ADC CLI Commands

ssl

The following operations can be performed on “ssl”:

stat ssl

Displays SSL statistics.

Synopsis

stat ssl [-detail] [-fullValues] [-ntimes ] [-logFile ] [-clearstats ( basic | full )]

Arguments

detail Specifies detailed output (including more statistics). The output can be quite voluminous. Without this argument, the output will show only a summary.

fullValues Specifies that numbers and strings should be displayed in their full form. Without this option, long strings are shortened and large numbers are abbreviated

ntimes The number of times, in intervals of seven seconds, the statistics should be displayed. Default value: 1 Minimum value: 0

logFile The name of the log file to be used as input.

clearstats Clear the statsistics / counters

Possible values: basic, full

Output

Counters

Bytes decrypted on the back-end (secondary card) (DecHwBeSecondary) Number of bytes decrypted on the back-end in hardware on secondary card.

Bytes decrypted on the front-end (secondary card) (DecHwFeSecondary) Number of bytes decrypted on the front-end in hardware on secondary card.

Bytes encrypted on the back-end (secondary card) (EncHwBeSecondary) Number of bytes encrypted on the back-end in hardware on secondary card.

Bytes encrypted on the front-end (secondary card) (EncHwFeSecondary) Number of bytes encrypted on the front-end in hardware on secondary card.

Bytes decrypted (secondary card) (DecHwSecondary) Number of bytes decrypted in hardware on secondary card.

Bytes encrypted (secondary card) (EncHwSecondary) Number of bytes encrypted in hardware on secondary card.

SSL Crypto Utilization Symm (%) (SSLCryptoUtilSymmStat) Utilization of the hardware symmetric crypto resource. Only valid values are 0-100%. Only works on platforms with Intel crypto chips.

SSL Crypto Utilization Asym (%) (SSLCryptoUtilAsymStat) Utilization of the hardware asymmetric crypto resource. Only valid values are 0-100%. Only works on platforms with Intel crypto chips.

Secondary card utilization (%) (SSLCryptoUtilStat2nd) Utilization of the hardware crypto resource. Only valid values are 0-100%. Only works on N3FIPS+N3 hybrid platform.

SSL crypto utilization (%) (SSLCryptoUtilStat) Utilization of the hardware crypto resource. Only valid values are 0-100%. Only works on platforms with Nitrox-3 chips.

# Secondary SSL cards UP (SSLCardUPSecondary) Number of Add on SSL cards that are UP.

# Secondary SSL cards present (SSLCardsSecondary) Number of secondary SSL crypto cards present on the Citrix ADC.

SSL crypto card status (SSLCardSt) Status of the SSL card(s). The value should be interpreted in binary form, with each set bit indicates a card as UP.

# ssl cards present (SSLCards) Number of SSL crypto cards present on the Citrix ADC.

# ssl cards UP (SSLCardUP) Number of SSL cards that are UP. If the number of cards UP is lower than a threshold, a failover is initiated.

SSL engine status (SSLEngSt) State of the SSL Engine (1=UP/0=DOWN). This state is decided based on SSL Feature/License status and minimum number of cards UP.

SSL sessions (SSLSe) Number of SSL sessions on the Citrix ADC.

SSL transactions (SSLTrn) Number of SSL transactions on the Citrix ADC

SSLv2 transactions (SSL2Trn) Number of SSLv2 transactions on the Citrix ADC.

SSLv3 transactions (SSL3Trn) Total number of SSLv3 transactions on the Citrix ADC.

TLSv1 transactions (TLS1Trn) Number of TLSv1 transactions on the Citrix ADC.

TLSv1.1 transactions (TLS11Trn) Number of TLSv1.1 transactions on the Citrix ADC.

TLSv1.2 transactions (TLS12Trn) Number of TLSv1.2 transactions on the Citrix ADC.

TLSv1.3 transactions (TLS13Trn) Number of TLSv1.3 transactions on the Citrix ADC.

DTLSv1 transactions (DTLS1Trn) Number of DTLSv1 transactions on the Citrix ADC.

DTLSv1.2 transactions (DTLS12Trn) Number of DTLSv1.2 transactions on the Citrix ADC.

