the is_unsupported_cipher_blocked of this SslForwardProxyProfile. Whether to block sessions if SSL cipher suite is not supported.

Returns:	The is_unsupported_cipher_blocked of this SslForwardProxyProfile.
Return type:	bool

is_unsupported_version_blocked¶

[Required] Gets the is_unsupported_version_blocked of this SslForwardProxyProfile. Whether to block sessions if SSL version is not supported.

Returns:	The is_unsupported_version_blocked of this SslForwardProxyProfile.
Return type:	bool

is_untrusted_issuer_blocked¶

[Required] Gets the is_untrusted_issuer_blocked of this SslForwardProxyProfile. Whether to block sessions if server’s certificate is issued by an untrusted certificate authority (CA).

Returns:	The is_untrusted_issuer_blocked of this SslForwardProxyProfile.
Return type:	bool

type¶

[Required] Gets the type of this DecryptionProfile. Describes the type of Decryption Profile SslForwardProxy or SslInboundInspection.

Allowed values for this property are: “SSL_INBOUND_INSPECTION”, “SSL_FORWARD_PROXY”, ‘UNKNOWN_ENUM_VALUE’. Any unrecognized values returned by a service will be mapped to ‘UNKNOWN_ENUM_VALUE’.

Returns:	The type of this DecryptionProfile.
Return type:	str