fortios.firewall.Sslserver
Explore with Pulumi AI
Configure SSL servers.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as fortios from "@pulumiverse/fortios";
const trname = new fortios.firewall.Sslserver("trname", {
addHeaderXForwardedProto: "enable",
ip: "1.1.1.1",
mappedPort: 2234,
port: 32321,
sslAlgorithm: "high",
sslCert: "Fortinet_CA_SSL",
sslClientRenegotiation: "allow",
sslDhBits: "2048",
sslMaxVersion: "tls-1.2",
sslMinVersion: "tls-1.1",
sslMode: "half",
sslSendEmptyFrags: "enable",
urlRewrite: "disable",
});
import pulumi
import pulumiverse_fortios as fortios
trname = fortios.firewall.Sslserver("trname",
add_header_x_forwarded_proto="enable",
ip="1.1.1.1",
mapped_port=2234,
port=32321,
ssl_algorithm="high",
ssl_cert="Fortinet_CA_SSL",
ssl_client_renegotiation="allow",
ssl_dh_bits="2048",
ssl_max_version="tls-1.2",
ssl_min_version="tls-1.1",
ssl_mode="half",
ssl_send_empty_frags="enable",
url_rewrite="disable")
package main
import (
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
"github.com/pulumiverse/pulumi-fortios/sdk/go/fortios/firewall"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := firewall.NewSslserver(ctx, "trname", &firewall.SslserverArgs{
AddHeaderXForwardedProto: pulumi.String("enable"),
Ip: pulumi.String("1.1.1.1"),
MappedPort: pulumi.Int(2234),
Port: pulumi.Int(32321),
SslAlgorithm: pulumi.String("high"),
SslCert: pulumi.String("Fortinet_CA_SSL"),
SslClientRenegotiation: pulumi.String("allow"),
SslDhBits: pulumi.String("2048"),
SslMaxVersion: pulumi.String("tls-1.2"),
SslMinVersion: pulumi.String("tls-1.1"),
SslMode: pulumi.String("half"),
SslSendEmptyFrags: pulumi.String("enable"),
UrlRewrite: pulumi.String("disable"),
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Fortios = Pulumiverse.Fortios;
return await Deployment.RunAsync(() =>
{
var trname = new Fortios.Firewall.Sslserver("trname", new()
{
AddHeaderXForwardedProto = "enable",
Ip = "1.1.1.1",
MappedPort = 2234,
Port = 32321,
SslAlgorithm = "high",
SslCert = "Fortinet_CA_SSL",
SslClientRenegotiation = "allow",
SslDhBits = "2048",
SslMaxVersion = "tls-1.2",
SslMinVersion = "tls-1.1",
SslMode = "half",
SslSendEmptyFrags = "enable",
UrlRewrite = "disable",
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.fortios.firewall.Sslserver;
import com.pulumi.fortios.firewall.SslserverArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var trname = new Sslserver("trname", SslserverArgs.builder()
.addHeaderXForwardedProto("enable")
.ip("1.1.1.1")
.mappedPort(2234)
.port(32321)
.sslAlgorithm("high")
.sslCert("Fortinet_CA_SSL")
.sslClientRenegotiation("allow")
.sslDhBits("2048")
.sslMaxVersion("tls-1.2")
.sslMinVersion("tls-1.1")
.sslMode("half")
.sslSendEmptyFrags("enable")
.urlRewrite("disable")
.build());
}
}
resources:
trname:
type: fortios:firewall:Sslserver
properties:
addHeaderXForwardedProto: enable
ip: 1.1.1.1
mappedPort: 2234
port: 32321
sslAlgorithm: high
sslCert: Fortinet_CA_SSL
sslClientRenegotiation: allow
sslDhBits: '2048'
sslMaxVersion: tls-1.2
sslMinVersion: tls-1.1
sslMode: half
sslSendEmptyFrags: enable
urlRewrite: disable
Create Sslserver Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new Sslserver(name: string, args: SslserverArgs, opts?: CustomResourceOptions);
@overload
def Sslserver(resource_name: str,
args: SslserverArgs,
opts: Optional[ResourceOptions] = None)
@overload
def Sslserver(resource_name: str,
opts: Optional[ResourceOptions] = None,
port: Optional[int] = None,
ip: Optional[str] = None,
ssl_cert: Optional[str] = None,
name: Optional[str] = None,
add_header_x_forwarded_proto: Optional[str] = None,
ssl_algorithm: Optional[str] = None,
mapped_port: Optional[int] = None,
ssl_client_renegotiation: Optional[str] = None,
ssl_dh_bits: Optional[str] = None,