SSLv2 sessions (SSL2Se) Number of SSLv2 sessions on the Citrix ADC.

SSLv3 sessions (SSL3Se) Number of SSLv3 sessions on the Citrix ADC.

TLSv1 sessions (TLS1Se) Number of TLSv1 sessions on the Citrix ADC.

TLSv1.1 sessions (TLS11Se) Number of TLSv1.1 sessions on the Citrix ADC.

TLSv1.2 sessions (TLS12Se) Number of TLSv1.2 sessions on the Citrix ADC.

TLSv1.3 sessions (TLS13Se) Number of TLSv1.3 sessions on the Citrix ADC.

DTLSv1 sessions (DTLS1Se) Number of DTLSv1 sessions on the Citrix ADC.

DTLSv1.2 sessions (DTLS12Se) Number of DTLSv1.2 sessions on the Citrix ADC.

new SSL sessions (NewSe) Number of new SSL sessions created on the Citrix ADC.

SSL session misses (SeMiss) Number of SSL session reuse misses on the Citrix ADC.

SSL session hits (SeHit) Number of SSL session reuse hits on the Citrix ADC.

SSL sessions (BSSLSe) Number of back-end SSL sessions on the Citrix ADC.

SSLv3 sessions (BSSL3Se) Number of back-end SSLv3 sessions on the Citrix ADC.

TLSv1 sessions (BTLS1Se) Number of back-end TLSv1 sessions on the Citrix ADC.

TLSv1.1 sessions (BTLS1Se) Number of back-end TLSv1.1 sessions on the Citrix ADC.

TLSv1.2 sessions (BTLS1Se) Number of back-end TLSv1.2 sessions on the Citrix ADC.

DTLSv1 sessions (BDTLS1Se) Number of back-end DTLSv1 sessions on the Citrix ADC.

Session multiplex attempts (BSeMx) Number of back-end SSL session multiplex attempts on the Citrix ADC.

Session multiplex successes (BSeMxS) Number of back-end SSL session multiplex successes on the Citrix ADC.

Session multiplex failures (BSeMxF) Number of back-end SSL session multiplex failures on the Citrix ADC.

Bytes encrypted (Enc) Number of bytes encrypted on the Citrix ADC.

Bytes decrypted (Dec) Number of bytes decrypted on the Citrix ADC.

Server in record (ServerInRecord) Number server in record on the Citrix ADC.

SSL session renegotiations (SSLRn) Number of SSL session renegotiations on the Citrix ADC.

SSLv3 session renegotiations (SSL3Rn) Number of session renegotiations done on SSLv3.

TLSv1 session renegotiations (TLS1Rn) Number of SSL session renegotiations done on TLSv1.

TLSv1.1 session renegotiations (TLS11Rn) Number of SSL session renegotiations done on TLSv1.1.

TLSv1.2 session renegotiations (TLS12Rn) Number of SSL session renegotiations done on TLSv1.2.

DTLSv1 session renegotiations (DTLS1Rn) Number of SSL session renegotiations done on DTLSv1.

DTLSv1.2 session renegotiations (DTLS12Rn) Number of SSL session renegotiations done on DTLSv1.2.

RSA 512-bit key exchanges (RSAKx5) Number of RSA 512-bit key exchanges on the Citrix ADC.

RSA 1024-bit key exchanges (RSAKx1) Number of RSA 1024-bit key exchanges on the Citrix ADC.

RSA 2048-bit key exchanges (RSAKx2) Number of RSA 2048-bit key exchanges on the Citrix ADC.

RSA 3072-bit key exchanges (RSAKx3) Number of RSA 3072-bit key exchanges on the Citrix ADC.

RSA 4096-bit key exchanges (RSAKx4) Number of RSA 4096-bit key exchanges on the Citrix ADC.

DH 512-bit key exchanges (DHKx5) Number of Diffie-Helman 512-bit key exchanges on the Citrix ADC.

DH 1024-bit key exchanges (DHKx1) Number of Diffie-Helman 1024-bit key exchanges on the Citrix ADC.

