apm policy agent server-cert-response-control
apm policy agent server-cert-rapm-policyHagentaserver-cert-response-control(1)
NAME
server-cert-response-control - Manages a Server Cert Response Control
agent.
MODULE
apm policy agent
SYNTAX
Configure the server-cert-response-control component within the policy
agent module using the syntax shown in the following sections.
CREATE/MODIFY
create server-cert-response-control [name]
modify server-cert-response-control [name]
options:
app-service [[string] | none]
action [integer]
edit server-cert-response-control [ [ [name] | [glob] | [regex] ] ... ]
options:
all-properties
non-default-properties
DISPLAY
list server-cert-response-control
list server-cert-response-control [ [ [name] | [glob] | [regex] ] ... ]
options:
all-properties
app-service
non-default-properties
partition
DELETE
delete server-cert-response-control [name]
DESCRIPTION
You can use the server-cert-response-control component to create and
manage a Server Cert Response Control agent.
EXAMPLES
create server-cert-response-control
example_server_cert_response_control_ag
Creates the example_server_cert_response_control_ag Server Cert
Response Control agent that allows admin to either ignore or mask
expired/untrusted server certificate.
delete server-cert-response-control
example_server_cert_response_control_ag delete
Deletes the Server Cert Response Control agent named
example_server_cert_response_control_ag.
OPTIONS
[name]
Specifies the name of a Server Cert Response Control agent. This
setting is required.
partition
Displays the partition within which the component resides.
app-service
Specifies the name of the application service to which the object
belongs. The default value is none. Note: If the strict-updates
option is enabled on the application service that owns the object,
you cannot modify or delete the object. Only the application
service can modify or delete the object.
action
Allows admin to specify how to handle connections from a client
whose server certificate is either expired or untrusted. The
default is ignore which specifies that the system ignores
untrusted/expired certificate and may allow the connection. When
mask option is selected, end users will see the block page without
the cert expired/untrusted warning message from clients/browsers.
SEE ALSO
COPYRIGHT
No part of this program may be reproduced or transmitted in any form or
by any means, electronic or mechanical, including photocopying,
recording, or information storage and retrieval systems, for any
purpose other than the purchaser's personal use, without the express
written permission of F5 Networks, Inc.
F5 Networks and BIG-IP (c) Copyright 2018-2019. All rights reserved.
BIG-IP apm policy1agent server-cert-response-control(1)