Fortios v0.0.6, Jul 9 24

Fortios v0.0.6 published on Tuesday, Jul 9, 2024 by pulumiverse

fortios.firewall.Sslsshprofile

Explore with Pulumi AI

Fortios v0.0.6 published on Tuesday, Jul 9, 2024 by pulumiverse

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as fortios from "@pulumiverse/fortios";

const t1 = new fortios.firewall.Sslsshprofile("t1", {
    ftps: {
        ports: "990",
    },
    https: {
        ports: "443 127 422 392",
    },
    imaps: {
        ports: "993 1123",
    },
    pop3s: {
        ports: "995",
    },
    smtps: {
        ports: "465",
    },
    ssl: {
        inspectAll: "disable",
    },
});
const t2 = new fortios.firewall.Sslsshprofile("t2", {
    https: {
        ports: "443",
    },
    ssl: {
        inspectAll: "deep-inspection",
    },
});

import pulumi
import pulumiverse_fortios as fortios

t1 = fortios.firewall.Sslsshprofile("t1",
    ftps=fortios.firewall.SslsshprofileFtpsArgs(
        ports="990",
    ),
    https=fortios.firewall.SslsshprofileHttpsArgs(
        ports="443 127 422 392",
    ),
    imaps=fortios.firewall.SslsshprofileImapsArgs(
        ports="993 1123",
    ),
    pop3s=fortios.firewall.SslsshprofilePop3sArgs(
        ports="995",
    ),
    smtps=fortios.firewall.SslsshprofileSmtpsArgs(
        ports="465",
    ),
    ssl=fortios.firewall.SslsshprofileSslArgs(
        inspect_all="disable",
    ))
t2 = fortios.firewall.Sslsshprofile("t2",
    https=fortios.firewall.SslsshprofileHttpsArgs(
        ports="443",
    ),
    ssl=fortios.firewall.SslsshprofileSslArgs(
        inspect_all="deep-inspection",
    ))

package main

import (
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
	"github.com/pulumiverse/pulumi-fortios/sdk/go/fortios/firewall"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := firewall.NewSslsshprofile(ctx, "t1", &firewall.SslsshprofileArgs{
			Ftps: &firewall.SslsshprofileFtpsArgs{
				Ports: pulumi.String("990"),
			},
			Https: &firewall.SslsshprofileHttpsArgs{
				Ports: pulumi.String("443 127 422 392"),
			},
			Imaps: &firewall.SslsshprofileImapsArgs{
				Ports: pulumi.String("993 1123"),
			},
			Pop3s: &firewall.SslsshprofilePop3sArgs{
				Ports: pulumi.String("995"),
			},
			Smtps: &firewall.SslsshprofileSmtpsArgs{
				Ports: pulumi.String("465"),
			},
			Ssl: &firewall.SslsshprofileSslArgs{
				InspectAll: pulumi.String("disable"),
			},
		})
		if err != nil {
			return err
		}
		_, err = firewall.NewSslsshprofile(ctx, "t2", &firewall.SslsshprofileArgs{
			Https: &firewall.SslsshprofileHttpsArgs{
				Ports: pulumi.String("443"),
			},
			Ssl: &firewall.SslsshprofileSslArgs{
				InspectAll: pulumi.String("deep-inspection"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Fortios = Pulumiverse.Fortios;

return await Deployment.RunAsync(() => 
{
    var t1 = new Fortios.Firewall.Sslsshprofile("t1", new()
    {
        Ftps = new Fortios.Firewall.Inputs.SslsshprofileFtpsArgs
        {
            Ports = "990",
        },
        Https = new Fortios.Firewall.Inputs.SslsshprofileHttpsArgs
        {
            Ports = "443 127 422 392",
        },
        Imaps = new Fortios.Firewall.Inputs.SslsshprofileImapsArgs
        {
            Ports = "993 1123",
        },
        Pop3s = new Fortios.Firewall.Inputs.SslsshprofilePop3sArgs
        {
            Ports = "995",
        },
        Smtps = new Fortios.Firewall.Inputs.SslsshprofileSmtpsArgs
        {
            Ports = "465",
        },
        Ssl = new Fortios.Firewall.Inputs.SslsshprofileSslArgs
        {
            InspectAll = "disable",
        },
    });

    var t2 = new Fortios.Firewall.Sslsshprofile("t2", new()
    {
        Https = new Fortios.Firewall.Inputs.SslsshprofileHttpsArgs
        {
            Ports = "443",
        },
        Ssl = new Fortios.Firewall.Inputs.SslsshprofileSslArgs
        {
            InspectAll = "deep-inspection",
        },
    });

