Download full document:

sslfips

Configuration for fips resource.

Properties

(click to see Operations)

NameData TypePermissionsDescription
inithsm<String>Read-writeFIPS initialization level. The appliance currently supports Level-2 (FIPS 140-2).
Possible values = Level-2
sopassword<String>Read-writeSecurity officer password that will be in effect after you have configured the HSM.
Minimum length = 1
oldsopassword<String>Read-writeOld password for the security officer.
Minimum length = 1
userpassword<String>Read-writeThe Hardware Security Module's (HSM) User password.
Minimum length = 1
hsmlabel<String>Read-writeLabel to identify the Hardware Security Module (HSM).
Minimum length = 1
fipsfw<String>Read-writePath to the FIPS firmware file.
Minimum length = 1
erasedata<String>Read-onlyErase data.
Default value: FIPS_ERASE
Minimum length = 1
serial<Integer>Read-onlyFIPS card serial number.
majorversion<Integer>Read-onlyFirmware major version.
minorversion<Integer>Read-onlyFirmware minor version.
fipshwmajorversion<Integer>Read-onlyFIPS card hardware major version.
fipshwminorversion<Integer>Read-onlyFIPS card hardware minor version.
fipshwversionstring<String>Read-onlyFIPS card hardware extended version string.
flashmemorytotal<Integer>Read-onlyTotal size of the flash memory on card.
flashmemoryfree<Integer>Read-onlyTotal size of free flash memory.
sramtotal<Integer>Read-onlyTotal size of the SRAM memory on card.
sramfree<Integer>Read-onlyTotal size of free SRAM memory.
status<Integer>Read-onlyStatus.
flag<Integer>Read-onlyInternal Flags.
serialno<String>Read-onlyFIPS card serial number.
model<String>Read-onlyFIPS card model info.
state<Integer>Read-onlyFIPS card state.
firmwarereleasedate<String>Read-onlyFIPS card firmware revision date.
coresmax<Integer>Read-onlyMaximum number of crypto cores present in the FIPS card.
coresenabled<Integer>Read-onlyNumber of crypto cores enabled in the FIPS card.

Operations

(click to see Properties)

UPDATE| UNSET| RESET| CHANGE| GET (ALL)

Some options that you can use for each operations:

  • Getting warnings in response:NITRO allows you to get warnings in an operation by specifying the "warning" query parameter as "yes". For example, to get warnings while connecting to the NetScaler appliance, the URL is as follows:

    http://<netscaler-ip-address>/nitro/v1/config/login?warning=yes

    If any, the warnings are displayed in the response payload with the HTTP code "209 X-NITRO-WARNING".

  • Authenticated access for individual NITRO operations:NITRO allows you to logon to the NetScaler appliance to perform individual operations. You can use this option instead of creating a NITRO session (using the login object) and then using that session to perform all operations,

    To do this, you must specify the username and password in the request header of the NITRO request as follows:

    X-NITRO-USER:<username>

    X-NITRO-PASS:<password>

    Note:In such cases, make sure that the request header DOES not include the following:

    Cookie:NITRO_AUTH_TOKEN=<tokenvalue>

Note:

Mandatory parameters are marked in redand placeholder content is marked in <green>.

update

URL:http://<netscaler-ip-address>/nitro/v1/config/sslfips

HTTP Method:PUT

Request Headers:

Cookie:NITRO_AUTH_TOKEN=<tokenvalue> Content-Type:application/json

Request Payload:

{"sslfips":{
<b>"inithsm":<String_value>,
</b><b>"sopassword":<String_value>,
</b><b>"oldsopassword":<String_value>,
</b><b>"userpassword":<String_value>,
</b>"hsmlabel":<String_value>
}}

Response:

HTTP Status Code on Success: 200 OK HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error

unset

URL:http://<netscaler-ip-address>/nitro/v1/config/sslfips?action=unset

HTTP Method:POST

Request Headers:

Cookie:NITRO_AUTH_TOKEN=<tokenvalue> Content-Type:application/json

Request Payload:

{"sslfips":{
"hsmlabel":true
}}

Response:

HTTP Status Code on Success: 200 OK HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error

reset

URL:http://<netscaler-ip-address>/nitro/v1/config/sslfips?action=reset

HTTP Method:POST

Request Headers:

Cookie:NITRO_AUTH_TOKEN=<tokenvalue> Content-Type:application/json

Request Payload:

{"sslfips":{
}}

Response:

HTTP Status Code on Success: 200 OK HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error

change

URL:http://<netscaler-ip-address>/nitro/v1/config/sslfips?action=update

HTTP Method:POST

Request Headers:

Cookie:NITRO_AUTH_TOKEN=<tokenvalue> Content-Type:application/json

Request Payload:

{"sslfips":{
<b>"fipsfw":<String_value>
</b>}}

Response:

HTTP Status Code on Success: 200 OK HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error

get (all)

URL:http://<netscaler-ip-address>/nitro/v1/config/sslfips

HTTP Method:GET

Request Headers:

Cookie:NITRO_AUTH_TOKEN=<tokenvalue> Accept:application/json

Response:

HTTP Status Code on Success: 200 OK HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the errorResponse Headers:

Content-Type:application/json

Response Payload:

{ "sslfips": [ {
"inithsm":<String_value>,
"sopassword":<String_value>,
"userpassword":<String_value>,
"oldsopassword":<String_value>,
"erasedata":<String_value>,
"hsmlabel":<String_value>,
"serial":<Integer_value>,
"majorversion":<Integer_value>,
"minorversion":<Integer_value>,
"fipshwmajorversion":<Integer_value>,
"fipshwminorversion":<Integer_value>,
"fipshwversionstring":<String_value>,
"flashmemorytotal":<Integer_value>,
"flashmemoryfree":<Integer_value>,
"sramtotal":<Integer_value>,
"sramfree":<Integer_value>,
"status":<Integer_value>,
"flag":<Integer_value>,
"serialno":<String_value>,
"model":<String_value>,
"state":<Integer_value>,
"firmwarereleasedate":<String_value>,
"coresmax":<Integer_value>,
"coresenabled":<Integer_value>
}]}