ssl_max_version: Optional[str] = None,
ssl_min_version: Optional[str] = None,
ssl_mode: Optional[str] = None,
ssl_send_empty_frags: Optional[str] = None,
url_rewrite: Optional[str] = None,
vdomparam: Optional[str] = None)
func NewSslserver(ctx *Context, name string, args SslserverArgs, opts ...ResourceOption) (*Sslserver, error)
public Sslserver(string name, SslserverArgs args, CustomResourceOptions? opts = null)
public Sslserver(String name, SslserverArgs args)
public Sslserver(String name, SslserverArgs args, CustomResourceOptions options)
type: fortios:firewall:Sslserver
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args SslserverArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args SslserverArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args SslserverArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args SslserverArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args SslserverArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var sslserverResource = new Fortios.Firewall.Sslserver("sslserverResource", new()
{
Port = 0,
Ip = "string",
SslCert = "string",
Name = "string",
AddHeaderXForwardedProto = "string",
SslAlgorithm = "string",
MappedPort = 0,
SslClientRenegotiation = "string",
SslDhBits = "string",
SslMaxVersion = "string",
SslMinVersion = "string",
SslMode = "string",
SslSendEmptyFrags = "string",
UrlRewrite = "string",
Vdomparam = "string",
});
example, err := firewall.NewSslserver(ctx, "sslserverResource", &firewall.SslserverArgs{
Port: pulumi.Int(0),
Ip: pulumi.String("string"),
SslCert: pulumi.String("string"),
Name: pulumi.String("string"),
AddHeaderXForwardedProto: pulumi.String("string"),
SslAlgorithm: pulumi.String("string"),
MappedPort: pulumi.Int(0),
SslClientRenegotiation: pulumi.String("string"),
SslDhBits: pulumi.String("string"),
SslMaxVersion: pulumi.String("string"),
SslMinVersion: pulumi.String("string"),
SslMode: pulumi.String("string"),
SslSendEmptyFrags: pulumi.String("string"),
UrlRewrite: pulumi.String("string"),
Vdomparam: pulumi.String("string"),
})
var sslserverResource = new Sslserver("sslserverResource", SslserverArgs.builder()
.port(0)
.ip("string")
.sslCert("string")
.name("string")
.addHeaderXForwardedProto("string")
.sslAlgorithm("string")
.mappedPort(0)
.sslClientRenegotiation("string")
.sslDhBits("string")
.sslMaxVersion("string")
.sslMinVersion("string")
.sslMode("string")
.sslSendEmptyFrags("string")
.urlRewrite("string")
.vdomparam("string")
.build());
sslserver_resource = fortios.firewall.Sslserver("sslserverResource",
port=0,
ip="string",
ssl_cert="string",
name="string",
add_header_x_forwarded_proto="string",
ssl_algorithm="string",
mapped_port=0,
ssl_client_renegotiation="string",
ssl_dh_bits="string",
ssl_max_version="string",
ssl_min_version="string",
ssl_mode="string",
ssl_send_empty_frags="string",
url_rewrite="string",
vdomparam="string")
const sslserverResource = new fortios.firewall.Sslserver("sslserverResource", {
port: 0,
ip: "string",
sslCert: "string",
name: "string",
addHeaderXForwardedProto: "string",
sslAlgorithm: "string",
mappedPort: 0,
sslClientRenegotiation: "string",
sslDhBits: "string",
sslMaxVersion: "string",
sslMinVersion: "string",
sslMode: "string",
sslSendEmptyFrags: "string",
urlRewrite: "string",
vdomparam: "string",
});
type: fortios:firewall:Sslserver
properties:
addHeaderXForwardedProto: string
ip: string
mappedPort: 0
name: string
port: 0
sslAlgorithm: string
sslCert: string
sslClientRenegotiation: string
sslDhBits: string
sslMaxVersion: string
sslMinVersion: string
sslMode: string
sslSendEmptyFrags: string
urlRewrite: string
vdomparam: string
Sslserver Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The Sslserver resource accepts the following input properties:
- Ip string
- IPv4 address of the SSL server.
