CONFIG PROTOCOL SSL COMMON PROXY CONFIG

Level

asq,modify

History

Appears in Netasq 9.0.0
HTTPCodeOnFail appears in 3.1.0
NbMaxFakeCertif replaced by PercentFakeCertif in 3.3.0
CacheIpSize removed in 4.0.0
PercentFakeCertif removed in 4.0.0

Description

Common parameters configuration

Usage

[CipherLevelAlgorithm=low|medium|high] [FakeCertifValidityDate=<integer>] [CaCustom=<0|1>] [CATrusted=<All|None|exception>] [CA=<authorityName> CAPassphrase=<pass>] [ApplyNat=<0|1>] [HTTPCodeOnFail=<200-599>]
CipherLevelAlgorithm : Cipherlevel is a combination of authorized cipher algorithm composed with : low, medium, high
FakeCertifValidityDate : Nb of days for the fake-certificate validity
CaCustom : Enable 1 | Disable 0
CATrusted : Copy the Trusted CA to the verify directory
CA : The authority who sign the fake certificates
CAPassphrase : The passphrase of the authority
ApplyNat : Allow outbound connections from proxies to match any NAT rule instead of just dst-only
HTTPCodeOnFail : HTTP Header code on fail: 202|403|451|...

Returns

Error code

Example

CONFIG PROTOCOL SSL COMMON PROXY CONFIG CipherLevelAlgorithm=low,high
CONFIG PROTOCOL SSL COMMON PROXY CONFIG CA=ca_name CAPassphrase=mdp