LBClientSslProfileBinding (schema)

Client SSL profile binding

Client SSL profile binding.
Name Description Type Notes
certificate_chain_depth The maximum traversal depth of client certificate chain

Authentication depth is used to set the verification depth in the client
certificates chain.
integer Minimum: 1
Maximum: 2147483647
Default: "3"
client_auth Client authentication mode

Client authentication mode.
ClientAuthType Default: "IGNORE"
client_auth_ca_paths CA path list to verify client certificate

If client auth type is REQUIRED, client certificate must be signed by
one of the trusted Certificate Authorities (CAs), also referred to as
root CAs, whose self signed certificates are specified.
array of string
client_auth_crl_paths CRL path list to verify client certificate

A Certificate Revocation List (CRL) can be specified in the client-side
SSL profile binding to disallow compromised client certificates.
array of string
default_certificate_path Default service certificate identifier

A default certificate should be specified which will be used if the
server does not host multiple hostnames on the same IP address or if
the client does not support SNI extension.
string Required
sni_certificate_paths SNI certificate path list

Client-side SSL profile binding allows multiple certificates, for
different hostnames, to be bound to the same virtual server.
array of string
ssl_profile_path Client SSL profile path

Client SSL profile defines reusable, application-independent client side
SSL properties.