- Port int
- Server service port (1 - 65535, default = 443).
- Ssl
Cert string - Name of certificate for SSL connections to this server. On FortiOS versions 6.2.0-7.2.8: default = "Fortinet_CA_SSL". On FortiOS versions 7.4.0-7.4.1: default = "Fortinet_SSL".
- Add
Header stringXForwarded Proto - Enable/disable adding an X-Forwarded-Proto header to forwarded requests. Valid values:
enable
,disable
. - Mapped
Port int - Mapped server service port (1 - 65535, default = 80).
- Name string
- Server name.
- Ssl
Algorithm string - Relative strength of encryption algorithms accepted in negotiation. Valid values:
high
,medium
,low
. - Ssl
Client stringRenegotiation - Allow or block client renegotiation by server. Valid values:
allow
,deny
,secure
. - Ssl
Dh stringBits - Bit-size of Diffie-Hellman (DH) prime used in DHE-RSA negotiation (default = 2048). Valid values:
768
,1024
,1536
,2048
. - Ssl
Max stringVersion - Highest SSL/TLS version to negotiate.
- Ssl
Min stringVersion - Lowest SSL/TLS version to negotiate.
- Ssl
Mode string - SSL/TLS mode for encryption and decryption of traffic. Valid values:
half
,full
. - Ssl
Send stringEmpty Frags - Enable/disable sending empty fragments to avoid attack on CBC IV. Valid values:
enable
,disable
. - Url
Rewrite string - Enable/disable rewriting the URL. Valid values:
enable
,disable
. - Vdomparam string
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- Ip string
- IPv4 address of the SSL server.
- Port int
- Server service port (1 - 65535, default = 443).
- Ssl
Cert string - Name of certificate for SSL connections to this server. On FortiOS versions 6.2.0-7.2.8: default = "Fortinet_CA_SSL". On FortiOS versions 7.4.0-7.4.1: default = "Fortinet_SSL".
- Add
Header stringXForwarded Proto - Enable/disable adding an X-Forwarded-Proto header to forwarded requests. Valid values:
enable
,disable
. - Mapped
Port int - Mapped server service port (1 - 65535, default = 80).
- Name string
- Server name.
- Ssl
Algorithm string - Relative strength of encryption algorithms accepted in negotiation. Valid values:
high
,medium
,low
. - Ssl
Client stringRenegotiation - Allow or block client renegotiation by server. Valid values:
allow
,deny
,secure
. - Ssl
Dh stringBits - Bit-size of Diffie-Hellman (DH) prime used in DHE-RSA negotiation (default = 2048). Valid values:
768
,1024
,1536
,2048
. - Ssl
Max stringVersion - Highest SSL/TLS version to negotiate.
- Ssl
Min stringVersion - Lowest SSL/TLS version to negotiate.
- Ssl
Mode string - SSL/TLS mode for encryption and decryption of traffic. Valid values:
half
,full
. - Ssl
Send stringEmpty Frags - Enable/disable sending empty fragments to avoid attack on CBC IV. Valid values:
enable
,disable
. - Url
Rewrite string - Enable/disable rewriting the URL. Valid values:
enable
,disable
. - Vdomparam string
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- ip String
- IPv4 address of the SSL server.
- port Integer
- Server service port (1 - 65535, default = 443).
- ssl
Cert String - Name of certificate for SSL connections to this server. On FortiOS versions 6.2.0-7.2.8: default = "Fortinet_CA_SSL". On FortiOS versions 7.4.0-7.4.1: default = "Fortinet_SSL".
- add
Header StringXForwarded Proto - Enable/disable adding an X-Forwarded-Proto header to forwarded requests. Valid values:
enable
,disable
. - mapped
Port Integer - Mapped server service port (1 - 65535, default = 80).
- name String
- Server name.