DH 2048-bit key exchanges (DHKx2) Number of Diffie-Helman 2048-bit key exchanges on the Citrix ADC.

DH 4096-bit key exchanges (DHKx4) Number of Diffie-Helman 4096-bit key exchanges on the Citrix ADC.

ECDHE 521 curve key exchanges (ECDHEKx521) Number of 521 Elliptical Curve Diffie-Helman on the Citrix ADC.

ECDHE 384 curve key exchanges (ECDHEKx384) Number of 384 Elliptical Curve Diffie-Helman on the Citrix ADC.

ECDHE 256 curve key exchanges (ECDHEKx256) Number of 256 Elliptical Curve Diffie-Helman on the Citrix ADC.

ECDHE 224 curve key exchanges (ECDHEKx224) Number of 224 Elliptical Curve Diffie-Helman on the Citrix ADC.

Total ECDHE key exchanges (ECDHEKx) Total ECDHE Transactions on Citrix ADC.

RC4 40-bit encryptions (RC4En4) Number of RC4 40-bit cipher encryptions on the Citrix ADC.

RC4 56-bit encryptions (RC4En5) Number of RC4 56-bit cipher encryptions on the Citrix ADC.

RC4 64-bit encryptions (RC4En6) Number of RC4 64-bit cipher encryptions on the Citrix ADC.

RC4 128-bit encryptions (RC4En1) Number of RC4 128-bit cipher encryptions on the Citrix ADC.

DES 40-bit encryptions (DESEn4) Number of DES 40-bit cipher encryptions on the Citrix ADC.

DES 56-bit encryptions (DESEn5) Number of DES 56-bit cipher encryptions on the Citrix ADC.

3DES 168-bit encryptions (3DESEn1) Number of DES 168-bit cipher encryptions on the Citrix ADC.

AES 128-bit encryptions (AESEn1) Number of AES 128-bit cipher encryptions on the Citrix ADC.

AES 256-bit encryptions (AESEn2) Number of AES 256-bit cipher encryptions on the Citrix ADC.

RC2 40-bit encryptions (RC2En4) Number of RC2 40-bit cipher encryptions on the Citrix ADC.

RC2 56-bit encryptions (RC2En5) Number of RC2 56-bit cipher encryptions on the Citrix ADC.

RC2 128-bit encryptions (RC2En1) Number of RC2 128-bit cipher encryptions on the Citrix ADC.

AES-GCM 128-bit encryptions (AESGCMEn1) Number of AEC-GCM 128-bit cipher encryptions on the Citrix ADC.

AES-GCM 256-bit encryptions (AESGCMEn2) Number of AEC-GCM 256-bit cipher encryptions on the Citrix ADC.

Null cipher encryptions (NullEn) Number of Null cipher encryptions on the Citrix ADC.

MD5 hashes (MD5Hsh) Number of MD5 hashes on the Citrix ADC.

SHA hashes (SHAHsh) Number of SHA hashes on the Citrix ADC.

SHA256 hashes (SHA256Hsh) Number of SHA256 hashes on the Citrix ADC.

SHA384 hashes (SHA384Hsh) Number of SHA384 hashes on the Citrix ADC.

SSLv2 SSL handshakes (SSL2Hs) Number of handshakes on SSLv2 on the Citrix ADC.

SSLv3 SSL handshakes (SSL3Hs) Number of handshakes on SSLv3 on the Citrix ADC.

TLSv1 SSL handshakes (TLS1Hs) Number of SSL handshakes on TLSv1 on the Citrix ADC.

TLSv1.1 SSL handshakes (TLS11Hs) Number of SSL handshakes on TLSv1.1 on the Citrix ADC.

TLSv1.2 SSL handshakes (TLS12Hs) Number of SSL handshakes on TLSv1.2 on the Citrix ADC.

TLSv1.3 SSL handshakes (TLS13Hs) Number of SSL handshakes on TLSv1.3 on the Citrix ADC.

DTLSv1 SSL handshakes (DTLS1Hs) Number of SSL handshakes on DTLSv1 on the Citrix ADC.

DTLSv1.2 SSL handshakes (DTLS12Hs) Number of SSL handshakes on DTLSv1.2 on the Citrix ADC.

