Citrix ADC 12.1 NITRO API Reference

sslfips

Configuration for fips resource.

Properties

(click to see Operations)

Name Data Type Permissions Description
inithsm Read-write FIPS initialization level. The appliance currently supports Level-2 (FIPS 140-2).
Possible values = Level-2
sopassword Read-write Security officer password that will be in effect after you have configured the HSM.
Minimum length = 1
oldsopassword Read-write Old password for the security officer.
Minimum length = 1
userpassword Read-write The Hardware Security Module’s (HSM) User password.
Minimum length = 1
hsmlabel Read-write Label to identify the Hardware Security Module (HSM).
Minimum length = 1
fipsfw Read-write Path to the FIPS firmware file.
Minimum length = 1
erasedata Read-only Erase data.
Default value: FIPS_ERASE
Minimum length = 1
serial Read-only FIPS card serial number.
majorversion Read-only Firmware major version.
minorversion Read-only Firmware minor version.
fipshwmajorversion Read-only FIPS card hardware major version.
fipshwminorversion Read-only FIPS card hardware minor version.
fipshwversionstring Read-only FIPS card hardware extended version string.
flashmemorytotal Read-only Total size of the flash memory on card.
flashmemoryfree Read-only Total size of free flash memory.
sramtotal Read-only Total size of the SRAM memory on card.
sramfree Read-only Total size of free SRAM memory.
status Read-only Status.
flag Read-only Internal Flags.
serialno Read-only FIPS card serial number.
model Read-only FIPS card model info.
state Read-only FIPS card state.
firmwarereleasedate Read-only FIPS card firmware revision date.
coresmax Read-only Maximum number of crypto cores present in the FIPS card.
coresenabled Read-only Number of crypto cores enabled in the FIPS card.

Operations

(click to see Properties)

UPDATE UNSET RESET CHANGE GET (ALL)

Some options that you can use for each operations:

  • Getting warnings in response:NITRO allows you to get warnings in an operation by specifying the "warning" query parameter as "yes". For example, to get warnings while connecting to the Citrix ADC appliance, the URL is as follows:

    http://<Citrix-ADC-IP-address(NSIP)>/nitro/v1/config/login?warning=yes

    If any, the warnings are displayed in the response payload with the HTTP code "209 X-NITRO-WARNING".

  • Authenticated access for individual NITRO operations:NITRO allows you to logon to the Citrix ADC appliance to perform individual operations. You can use this option instead of creating a NITRO session (using the login object) and then using that session to perform all operations,

    To do this, you must specify the username and password in the request header of the NITRO request as follows:

    X-NITRO-USER:<username>

    X-NITRO-PASS:<password>

    Note:In such cases, make sure that the request header DOES not include the following:

    Cookie:NITRO_AUTH_TOKEN=<tokenvalue>

*Note:*

Mandatory parameters are marked in redand placeholder content is marked in <green>.

update

URL:http://<Citrix-ADC-IP-address(NSIP)>/nitro/v1/config/sslfips

HTTP Method:PUT

Request Headers:

Cookie:NITRO_AUTH_TOKEN=<tokenvalue> Content-Type:application/json

Request Payload:


{"sslfips":{
<b>"inithsm":<String_value>,
</b><b>"sopassword":<String_value>,
</b><b>"oldsopassword":<String_value>,
</b><b>"userpassword":<String_value>,
</b>"hsmlabel":<String_value>
}}

<!--NeedCopy-->

Response:

HTTP Status Code on Success: 200 OK HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for Citrix ADC specific errors). The response payload provides details of the error

unset

URL:http://<Citrix-ADC-IP-address(NSIP)>/nitro/v1/config/sslfips?action=unset

HTTP Method:POST

Request Headers:

Cookie:NITRO_AUTH_TOKEN=<tokenvalue> Content-Type:application/json

Request Payload:


{"sslfips":{
"hsmlabel":true
}}

<!--NeedCopy-->

Response:

HTTP Status Code on Success: 200 OK HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for Citrix ADC specific errors). The response payload provides details of the error

reset

URL:http://<Citrix-ADC-IP-address(NSIP)>/nitro/v1/config/sslfips?action=reset

HTTP Method:POST

Request Headers:

Cookie:NITRO_AUTH_TOKEN=<tokenvalue> Content-Type:application/json

Request Payload:


{"sslfips":{
}}

<!--NeedCopy-->

Response:

HTTP Status Code on Success: 200 OK HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for Citrix ADC specific errors). The response payload provides details of the error

change

URL:http://<Citrix-ADC-IP-address(NSIP)>/nitro/v1/config/sslfips?action=update

HTTP Method:POST

Request Headers:

Cookie:NITRO_AUTH_TOKEN=<tokenvalue> Content-Type:application/json

Request Payload:


{"sslfips":{
<b>"fipsfw":<String_value>
</b>}}

<!--NeedCopy-->

Response:

HTTP Status Code on Success: 200 OK HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for Citrix ADC specific errors). The response payload provides details of the error

get (all)

URL:http://<Citrix-ADC-IP-address(NSIP)>/nitro/v1/config/sslfips

HTTP Method:GET

Request Headers:

Cookie:NITRO_AUTH_TOKEN=<tokenvalue> Accept:application/json

Response:

HTTP Status Code on Success: 200 OK HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for Citrix ADC specific errors). The response payload provides details of the errorResponse Headers:

Content-Type:application/json

Response Payload:


{ "sslfips": [ {
"inithsm":<String_value>,
"sopassword":<String_value>,
"userpassword":<String_value>,
"oldsopassword":<String_value>,
"erasedata":<String_value>,
"hsmlabel":<String_value>,
"serial":<Integer_value>,
"majorversion":<Integer_value>,
"minorversion":<Integer_value>,
"fipshwmajorversion":<Integer_value>,
"fipshwminorversion":<Integer_value>,
"fipshwversionstring":<String_value>,
"flashmemorytotal":<Integer_value>,
"flashmemoryfree":<Integer_value>,
"sramtotal":<Integer_value>,
"sramfree":<Integer_value>,
"status":<Integer_value>,
"flag":<Integer_value>,
"serialno":<String_value>,
"model":<String_value>,
"state":<Integer_value>,
"firmwarereleasedate":<String_value>,
"coresmax":<Integer_value>,
"coresenabled":<Integer_value>
}]}

<!--NeedCopy-->
sslfips