- ssl
Algorithm String - Relative strength of encryption algorithms accepted in negotiation. Valid values:
high
,medium
,low
. - ssl
Client StringRenegotiation - Allow or block client renegotiation by server. Valid values:
allow
,deny
,secure
. - ssl
Dh StringBits - Bit-size of Diffie-Hellman (DH) prime used in DHE-RSA negotiation (default = 2048). Valid values:
768
,1024
,1536
,2048
. - ssl
Max StringVersion - Highest SSL/TLS version to negotiate.
- ssl
Min StringVersion - Lowest SSL/TLS version to negotiate.
- ssl
Mode String - SSL/TLS mode for encryption and decryption of traffic. Valid values:
half
,full
. - ssl
Send StringEmpty Frags - Enable/disable sending empty fragments to avoid attack on CBC IV. Valid values:
enable
,disable
. - url
Rewrite String - Enable/disable rewriting the URL. Valid values:
enable
,disable
. - vdomparam String
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- ip string
- IPv4 address of the SSL server.
- port number
- Server service port (1 - 65535, default = 443).
- ssl
Cert string - Name of certificate for SSL connections to this server. On FortiOS versions 6.2.0-7.2.8: default = "Fortinet_CA_SSL". On FortiOS versions 7.4.0-7.4.1: default = "Fortinet_SSL".
- add
Header stringXForwarded Proto - Enable/disable adding an X-Forwarded-Proto header to forwarded requests. Valid values:
enable
,disable
. - mapped
Port number - Mapped server service port (1 - 65535, default = 80).
- name string
- Server name.
- ssl
Algorithm string - Relative strength of encryption algorithms accepted in negotiation. Valid values:
high
,medium
,low
. - ssl
Client stringRenegotiation - Allow or block client renegotiation by server. Valid values:
allow
,deny
,secure
. - ssl
Dh stringBits - Bit-size of Diffie-Hellman (DH) prime used in DHE-RSA negotiation (default = 2048). Valid values:
768
,1024
,1536
,2048
. - ssl
Max stringVersion - Highest SSL/TLS version to negotiate.
- ssl
Min stringVersion - Lowest SSL/TLS version to negotiate.
- ssl
Mode string - SSL/TLS mode for encryption and decryption of traffic. Valid values:
half
,full
. - ssl
Send stringEmpty Frags - Enable/disable sending empty fragments to avoid attack on CBC IV. Valid values:
enable
,disable
. - url
Rewrite string - Enable/disable rewriting the URL. Valid values:
enable
,disable
. - vdomparam string
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- ip str
- IPv4 address of the SSL server.
- port int
- Server service port (1 - 65535, default = 443).
- ssl_
cert str - Name of certificate for SSL connections to this server. On FortiOS versions 6.2.0-7.2.8: default = "Fortinet_CA_SSL". On FortiOS versions 7.4.0-7.4.1: default = "Fortinet_SSL".
- add_
header_ strx_ forwarded_ proto - Enable/disable adding an X-Forwarded-Proto header to forwarded requests. Valid values:
enable
,disable
. - mapped_
port int - Mapped server service port (1 - 65535, default = 80).
- name str
- Server name.
- ssl_
algorithm str - Relative strength of encryption algorithms accepted in negotiation. Valid values:
high
,medium
,low
. - ssl_
client_ strrenegotiation - Allow or block client renegotiation by server. Valid values:
allow
,deny
,secure
. - ssl_
dh_ strbits - Bit-size of Diffie-Hellman (DH) prime used in DHE-RSA negotiation (default = 2048). Valid values:
768
,1024
,1536
,2048
. - ssl_
max_ strversion - Highest SSL/TLS version to negotiate.
- ssl_
min_ strversion - Lowest SSL/TLS version to negotiate.
- ssl_
mode str - SSL/TLS mode for encryption and decryption of traffic. Valid values:
half
,full
. - ssl_
send_ strempty_ frags - Enable/disable sending empty fragments to avoid attack on CBC IV. Valid values:
enable
,disable
. - url_
rewrite str - Enable/disable rewriting the URL. Valid values:
enable
,disable
. - vdomparam str
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- ip String
- IPv4 address of the SSL server.
- port Number
- Server service port (1 - 65535, default = 443).
- ssl
Cert String - Name of certificate for SSL connections to this server. On FortiOS versions 6.2.0-7.2.8: default = "Fortinet_CA_SSL". On FortiOS versions 7.4.0-7.4.1: default = "Fortinet_SSL".