SSLv2 client authentications (SSL2CAt) Number of client authentications done on SSLv2.

SSLv3 client authentications (SSL3CAt) Number of client authentications done on SSLv3.

TLSv1 client authentications (TLS1CAt) Number of client authentications done on TLSv1.

TLSv1.1 client authentications (TLS11CAt) Number of client authentications done on TLSv1.1.

TLSv1.2 client authentications (TLS12CAt) Number of client authentications done on TLSv1.2.

TLSv1.3 client authentications (TLS13CAt) Number of client authentications done on TLSv1.3.

DTLSv1 client authentications (DTLS1CAt) Number of client authentications done on DTLSv1.

DTLSv1.2 client authentications (DTLS12CAt) Number of client authentications done on DTLSv1.2.

RSA authentications (RSAAt) Number of RSA authentications on the Citrix ADC.

DH authentications (DHAt) Number of Diffie-Helman authentications on the Citrix ADC.

DSS (DSA) authentications (DSSAt) Total number of times DSS authorization is used on the Citrix ADC.

ECDSA authentications (ECDSAAt) Total number of times ECDSA authorization is used on the Citrix ADC.

Null authentications (NullAt) Number of Null authentications on the Citrix ADC.

SSL session renegotiations (BSSLRn) Number of back-end SSL session renegotiations on the Citrix ADC.

SSLv3 session renegotiations (BSSL3Rn) Number of back-end SSLv3 session renegotiations on the Citrix ADC.

TLSv1 session renegotiations (BTLS1Rn) Number of back-end TLSv1 session renegotiations on the Citrix ADC.

TLSv1.1 back-end session renegotiations (BTLS1aRn) Number of back-end TLSv1.1 session renegotiations on the Citrix ADC.

TLSv1.2 back-end session renegotiations (BTLS12Rn) Number of back-end TLSv1.2 session renegotiations on the Citrix ADC.

DTLSv1 session renegotiations (BDTLS1Rn) Number of back-end DTLSv1 session renegotiations on the Citrix ADC.

RSA 512-bit key exchanges (BRSAKx5) Number of back-end RSA 512-bit key exchanges on the Citrix ADC.

RSA 1024-bit key exchanges (BRSAKx1) Number of back-end RSA 1024-bit key exchanges on the Citrix ADC.

RSA 2048-bit key exchanges (BRSAKx2) Number of back-end RSA 2048-bit key exchanges on the Citrix ADC.

RSA 3072-bit key exchanges (BRSAKx3) Number of back-end RSA 3072-bit key exchanges on the Citrix ADC.

RSA 4096-bit key exchanges (BRSAKx4) Number of back-end RSA 4096-bit key exchanges on the Citrix ADC.

DH 512-bit key exchanges (BDHKx5) Number of back-end DH 512-bit key exchanges on the Citrix ADC.

DH 1024-bit key exchanges (BDHKx1) Number of back-end DH 1024-bit key exchanges on the Citrix ADC.

DH 2048-bit key exchanges (BDHKx2) Number of back-end DH 2048-bit key exchanges on the Citrix ADC.

DH 4096-bit key exchanges (BDHKx4) Number of back-end DH 4096-bit key exchanges on the Citrix ADC.

ECDHE 521 curve key exchanges (BECDHECx1) Number of back-end ECDHE 521 curve Key exchanges on the Citrix ADC.

ECDHE 384 curve key exchanges (BECDHECx2) Number of back-end ECDHE 384 curve Key exchanges on the Citrix ADC.

ECDHE 256 curve key exchanges (BECDHECx3) Number of back-end ECDHE 256 curve Key exchanges on the Citrix ADC.

ECDHE 224 curve key exchanges (BECDHECx4) Number of back-end ECDHE 224 curve Key exchanges on the Citrix ADC.

RC4 40-bit encryptions (BRC4En4) Number of back-end RC4 40-bit cipher encryptions on the Citrix ADC.

RC4 56-bit encryptions (BRC4En5) Number of back-end RC4 56-bit cipher encryptions on the Citrix ADC.

