Product Documentation

ssl_partner

Oct 21, 2015

Configuration for setting up secure partner

Properties

Name Data Type Read-Only? Description
valid
<Boolean>
Yes

Valid configuration for signalling channel negotiation.

Possible values = [true, false]

discoveredpeers
<[String,...]>
Yes

List of yet discovered peers.

defaultport
<Integer>
Yes

Default port for listening.

availablecipherlist
<String>
Yes

Avialable cipher list for negotiation with secure partner

ciphers
<String>
No

Configured cipher specification

listenonchoices
<[String,...]>
Yes

IP subnet vailable to chose listening IP from.

autodiscovery
<Boolean>
No

IP-Adress:Port configured on remoted side to listen-on for signalling connections.

Possible values = [true, false]

securepeerenabled
<Boolean>
No

Enable/disable secure peering

Possible values = [true, false]

certkeyname
<String>
No

Certificate/Key pair to be use for secure tunneling.

certverifyaction
<String>
No

Verify action for list of CN in certverifycommonnames

Possible values = [white_list, black_list, allow_all, sig_exp_only]

connectto
<[String,...]>
No

Remote host with which the connection should be established.

publish
<[String,...]>
No

List of IP/port tuples being published for peer to connect to.

publishenabled
<Boolean>
No

Enable/Disable publishing NAT IPs

Possible values = [true, false]

certverifycommonnames
<[String,...]>
No

List of black/white listed server CN

listenon
<[String,...]>
No

IP-Adress:Port configured to listen-on for signalling connections. This parameter is not configurable on CloudBridge 4000 and 5000 IP-reduced platforms. This parameter will be ignored even if it is present in input payload for CloudBridge 4000 and 5000 IP-reduced platforms.

castorename
<String>
No

Ca store used for authenticating negotiation with secure peer

cipherlist
<String>
Yes

Configured cipher list for negotiation with secure partner

Operations

Hinweis

Mandatory parameters are marked in red and placeholder content is marked in <green>.

GET

Use this operation to get SSL CA store configuration details

HTTP Method: GET

URL: https://<cb_ip_address>/cb/nitro/v1/config/ssl_partner/

Request Headers:

Authorization: Basic <base64 encoded(username:password)>
Accept: application/vnd.com.citrix.cloudbridge.ssl_partner+json

Response Headers:

Content-Type: application/vnd.com.citrix.cloudbridge.ssl_partner+json

Response Payload: JSON

{"ssl_partner":{
"valid": <boolean_value>,
"discoveredpeers": <string_value>,
"defaultport": <integer_value>,
"availablecipherlist": <string_value>,
"ciphers": <string_value>,
"listenonchoices": <string_value>,
"autodiscovery": <boolean_value>,
"securepeerenabled": <boolean_value>,
"certkeyname": <string_value>,
"certverifyaction": <string_value>,
"connectto": <string_value>,
"publish": <string_value>,
"publishenabled": <boolean_value>,
"certverifycommonnames": <string_value>,
"listenon": <string_value>,
"castorename": <string_value>,
"cipherlist": <string_value>
}}

MODIFY

Use this operation to modify a SSL CA store

HTTP Method: PUT

URL: https://<cb_ip_address>/cb/nitro/v1/config/ssl_partner

Request Headers:

Authorization: Basic <base64 encoded(username:password)>
Content-Type: application/vnd.com.citrix.cloudbridge.ssl_partner+json

Request Payload: JSON

{"ssl_partner":{
"ciphers": <string_value>,
"autodiscovery": <boolean_value>,
"securepeerenabled": <boolean_value>,
"certkeyname": <string_value>,
"certverifyaction": <string_value>,
"connectto": <string_value>,
"publish": <string_value>,
"publishenabled": <boolean_value>,
"certverifycommonnames": <string_value>,
"listenon": <string_value>,
"castorename": <string_value>
}}

Response Headers:

Content-Type: application/vnd.com.citrix.cloudbridge.ssl_partner+json

Response Payload: JSON

{"ssl_partner":{
"valid": <boolean_value>,
"discoveredpeers": <string_value>,
"defaultport": <integer_value>,
"availablecipherlist": <string_value>,
"ciphers": <string_value>,
"listenonchoices": <string_value>,
"autodiscovery": <boolean_value>,
"securepeerenabled": <boolean_value>,
"certkeyname": <string_value>,
"certverifyaction": <string_value>,
"connectto": <string_value>,
"publish": <string_value>,
"publishenabled": <boolean_value>,
"certverifycommonnames": <string_value>,
"listenon": <string_value>,
"castorename": <string_value>,
"cipherlist": <string_value>
}}