- add
Header StringXForwarded Proto - Enable/disable adding an X-Forwarded-Proto header to forwarded requests. Valid values:
enable
,disable
. - mapped
Port Number - Mapped server service port (1 - 65535, default = 80).
- name String
- Server name.
- ssl
Algorithm String - Relative strength of encryption algorithms accepted in negotiation. Valid values:
high
,medium
,low
. - ssl
Client StringRenegotiation - Allow or block client renegotiation by server. Valid values:
allow
,deny
,secure
. - ssl
Dh StringBits - Bit-size of Diffie-Hellman (DH) prime used in DHE-RSA negotiation (default = 2048). Valid values:
768
,1024
,1536
,2048
. - ssl
Max StringVersion - Highest SSL/TLS version to negotiate.
- ssl
Min StringVersion - Lowest SSL/TLS version to negotiate.
- ssl
Mode String - SSL/TLS mode for encryption and decryption of traffic. Valid values:
half
,full
. - ssl
Send StringEmpty Frags - Enable/disable sending empty fragments to avoid attack on CBC IV. Valid values:
enable
,disable
. - url
Rewrite String - Enable/disable rewriting the URL. Valid values:
enable
,disable
. - vdomparam String
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
Outputs
All input properties are implicitly available as output properties. Additionally, the Sslserver resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
- id string
- The provider-assigned unique ID for this managed resource.
- id str
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
Look up Existing Sslserver Resource
Get an existing Sslserver resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: SslserverState, opts?: CustomResourceOptions): Sslserver
@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
add_header_x_forwarded_proto: Optional[str] = None,
ip: Optional[str] = None,
mapped_port: Optional[int] = None,
name: Optional[str] = None,
port: Optional[int] = None,
ssl_algorithm: Optional[str] = None,
ssl_cert: Optional[str] = None,
ssl_client_renegotiation: Optional[str] = None,
ssl_dh_bits: Optional[str] = None,
ssl_max_version: Optional[str] = None,
ssl_min_version: Optional[str] = None,
ssl_mode: Optional[str] = None,
ssl_send_empty_frags: Optional[str] = None,
url_rewrite: Optional[str] = None,
vdomparam: Optional[str] = None) -> Sslserver
func GetSslserver(ctx *Context, name string, id IDInput, state *SslserverState, opts ...ResourceOption) (*Sslserver, error)
public static Sslserver Get(string name, Input<string> id, SslserverState? state, CustomResourceOptions? opts = null)
public static Sslserver get(String name, Output<String> id, SslserverState state, CustomResourceOptions options)
Resource lookup is not supported in YAML
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Add
Header stringXForwarded Proto - Enable/disable adding an X-Forwarded-Proto header to forwarded requests. Valid values:
enable
,disable
. - Ip string
- IPv4 address of the SSL server.
- Mapped
Port int - Mapped server service port (1 - 65535, default = 80).
- Name string
- Server name.
- Port int
- Server service port (1 - 65535, default = 443).
- Ssl
Algorithm string - Relative strength of encryption algorithms accepted in negotiation. Valid values:
high
,medium
,low
. - Ssl
Cert string - Name of certificate for SSL connections to this server. On FortiOS versions 6.2.0-7.2.8: default = "Fortinet_CA_SSL". On FortiOS versions 7.4.0-7.4.1: default = "Fortinet_SSL".
- Ssl
Client stringRenegotiation - Allow or block client renegotiation by server. Valid values:
allow
,deny
,secure
. - Ssl
Dh stringBits - Bit-size of Diffie-Hellman (DH) prime used in DHE-RSA negotiation (default = 2048). Valid values:
768
,1024
,1536
,2048
. - Ssl
Max stringVersion - Highest SSL/TLS version to negotiate.
- Ssl
Min stringVersion - Lowest SSL/TLS version to negotiate.
- Ssl
Mode string - SSL/TLS mode for encryption and decryption of traffic. Valid values:
half
,full
. - Ssl
Send stringEmpty Frags - Enable/disable sending empty fragments to avoid attack on CBC IV. Valid values:
enable
,disable
. - Url
Rewrite string - Enable/disable rewriting the URL. Valid values:
enable
,disable
. - Vdomparam string
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- Add
Header stringXForwarded Proto - Enable/disable adding an X-Forwarded-Proto header to forwarded requests. Valid values:
enable
,disable
. - Ip string
- IPv4 address of the SSL server.
