apm policy agent server-cert-response-control

apm policy agent server-cert-rapm-policyHagentaserver-cert-response-control(1)



NAME
       server-cert-response-control - Manages a Server Cert Response Control
       agent.

MODULE
       apm policy agent

SYNTAX
       Configure the server-cert-response-control component within the policy
       agent module using the syntax shown in the following sections.

   CREATE/MODIFY
	create server-cert-response-control [name]
	modify server-cert-response-control [name]
	  options:
	    app-service [[string] | none]
	    action [integer]

	edit server-cert-response-control [ [ [name] | [glob] | [regex] ] ... ]
	  options:
	    all-properties
	    non-default-properties

   DISPLAY
	list server-cert-response-control
	list server-cert-response-control [ [ [name] | [glob] | [regex] ] ... ]
	  options:
	    all-properties
	    app-service
	    non-default-properties
	    partition

   DELETE
	delete server-cert-response-control [name]

DESCRIPTION
       You can use the server-cert-response-control component to create and
       manage a Server Cert Response Control agent.

EXAMPLES
       create server-cert-response-control
       example_server_cert_response_control_ag
	    Creates the example_server_cert_response_control_ag Server Cert
	    Response Control agent that allows admin to either ignore or mask
	    expired/untrusted server certificate.

       delete server-cert-response-control
       example_server_cert_response_control_ag delete
	    Deletes the Server Cert Response Control agent named
	    example_server_cert_response_control_ag.

OPTIONS
       [name]
	    Specifies the name of a Server Cert Response Control agent. This
	    setting is required.

       partition
	    Displays the partition within which the component resides.

       app-service
	    Specifies the name of the application service to which the object
	    belongs. The default value is none. Note: If the strict-updates
	    option is enabled on the application service that owns the object,
	    you cannot modify or delete the object. Only the application
	    service can modify or delete the object.

       action
	    Allows admin to specify how to handle connections from a client
	    whose server certificate is either expired or untrusted. The
	    default is ignore which specifies that the system ignores
	    untrusted/expired certificate and may allow the connection. When
	    mask option is selected, end users will see the block page without
	    the cert expired/untrusted warning message from clients/browsers.

SEE ALSO
COPYRIGHT
       No part of this program may be reproduced or transmitted in any form or
       by any means, electronic or mechanical, including photocopying,
       recording, or information storage and retrieval systems, for any
       purpose other than the purchaser's personal use, without the express
       written permission of F5 Networks, Inc.

       F5 Networks and BIG-IP (c) Copyright 2018-2019. All rights reserved.



BIG-IP			      apm policy1agent server-cert-response-control(1)