addSSLCipher - Firepower Threat Defense API v6.2 (FTD v7.2)

Description

The addSSLCipher operation handles configuration related to SSLCipher model.
This API call is not allowed on the standby unit in an HA pair.

HTTP request

POST /api/fdm/v6/object/sslciphers

Data Parameters

Parameter	Required	Type	Description
name	True	string	A unique name for this Cipher object
protocolVersions	True	[object]	List of supported SSL protocol versions. Field level constraints: cannot be blank or empty. (Note: Additional constraints might exist)
securityLevel	True	string	Security Levels Field level constraints: cannot be null. (Note: Additional constraints might exist)
isSystemDefined	False	boolean	A Boolean value, TRUE or FALSE(the default). The TRUE value indicates that this SSL Cipher object is a system defined object
inferredSecurityLevel	False	string	Inferred Security Levels
cipherSuites	False	[object]	List of Cipher suite algorithms for the given protocol and security level. Mandatory parameter only for CUSTOM security level
description	False	string	An optional unicode alphanumeric string containing a description of the object, up to 200 characters. The string cannot include HTML tags Field level constraints: length must be between 0 and 200 (inclusive). (Note: Additional constraints might exist)
type	True	string	SSLCipher

Example

curl -X POST \
    --header "Accept: application/json" \
    --header "Authorization: Bearer ${ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    -d '{
        "cipherSuites": [],
        "description": "string",
        "id": "string",
        "inferredSecurityLevel": "ALL",
        "isSystemDefined": true,
        "name": "string",
        "protocolVersions": [
            "TLSV1"
        ],
        "securityLevel": "ALL",
        "type": "sslcipher",
        "version": "string"
    }' \
    "https://${HOST}:${PORT}/api/fdm/v6/object/sslciphers"

from bravado.requests_client import RequestsClient
from bravado.client import SwaggerClient


def get_client(host, token):
    http_client = RequestsClient()
    http_client.ssl_verify = False
    http_client.set_api_key(
        host,
        "Bearer {}".format(token),
        param_name="Authorization",
        param_in="header"
    )
    return SwaggerClient.from_url(
        "https://{}/apispec/ngfw.json".format(host),
        http_client=http_client,
        config={
            "validate_responses": False,
            "validate_swagger_spec": False
        }
    )


def add_ssl_cipher(client, body):
    return client.SSLCipher.addSSLCipher(
        body=body
    ).response().result


if __name__ == "__main__":
    host = "ftd.example.com"
    token = "access_token"
    client = get_client(host, token)

    body = {'cipherSuites': [],
 'description': 'string',
 'inferredSecurityLevel': 'ALL',
 'isSystemDefined': True,
 'name': 'string',
 'protocolVersions': ['TLSV1'],
 'securityLevel': 'ALL',
 'type': 'sslcipher'}

    add_ssl_cipher(client, body)