- Mapped
Port int - Mapped server service port (1 - 65535, default = 80).
- Name string
- Server name.
- Port int
- Server service port (1 - 65535, default = 443).
- Ssl
Algorithm string - Relative strength of encryption algorithms accepted in negotiation. Valid values:
high
,medium
,low
. - Ssl
Cert string - Name of certificate for SSL connections to this server. On FortiOS versions 6.2.0-7.2.8: default = "Fortinet_CA_SSL". On FortiOS versions 7.4.0-7.4.1: default = "Fortinet_SSL".
- Ssl
Client stringRenegotiation - Allow or block client renegotiation by server. Valid values:
allow
,deny
,secure
. - Ssl
Dh stringBits - Bit-size of Diffie-Hellman (DH) prime used in DHE-RSA negotiation (default = 2048). Valid values:
768
,1024
,1536
,2048
. - Ssl
Max stringVersion - Highest SSL/TLS version to negotiate.
- Ssl
Min stringVersion - Lowest SSL/TLS version to negotiate.
- Ssl
Mode string - SSL/TLS mode for encryption and decryption of traffic. Valid values:
half
,full
. - Ssl
Send stringEmpty Frags - Enable/disable sending empty fragments to avoid attack on CBC IV. Valid values:
enable
,disable
. - Url
Rewrite string - Enable/disable rewriting the URL. Valid values:
enable
,disable
. - Vdomparam string
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- add
Header StringXForwarded Proto - Enable/disable adding an X-Forwarded-Proto header to forwarded requests. Valid values:
enable
,disable
. - ip String
- IPv4 address of the SSL server.
- mapped
Port Integer - Mapped server service port (1 - 65535, default = 80).
- name String
- Server name.
- port Integer
- Server service port (1 - 65535, default = 443).
- ssl
Algorithm String - Relative strength of encryption algorithms accepted in negotiation. Valid values:
high
,medium
,low
. - ssl
Cert String - Name of certificate for SSL connections to this server. On FortiOS versions 6.2.0-7.2.8: default = "Fortinet_CA_SSL". On FortiOS versions 7.4.0-7.4.1: default = "Fortinet_SSL".
- ssl
Client StringRenegotiation - Allow or block client renegotiation by server. Valid values:
allow
,deny
,secure
. - ssl
Dh StringBits - Bit-size of Diffie-Hellman (DH) prime used in DHE-RSA negotiation (default = 2048). Valid values:
768
,1024
,1536
,2048
. - ssl
Max StringVersion - Highest SSL/TLS version to negotiate.
- ssl
Min StringVersion - Lowest SSL/TLS version to negotiate.
- ssl
Mode String - SSL/TLS mode for encryption and decryption of traffic. Valid values:
half
,full
. - ssl
Send StringEmpty Frags - Enable/disable sending empty fragments to avoid attack on CBC IV. Valid values:
enable
,disable
. - url
Rewrite String - Enable/disable rewriting the URL. Valid values:
enable
,disable
. - vdomparam String
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- add
Header stringXForwarded Proto - Enable/disable adding an X-Forwarded-Proto header to forwarded requests. Valid values:
enable
,disable
. - ip string
- IPv4 address of the SSL server.
- mapped
Port number - Mapped server service port (1 - 65535, default = 80).
- name string
- Server name.
- port number
- Server service port (1 - 65535, default = 443).
- ssl
Algorithm string - Relative strength of encryption algorithms accepted in negotiation. Valid values:
high
,medium
,low
. - ssl
Cert string - Name of certificate for SSL connections to this server. On FortiOS versions 6.2.0-7.2.8: default = "Fortinet_CA_SSL". On FortiOS versions 7.4.0-7.4.1: default = "Fortinet_SSL".
- ssl
Client stringRenegotiation - Allow or block client renegotiation by server. Valid values:
allow
,deny
,secure
. - ssl
Dh stringBits - Bit-size of Diffie-Hellman (DH) prime used in DHE-RSA negotiation (default = 2048). Valid values:
768
,1024
,1536
,2048
. - ssl
Max stringVersion - Highest SSL/TLS version to negotiate.
