HTTPS Service Properties

The HTTPS service supports properties for configuring browser session behavior and HTTPS security settings.

Table 16-2 HTTPS Service Properties: General Settings

Property	Type	Description
<status>	string	Current HTTPS service state.
tls_version	list	SSL/TLS protocol versions enabled for HTTPS connections.
ciphers	list	Cipher suites enabled for HTTPS connections.
permit_root_login	boolean	Specifies whether the root user can log in through HTTPS.
session_timeout	number	Number of seconds until the browser session automatically logs out after user inactivity or after the user navigates away from the BUI. Default: 900.
hsts_enable	boolean	Enables or disables HTTP Strict Transport Security.
hsts_max_age	number	Specifies the HTTP Strict Transport Security maximum age value, in seconds.

Table 16-3 HTTPS Service Properties: SSO Settings

Property	Type	Description
sso_enabled	boolean	Enables or disables Single Sign-On authentication to the BUI.
sso_attr_ldapuser	string	SAML attribute used to identify the LDAP user for Single Sign-On authentication.
sso_sp_cert	string	UUID of the system certificate used for securing the communication between the ZFS Storage Appliance and the identity provider.
sso_idp	list	Identity Provider metadata configured for Single Sign-On authentication. This read-only property is populated when you make an HTTPS POST request to upload the IdP metadata file content to the https/idp REST API endpoint.
sso_node_fqdn	string	Fully qualified domain name of the appliance node used to generate SAML Service Provider registration metadata.
sso_peer_fqdn	string	Fully qualified domain name of the peer appliance node used to generate SAML Service Provider registration metadata in a clustered configuration.
registration	object	SAML Service Provider registration metadata for Single Sign-On authentication, including entity IDs, assertion consumer service URLs, and certificate information.