AdvancedOptions
Description
An object that defines the advanced configuration options available for the SSL decryption policy (Note: The field level constraints listed here might not cover all the constraints on the field. Additional constraints might exist.)
Model Properties
| Property | Required | Type | Description | |||
|---|---|---|---|---|---|---|
| stripHttp3 | True | boolean | A boolean value that defines if HTTP3 will be stripped from the protocols advertised by the TLS client. true - Remove HTTP3 from the protocols advertised in the client hello. false - Do not remove HTTP3 from the protocols advertised in the client hello. Field level constraints: cannot be null. (Note: Additional constraints might exist) |
|||
| disallowUntrustedIssuerResign | True | boolean | A boolean value that defines if TLS sessions that are signed by an untrusted certificate authority will be resigned by the system using the certificate authority defined in the policy. Field level constraints: cannot be null. (Note: Additional constraints might exist) |
|||
| tls13Decryption | True | boolean | A boolean value that controls whether TLS 1.3 traffic should be decrypted for the corresponding SSL policy Field level constraints: cannot be null. (Note: Additional constraints might exist) |
|||
| blockExtensions | True | [integer] | A list of integers that defines which TLS extensions will be removed from the client hello and server hello. Removing a TLS extension prevents a client and server from negotiating the use of that extension in a TLS session. Field level constraints: cannot be null. (Note: Additional constraints might exist) |
|||
| type | True | string | A UTF8 string, all letters lower-case, that represents the class-type. This corresponds to the class name. | |||