- ssl
Min stringVersion - Lowest SSL/TLS version to negotiate.
- ssl
Mode string - SSL/TLS mode for encryption and decryption of traffic. Valid values:
half
,full
. - ssl
Send stringEmpty Frags - Enable/disable sending empty fragments to avoid attack on CBC IV. Valid values:
enable
,disable
. - url
Rewrite string - Enable/disable rewriting the URL. Valid values:
enable
,disable
. - vdomparam string
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- add_
header_ strx_ forwarded_ proto - Enable/disable adding an X-Forwarded-Proto header to forwarded requests. Valid values:
enable
,disable
. - ip str
- IPv4 address of the SSL server.
- mapped_
port int - Mapped server service port (1 - 65535, default = 80).
- name str
- Server name.
- port int
- Server service port (1 - 65535, default = 443).
- ssl_
algorithm str - Relative strength of encryption algorithms accepted in negotiation. Valid values:
high
,medium
,low
. - ssl_
cert str - Name of certificate for SSL connections to this server. On FortiOS versions 6.2.0-7.2.8: default = "Fortinet_CA_SSL". On FortiOS versions 7.4.0-7.4.1: default = "Fortinet_SSL".
- ssl_
client_ strrenegotiation - Allow or block client renegotiation by server. Valid values:
allow
,deny
,secure
. - ssl_
dh_ strbits - Bit-size of Diffie-Hellman (DH) prime used in DHE-RSA negotiation (default = 2048). Valid values:
768
,1024
,1536
,2048
. - ssl_
max_ strversion - Highest SSL/TLS version to negotiate.
- ssl_
min_ strversion - Lowest SSL/TLS version to negotiate.
- ssl_
mode str - SSL/TLS mode for encryption and decryption of traffic. Valid values:
half
,full
. - ssl_
send_ strempty_ frags - Enable/disable sending empty fragments to avoid attack on CBC IV. Valid values:
enable
,disable
. - url_
rewrite str - Enable/disable rewriting the URL. Valid values:
enable
,disable
. - vdomparam str
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- add
Header StringXForwarded Proto - Enable/disable adding an X-Forwarded-Proto header to forwarded requests. Valid values:
enable
,disable
. - ip String
- IPv4 address of the SSL server.
- mapped
Port Number - Mapped server service port (1 - 65535, default = 80).
- name String
- Server name.
- port Number
- Server service port (1 - 65535, default = 443).
- ssl
Algorithm String - Relative strength of encryption algorithms accepted in negotiation. Valid values:
high
,medium
,low
. - ssl
Cert String - Name of certificate for SSL connections to this server. On FortiOS versions 6.2.0-7.2.8: default = "Fortinet_CA_SSL". On FortiOS versions 7.4.0-7.4.1: default = "Fortinet_SSL".
- ssl
Client StringRenegotiation - Allow or block client renegotiation by server. Valid values:
allow
,deny
,secure
. - ssl
Dh StringBits - Bit-size of Diffie-Hellman (DH) prime used in DHE-RSA negotiation (default = 2048). Valid values:
768
,1024
,1536
,2048
. - ssl
Max StringVersion - Highest SSL/TLS version to negotiate.
- ssl
Min StringVersion - Lowest SSL/TLS version to negotiate.
- ssl
Mode String - SSL/TLS mode for encryption and decryption of traffic. Valid values:
half
,full
. - ssl
Send StringEmpty Frags - Enable/disable sending empty fragments to avoid attack on CBC IV. Valid values:
enable
,disable
. - url
Rewrite String - Enable/disable rewriting the URL. Valid values:
enable
,disable
. - vdomparam String
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
Import
Firewall SslServer can be imported using any of these accepted formats:
$ pulumi import fortios:firewall/sslserver:Sslserver labelname {{name}}
If you do not want to import arguments of block:
$ export “FORTIOS_IMPORT_TABLE”=“false”
$ pulumi import fortios:firewall/sslserver:Sslserver labelname {{name}}
$ unset “FORTIOS_IMPORT_TABLE”
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- fortios pulumiverse/pulumi-fortios
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
fortios
Terraform Provider.