RC4 64-bit encryptions (BRC4En6) Number of back-end RC4 64-bit cipher encryptions on the Citrix ADC.

RC4 128-bit encryptions (BRC4En1) Number of back-end RC4 128-bit cipher encryptions on the Citrix ADC.

DES 40-bit encryptions (BDESEn4) Number of back-end DES 40-bit cipher encryptions on the Citrix ADC.

DES 56-bit encryptions (BDESEn5) Number of back-end DES 56-bit cipher encryptions on the Citrix ADC.

3DES 168-bit encryptions (B3DESE1n) Number of back-end 3DES 168-bit cipher encryptions on the Citrix ADC.

AES 128-bit encryptions (BAESEn1) Back-end AES 128-bit cipher encryptions on the Citrix ADC.

AES 256-bit encryptions (BAESEn2) Back-end AES 256-bit cipher encryptions on the Citrix ADC.

RC2 40-bit encryptions (BRC2En4) Number of back-end RC2 40-bit cipher encryptions on the Citrix ADC.

RC2 56-bit encryptions (BRC2En5) Number of back-end RC2 56-bit cipher encryptions on the Citrix ADC.

RC2 128-bit encryptions (BRC2En1) Number of back-end RC2 128-bit cipher encryptions on the Citrix ADC.

AES-GCM 128-bit encryptions (BAESGCMEn1) Back-end AES-GCM 128-bit cipher encryptions on the Citrix ADC.

AES-GCM 256-bit encryptions (BAESGCMEn2) Back-end AES-GCM 256-bit cipher encryptions on the Citrix ADC .

null encryptions (BNullEn) Number of back-end null cipher encryptions on the Citrix ADC.

MD5 hashes (BMD5Hsh) Number of back-end MD5 hashes on the Citrix ADC.

SHA hashes (BSHAHsh) Number of back-end SHA hashes on the Citrix ADC.

SHA256 hashes (BSHA256Hsh) Number of back-end SHA256 hashes on the Citrix ADC.

SHA384 hashes (BSHA384Hsh) Number of back-end SHA384 hashes on the Citrix ADC.

SSLv3 handshakes (BSSL3Hs) Number of back-end SSLv3 handshakes on the Citrix ADC.

TLSv1 handshakes (BTLS1Hs) Number of back-end TLSv1 handshakes on the Citrix ADC.

TLSv1.1 handshakes (BTLS11Hs) Number of back-end TLSv1.1 handshakes on the Citrix ADC.

TLSv1.2 handshakes (BTLS12Hs) Number of back-end TLSv1.2 handshakes on the Citrix ADC.

DTLSv1 handshakes (BDTLS1Hs) Number of back-end DTLSv1 handshakes on the Citrix ADC.

SSLv3 client authentications (BSSL3CAt) Number of back-end SSLv3 client authentications on the Citrix ADC.

TLSv1 client authentications (BTLS1CAt) Number of back-end TLSv1 client authentications on the Citrix ADC.

TLSv1.1 client authentications (BTLS11CAt) Number of back-end TLSv1.1 client authentications on the Citrix ADC.

TLSv1.2 client authentications (BTLS12CAt) Number of back-end TLSv1.2 client authentications on the Citrix ADC.

DTLSv1 client authentications (BDTLS1CAt) Number of back-end DTLSv1 client authentications on the Citrix ADC.

RSA authentications (BRSAAt) Number of back-end RSA authentications on the Citrix ADC.

DH authentications (BDHAt) Number of back-end DH authentications on the Citrix ADC.

DSS authentications (BDSSAt) Number of back-end DSS authentications on the Citrix ADC.

ECDSA authentications (BECDSAAt) Number of back-end ECDSA authentications on the Citrix ADC.

Null authentications (BNullAt) Number of back-end null authentications on the Citrix ADC.

RSA key exchanges offloaded (RSAkxOf) Number of RSA key exchanges offloaded to the cryptography card.

RSA sign operations offloaded (RSASnOf) Number of RSA sign operations offloaded to the cryptography card.

DH key exchanges offloaded (DHkxOf) Number of DH key exchanges offloaded to the cryptography card.

