Class TlsInspectionPolicy
The TlsInspectionPolicy resource contains references to CA pools in Certificate Authority Service and associated metadata.
Implements
Inherited Members
Namespace: Google.Apis.NetworkSecurity.v1.Data
Assembly: Google.Apis.NetworkSecurity.v1.dll
Syntax
public class TlsInspectionPolicy : IDirectResponseSchema
Properties
CaPool
Required. A CA pool resource used to issue interception certificates. The CA pool string has a relative resource path following the form "projects/{project}/locations/{location}/caPools/{ca_pool}".
Declaration
[JsonProperty("caPool")]
public virtual string CaPool { get; set; }
Property Value
Type | Description |
---|---|
string |
CreateTime
object representation of CreateTimeRaw.
Declaration
[JsonIgnore]
[Obsolete("This property is obsolete and may behave unexpectedly; please use CreateTimeDateTimeOffset instead.")]
public virtual object CreateTime { get; set; }
Property Value
Type | Description |
---|---|
object |
CreateTimeDateTimeOffset
DateTimeOffset representation of CreateTimeRaw.
Declaration
[JsonIgnore]
public virtual DateTimeOffset? CreateTimeDateTimeOffset { get; set; }
Property Value
Type | Description |
---|---|
DateTimeOffset? |
CreateTimeRaw
Output only. The timestamp when the resource was created.
Declaration
[JsonProperty("createTime")]
public virtual string CreateTimeRaw { get; set; }
Property Value
Type | Description |
---|---|
string |
CustomTlsFeatures
Optional. List of custom TLS cipher suites selected. This field is valid only if the selected tls_feature_profile is CUSTOM. The compute.SslPoliciesService.ListAvailableFeatures method returns the set of features that can be specified in this list. Note that Secure Web Proxy does not yet honor this field.
Declaration
[JsonProperty("customTlsFeatures")]
public virtual IList<string> CustomTlsFeatures { get; set; }
Property Value
Type | Description |
---|---|
IList<string> |
Description
Optional. Free-text description of the resource.
Declaration
[JsonProperty("description")]
public virtual string Description { get; set; }
Property Value
Type | Description |
---|---|
string |
ETag
The ETag of the item.
Declaration
public virtual string ETag { get; set; }
Property Value
Type | Description |
---|---|
string |
ExcludePublicCaSet
Optional. If FALSE (the default), use our default set of public CAs in addition to any CAs specified in trust_config. These public CAs are currently based on the Mozilla Root Program and are subject to change over time. If TRUE, do not accept our default set of public CAs. Only CAs specified in trust_config will be accepted. This defaults to FALSE (use public CAs in addition to trust_config) for backwards compatibility, but trusting public root CAs is not recommended unless the traffic in question is outbound to public web servers. When possible, prefer setting this to "false" and explicitly specifying trusted CAs and certificates in a TrustConfig. Note that Secure Web Proxy does not yet honor this field.
Declaration
[JsonProperty("excludePublicCaSet")]
public virtual bool? ExcludePublicCaSet { get; set; }
Property Value
Type | Description |
---|---|
bool? |
MinTlsVersion
Optional. Minimum TLS version that the firewall should use when negotiating connections with both clients and servers. If this is not set, then the default value is to allow the broadest set of clients and servers (TLS 1.0 or higher). Setting this to more restrictive values may improve security, but may also prevent the firewall from connecting to some clients or servers. Note that Secure Web Proxy does not yet honor this field.
Declaration
[JsonProperty("minTlsVersion")]
public virtual string MinTlsVersion { get; set; }
Property Value
Type | Description |
---|---|
string |
Name
Required. Name of the resource. Name is of the form projects/{project}/locations/{location}/tlsInspectionPolicies/{tls_inspection_policy} tls_inspection_policy should match the pattern:(^a-z?$).
Declaration
[JsonProperty("name")]
public virtual string Name { get; set; }
Property Value
Type | Description |
---|---|
string |
TlsFeatureProfile
Optional. The selected Profile. If this is not set, then the default value is to allow the broadest set of clients and servers ("PROFILE_COMPATIBLE"). Setting this to more restrictive values may improve security, but may also prevent the TLS inspection proxy from connecting to some clients or servers. Note that Secure Web Proxy does not yet honor this field.
Declaration
[JsonProperty("tlsFeatureProfile")]
public virtual string TlsFeatureProfile { get; set; }
Property Value
Type | Description |
---|---|
string |
TrustConfig
Optional. A TrustConfig resource used when making a connection to the TLS server. This is a relative resource path following the form "projects/{project}/locations/{location}/trustConfigs/{trust_config}". This is necessary to intercept TLS connections to servers with certificates signed by a private CA or self-signed certificates. Note that Secure Web Proxy does not yet honor this field.
Declaration
[JsonProperty("trustConfig")]
public virtual string TrustConfig { get; set; }
Property Value
Type | Description |
---|---|
string |
UpdateTime
object representation of UpdateTimeRaw.
Declaration
[JsonIgnore]
[Obsolete("This property is obsolete and may behave unexpectedly; please use UpdateTimeDateTimeOffset instead.")]
public virtual object UpdateTime { get; set; }
Property Value
Type | Description |
---|---|
object |
UpdateTimeDateTimeOffset
DateTimeOffset representation of UpdateTimeRaw.
Declaration
[JsonIgnore]
public virtual DateTimeOffset? UpdateTimeDateTimeOffset { get; set; }
Property Value
Type | Description |
---|---|
DateTimeOffset? |
UpdateTimeRaw
Output only. The timestamp when the resource was updated.
Declaration
[JsonProperty("updateTime")]
public virtual string UpdateTimeRaw { get; set; }
Property Value
Type | Description |
---|---|
string |