SSL¶
| Description | | | Command List | | | Related Information |
Description¶
These commands allow you to manage your SSL connections.
Command List¶
- SSL::allow_dynamic_record_sizing - Returns the currently set value for allowing dynamic record sizing
- SSL::allow_nonssl - gets/sets state of Non-SSL connections.
- SSL::alpn - Sets or retrieves the ALPN string
- SSL::authenticate - Overrides the current setting for authentication frequency or for the maximum depth of certificate chain traversal.
- SSL::c3d - Inserts a certificate extension to the C3D certificate, or sets the C3D client certificate
- SSL::cert - Returns X509 SSL certificate data.
- SSL::cipher - Returns SSL cipher information.
- SSL::clientrandom - returns the ClientRandom value from the Client hello
- SSL::collect - Collect plaintext data after SSL offloading
- SSL::disable - Disables SSL processing.
- SSL::enable - Re-enables SSL processing.
- SSL::extensions - Returns or manipulates SSL extensions.
- SSL::forward_proxy - sets the SSL forward proxy bypass feature to bypass or intercept.
- SSL::handshake - Halts or resumes SSL activity.
- SSL::is_renegotiation_secure - Returns the current state of SSL Secure Renegotiation.
- SSL::maximum_record_size - set or get the maximum egress record size
- SSL::mode - Gets the enabled/disabled state of SSL
- SSL::modssl_sessionid_headers - Returns a list of fields for HTTP headers
- SSL::nextproto - gets or sets the Next Protocol Negotiation (NPN) string
- SSL::payload - Returns and manipulates plaintext data collected via SSL::collect
- SSL::profile - Switch between different SSL profiles
- SSL::release - Releases the collected plaintext data
- SSL::renegotiate - Controls renegotiation of an SSL connection.
- SSL::respond - Return data back to the origin via SSL
- SSL::secure_renegotiation - Controls the SSL Secure Renegotiation mode.
- SSL::session - Drops a session from the SSL session cache.
- SSL::sessionid - Gets the SSL session ID.
- SSL::sessionsecret - returns the current SSL handshake master secret
- SSL::sessionticket - returns the session ticket associated with the SSL flow
- SSL::sni - Returns a Server Name Indication name, and require SNI support
- SSL::tls13_secret - Return data about various TLS 1.3 secrets
- SSL::unclean_shutdown - Sets the value of the Unclean Shutdown setting.
- SSL::verify_result - Gets or sets the result code for peer certificate verification.
Event List¶
- CLIENTSSL_CLIENTCERT - Triggered when the system adds an SSL client certificate to the client certificate chain.
- CLIENTSSL_CLIENTHELLO - Triggered when the system has received the client’s SSL ClientHello message
- CLIENTSSL_DATA - Triggered each time new SSL data is received from the client while the connection is in “collect” state.
- CLIENTSSL_HANDSHAKE - Triggered when a client-side SSL handshake is completed.
- CLIENTSSL_PASSTHROUGH - Triggered when the SSL receive the plaintext data and enter the passthrough mode
- CLIENTSSL_SERVERHELLO_SEND - Triggered when the system is about to send its SSL ServerHello message on the clientside connection
- SERVERSSL_CLIENTHELLO_SEND - Triggered when the system is about to send its SSL ClientHello message.
- SERVERSSL_DATA - Triggered when new SSL data is received from the target node after SSL::collect command has been issued.
- SERVERSSL_HANDSHAKE - Triggered when a server-side SSL handshake is completed.
- SERVERSSL_SERVERCERT - triggered when the system finishes the server certificate verification
- SERVERSSL_SERVERHELLO - Triggered when the system has received the server’s SSL ServerHello message.