RC4 encryptions offloaded (RC4EnOf) Number of RC4 encryptions offloaded to the cryptography card.

DES encryptions offloaded (DESEnOf) Number of DES encryptions offloaded to the cryptography card.

AES encryptions offloaded (AESEnOf) Number of AES encryptions offloaded to the cryptography card.

AES-GCM 128-bit encryptions offloaded (AESGCMEnOf1) Number of AES-GCM 128-bit encryptions offloaded to the cryptography card.

AES-GCM 256-bit encryptions offloaded (AESGCMEnOf2) Number of AES-GCM 256-bit encryptions offloaded to the cryptography card.

Bytes encrypted in hardware (EncHw) Number of bytes encrypted in hardware.

Bytes encrypted in software (EncSw) Number of bytes encrypted in software.

Bytes encrypted on the front-end. (EncFe) Number of bytes encrypted on the front-end.

Bytes encrypted in hardware on the front-end. (EncHwFe) Number of bytes encrypted in hardware on the front-end.

Bytes encrypted in software on the front-end (EncSwFe) Number of bytes encrypted in software on the front-end.

Bytes encrypted on the back-end (EncBe) Number of bytes encrypted on the back-end.

Bytes encrypted in hardware on the back-end (EncHwBe) Number of bytes encrypted in hardware on the back-end.

Bytes encrypted in software on the back-end (EncSwBe) Number of bytes encrypted in software on the back-end.

Bytes decrypted in hardware (DecHw) Number of bytes decrypted in hardware.

Bytes decrypted in software (DecSw) Number of bytes decrypted in software.

Bytes decrypted on the front-end (DecFe) Number of bytes decrypted on the front-end.

Bytes decrypted in hardware on the front-end (DecHwFe) Number of bytes decrypted in hardware on the front-end.

Bytes decrypted in software on the front-end (DecSwFe) Number of bytes decrypted in software on the front-end.

Bytes decrypted on the back-end (DecBe) Number of bytes decrypted on the back-end.

Bytes decrypted in hardware on the back-end (DecHwBe) Number of bytes decrypted in hardware on the back-end.

Bytes decrypted in software on the back-end. (DecSwBe) Number of bytes decrypted in software on the back-end

Total SPCB in use (SPCBInUseCount) Number of SPCB in use.

Active SSL sessions (sessionInUse) Number of active SSL sessions on the Citrix ADC.

Current queue size (curQsize) Current queue size

In Q count for current card (CardInQCount) Number of current SSL card InQ count.

In BulkQ count for current card (CardinBlkQ) Number of current SSL card In BulkQ count.

In KeyQ count for current card (CardinKeyQ) Number of current SSL card In KeyQ count.

Backend SSL sessions reused (BSeRe) Number of back-end SSL sessions reused on the Citrix ADC.

IDEA 128-bit encryptions (IDEAEn1) Number of IDEA 128-bit cipher encryptions on the Citrix ADC.

IDEA 128-bit encryptions (BIDEAEn1) Number of back-end IDEA 128-bit cipher encryptions on the Citrix ADC.

# Secondary SSL cards present (SSLCardsSecondary) Number of secondary SSL crypto cards present on the Citrix ADC.

# Secondary SSL cards UP (SSLCardUPSecondary) Number of Add on SSL cards that are UP.

Bytes encrypted (secondary card) (EncHwSecondary) Number of bytes encrypted in hardware on secondary card.

Bytes decrypted (secondary card) (DecHwSecondary) Number of bytes decrypted in hardware on secondary card.

Bytes encrypted on the front-end (secondary card) (EncHwFeSecondary) Number of bytes encrypted on the front-end in hardware on secondary card.

Bytes encrypted on the back-end (secondary card) (EncHwBeSecondary) Number of bytes encrypted on the back-end in hardware on secondary card.

Bytes decrypted on the front-end (secondary card) (DecHwFeSecondary) Number of bytes decrypted on the front-end in hardware on secondary card.

Bytes decrypted on the back-end (secondary card) (DecHwBeSecondary) Number of bytes decrypted on the back-end in hardware on secondary card.

ssl