{ "additionalProperties": false, "id": "ServerSslProfileBinding", "module_id": "LoadBalancer", "properties": { "certificate_chain_depth": { "default": 3, "description": "authentication depth is used to set the verification depth in the server certificates chain.", "maximum": 2147483647, "minimum": 1, "required": false, "title": "the maximum traversal depth of server certificate chain", "type": "integer" }, "client_certificate_id": { "description": "To support client authentication (load balancer acting as a client authenticating to the backend server), client certificate can be specified in the server-side SSL profile binding", "required": false, "title": "client certificate identifier", "type": "string" }, "server_auth": { "$ref": "ServerAuthType, "default": "IGNORE", "title": "server authentication mode" }, "server_auth_ca_ids": { "description": "If server auth type is REQUIRED, server certificate must be signed by one of the trusted Certificate Authorities (CAs), also referred to as root CAs, whose self signed certificates are specified.", "items": { "type": "string" }, "required": false, "title": "CA identifier list to verify server certificate", "type": "array" }, "server_auth_crl_ids": { "description": "A Certificate Revocation List (CRL) can be specified in the server-side SSL profile binding to disallow compromised server certificates.", "items": { "type": "string" }, "required": false, "title": "CRL identifier list to verify server certificate", "type": "array" }, "ssl_profile_id": { "description": "Server SSL profile defines reusable, application-independent server side SSL properties.", "required": false, "title": "server SSL profile identifier", "type": "string" } }, "type": "object" }