SslForwardProxyProfile

class oci.network_firewall.models.SslForwardProxyProfile(**kwargs)

Bases: oci.network_firewall.models.decryption_profile.DecryptionProfile

SSLForwardProxy used on the firewall policy rules.

Attributes

TYPE_SSL_FORWARD_PROXY str(object=’’) -> str
TYPE_SSL_INBOUND_INSPECTION str(object=’’) -> str
are_certificate_extensions_restricted Gets the are_certificate_extensions_restricted of this SslForwardProxyProfile.
is_auto_include_alt_name Gets the is_auto_include_alt_name of this SslForwardProxyProfile.
is_expired_certificate_blocked Gets the is_expired_certificate_blocked of this SslForwardProxyProfile.
is_out_of_capacity_blocked Gets the is_out_of_capacity_blocked of this SslForwardProxyProfile.
is_revocation_status_timeout_blocked Gets the is_revocation_status_timeout_blocked of this SslForwardProxyProfile.
is_unknown_revocation_status_blocked Gets the is_unknown_revocation_status_blocked of this SslForwardProxyProfile.
is_unsupported_cipher_blocked Gets the is_unsupported_cipher_blocked of this SslForwardProxyProfile.
is_unsupported_version_blocked Gets the is_unsupported_version_blocked of this SslForwardProxyProfile.
is_untrusted_issuer_blocked Gets the is_untrusted_issuer_blocked of this SslForwardProxyProfile.
name [Required] Gets the name of this DecryptionProfile.
parent_resource_id [Required] Gets the parent_resource_id of this DecryptionProfile.
type [Required] Gets the type of this DecryptionProfile.

Methods

__init__(**kwargs) Initializes a new SslForwardProxyProfile object with values from keyword arguments.
get_subtype(object_dictionary) Given the hash representation of a subtype of this class, use the info in the hash to return the class of the subtype.
TYPE_SSL_FORWARD_PROXY = 'SSL_FORWARD_PROXY'
TYPE_SSL_INBOUND_INSPECTION = 'SSL_INBOUND_INSPECTION'
__init__(**kwargs)

Initializes a new SslForwardProxyProfile object with values from keyword arguments. The default value of the type attribute of this class is SSL_FORWARD_PROXY and it should not be changed. The following keyword arguments are supported (corresponding to the getters/setters of this class):

Parameters:
  • type (str) – The value to assign to the type property of this SslForwardProxyProfile. Allowed values for this property are: “SSL_INBOUND_INSPECTION”, “SSL_FORWARD_PROXY”
  • name (str) – The value to assign to the name property of this SslForwardProxyProfile.
  • parent_resource_id (str) – The value to assign to the parent_resource_id property of this SslForwardProxyProfile.
  • is_expired_certificate_blocked (bool) – The value to assign to the is_expired_certificate_blocked property of this SslForwardProxyProfile.
  • is_untrusted_issuer_blocked (bool) – The value to assign to the is_untrusted_issuer_blocked property of this SslForwardProxyProfile.
  • is_revocation_status_timeout_blocked (bool) – The value to assign to the is_revocation_status_timeout_blocked property of this SslForwardProxyProfile.
  • is_unsupported_version_blocked (bool) – The value to assign to the is_unsupported_version_blocked property of this SslForwardProxyProfile.
  • is_unsupported_cipher_blocked (bool) – The value to assign to the is_unsupported_cipher_blocked property of this SslForwardProxyProfile.
  • is_unknown_revocation_status_blocked (bool) – The value to assign to the is_unknown_revocation_status_blocked property of this SslForwardProxyProfile.
  • are_certificate_extensions_restricted (bool) – The value to assign to the are_certificate_extensions_restricted property of this SslForwardProxyProfile.
  • is_auto_include_alt_name (bool) – The value to assign to the is_auto_include_alt_name property of this SslForwardProxyProfile.
  • is_out_of_capacity_blocked (bool) – The value to assign to the is_out_of_capacity_blocked property of this SslForwardProxyProfile.
are_certificate_extensions_restricted

Gets the are_certificate_extensions_restricted of this SslForwardProxyProfile. Whether to block sessions if the server’s certificate uses extensions other than key usage and/or extended key usage.

Returns:The are_certificate_extensions_restricted of this SslForwardProxyProfile.
Return type:bool
static get_subtype(object_dictionary)

Given the hash representation of a subtype of this class, use the info in the hash to return the class of the subtype.

is_auto_include_alt_name

Gets the is_auto_include_alt_name of this SslForwardProxyProfile. Whether to automatically append SAN to impersonating certificate if server certificate is missing SAN.

Returns:The is_auto_include_alt_name of this SslForwardProxyProfile.
Return type:bool
is_expired_certificate_blocked

Gets the is_expired_certificate_blocked of this SslForwardProxyProfile. Whether to block sessions if server’s certificate is expired.

Returns:The is_expired_certificate_blocked of this SslForwardProxyProfile.
Return type:bool
is_out_of_capacity_blocked

Gets the is_out_of_capacity_blocked of this SslForwardProxyProfile. Whether to block sessions if the firewall is temporarily unable to decrypt their traffic.

Returns:The is_out_of_capacity_blocked of this SslForwardProxyProfile.
Return type:bool
is_revocation_status_timeout_blocked

Gets the is_revocation_status_timeout_blocked of this SslForwardProxyProfile. Whether to block sessions if the revocation status check for server’s certificate does not succeed within the maximum allowed time (defaulting to 5 seconds).

Returns:The is_revocation_status_timeout_blocked of this SslForwardProxyProfile.
Return type:bool
is_unknown_revocation_status_blocked

Gets the is_unknown_revocation_status_blocked of this SslForwardProxyProfile. Whether to block sessions if the revocation status check for server’s certificate results in “unknown”.

Returns:The is_unknown_revocation_status_blocked of this SslForwardProxyProfile.
Return type:bool
is_unsupported_cipher_blocked

Gets the is_unsupported_cipher_blocked of this SslForwardProxyProfile. Whether to block sessions if SSL cipher suite is not supported.

Returns:The is_unsupported_cipher_blocked of this SslForwardProxyProfile.
Return type:bool
is_unsupported_version_blocked

Gets the is_unsupported_version_blocked of this SslForwardProxyProfile. Whether to block sessions if SSL version is not supported.

Returns:The is_unsupported_version_blocked of this SslForwardProxyProfile.
Return type:bool
is_untrusted_issuer_blocked

Gets the is_untrusted_issuer_blocked of this SslForwardProxyProfile. Whether to block sessions if server’s certificate is issued by an untrusted certificate authority (CA).

Returns:The is_untrusted_issuer_blocked of this SslForwardProxyProfile.
Return type:bool
name

[Required] Gets the name of this DecryptionProfile. Unique Name of the decryption profile.

Returns:The name of this DecryptionProfile.
Return type:str
parent_resource_id

[Required] Gets the parent_resource_id of this DecryptionProfile. OCID of the Network Firewall Policy this decryption profile belongs to.

Returns:The parent_resource_id of this DecryptionProfile.
Return type:str
type

[Required] Gets the type of this DecryptionProfile. Describes the type of Decryption Profile SslForwardProxy or SslInboundInspection.

Allowed values for this property are: “SSL_INBOUND_INSPECTION”, “SSL_FORWARD_PROXY”, ‘UNKNOWN_ENUM_VALUE’. Any unrecognized values returned by a service will be mapped to ‘UNKNOWN_ENUM_VALUE’.

Returns:The type of this DecryptionProfile.
Return type:str