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.fortios.firewall.Sslsshprofile;
import com.pulumi.fortios.firewall.SslsshprofileArgs;
import com.pulumi.fortios.firewall.inputs.SslsshprofileFtpsArgs;
import com.pulumi.fortios.firewall.inputs.SslsshprofileHttpsArgs;
import com.pulumi.fortios.firewall.inputs.SslsshprofileImapsArgs;
import com.pulumi.fortios.firewall.inputs.SslsshprofilePop3sArgs;
import com.pulumi.fortios.firewall.inputs.SslsshprofileSmtpsArgs;
import com.pulumi.fortios.firewall.inputs.SslsshprofileSslArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var t1 = new Sslsshprofile("t1", SslsshprofileArgs.builder()
            .ftps(SslsshprofileFtpsArgs.builder()
                .ports(990)
                .build())
            .https(SslsshprofileHttpsArgs.builder()
                .ports("443 127 422 392")
                .build())
            .imaps(SslsshprofileImapsArgs.builder()
                .ports("993 1123")
                .build())
            .pop3s(SslsshprofilePop3sArgs.builder()
                .ports(995)
                .build())
            .smtps(SslsshprofileSmtpsArgs.builder()
                .ports(465)
                .build())
            .ssl(SslsshprofileSslArgs.builder()
                .inspectAll("disable")
                .build())
            .build());

        var t2 = new Sslsshprofile("t2", SslsshprofileArgs.builder()
            .https(SslsshprofileHttpsArgs.builder()
                .ports(443)
                .build())
            .ssl(SslsshprofileSslArgs.builder()
                .inspectAll("deep-inspection")
                .build())
            .build());

    }
}

resources:
  t1:
    type: fortios:firewall:Sslsshprofile
    properties:
      ftps:
        ports: 990
      https:
        ports: 443 127 422 392
      imaps:
        ports: 993 1123
      pop3s:
        ports: 995
      smtps:
        ports: 465
      ssl:
        inspectAll: disable
  t2:
    type: fortios:firewall:Sslsshprofile
    properties:
      https:
        ports: 443
      ssl:
        inspectAll: deep-inspection

Create Sslsshprofile Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new Sslsshprofile(name: string, args?: SslsshprofileArgs, opts?: CustomResourceOptions);

@overload
def Sslsshprofile(resource_name: str,
                  args: Optional[SslsshprofileArgs] = None,
                  opts: Optional[ResourceOptions] = None)

@overload
def Sslsshprofile(resource_name: str,
                  opts: Optional[ResourceOptions] = None,
                  allowlist: Optional[str] = None,
                  block_blacklisted_certificates: Optional[str] = None,
                  block_blocklisted_certificates: Optional[str] = None,
                  caname: Optional[str] = None,
                  comment: Optional[str] = None,
                  dot: Optional[SslsshprofileDotArgs] = None,
                  dynamic_sort_subtable: Optional[str] = None,
                  ech_outer_snis: Optional[Sequence[SslsshprofileEchOuterSniArgs]] = None,
                  ftps: Optional[SslsshprofileFtpsArgs] = None,
                  get_all_tables: Optional[str] = None,
                  https: Optional[SslsshprofileHttpsArgs] = None,
                  imaps: Optional[SslsshprofileImapsArgs] = None,
                  mapi_over_https: Optional[str] = None,
                  name: Optional[str] = None,
                  pop3s: Optional[SslsshprofilePop3sArgs] = None,
                  rpc_over_https: Optional[str] = None,
                  server_cert: Optional[str] = None,
                  server_cert_mode: Optional[str] = None,
                  smtps: Optional[SslsshprofileSmtpsArgs] = None,
                  ssh: Optional[SslsshprofileSshArgs] = None,
                  ssl: Optional[SslsshprofileSslArgs] = None,
                  ssl_anomalies_log: Optional[str] = None,
                  ssl_anomaly_log: Optional[str] = None,
                  ssl_exemption_ip_rating: Optional[str] = None,
                  ssl_exemption_log: Optional[str] = None,
                  ssl_exemptions_log: Optional[str] = None,
                  ssl_exempts: Optional[Sequence[SslsshprofileSslExemptArgs]] = None,
                  ssl_handshake_log: Optional[str] = None,
                  ssl_negotiation_log: Optional[str] = None,
                  ssl_server_cert_log: Optional[str] = None,
                  ssl_servers: Optional[Sequence[SslsshprofileSslServerArgs]] = None,
                  supported_alpn: Optional[str] = None,
                  untrusted_caname: Optional[str] = None,
                  use_ssl_server: Optional[str] = None,
                  vdomparam: Optional[str] = None,
                  whitelist: Optional[str] = None)

func NewSslsshprofile(ctx *Context, name string, args *SslsshprofileArgs, opts ...ResourceOption) (*Sslsshprofile, error)

public Sslsshprofile(string name, SslsshprofileArgs? args = null, CustomResourceOptions? opts = null)

public Sslsshprofile(String name, SslsshprofileArgs args)
public Sslsshprofile(String name, SslsshprofileArgs args, CustomResourceOptions options)

type: fortios:firewall:Sslsshprofile
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name string: The unique name of the resource.
args SslsshprofileArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args SslsshprofileArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args SslsshprofileArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args SslsshprofileArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args SslsshprofileArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

Constructor example

The following reference example uses placeholder values for all input properties.

var sslsshprofileResource = new Fortios.Firewall.Sslsshprofile("sslsshprofileResource", new()
{
    Allowlist = "string",
    BlockBlacklistedCertificates = "string",
    BlockBlocklistedCertificates = "string",
    Caname = "string",
    Comment = "string",
    Dot = new Fortios.Firewall.Inputs.SslsshprofileDotArgs
    {
        CertValidationFailure = "string",
        CertValidationTimeout = "string",
        ClientCertificate = "string",
        ExpiredServerCert = "string",
        ProxyAfterTcpHandshake = "string",
        Quic = "string",
        RevokedServerCert = "string",
        SniServerCertCheck = "string",
        Status = "string",
        UnsupportedSslCipher = "string",
        UnsupportedSslNegotiation = "string",
        UnsupportedSslVersion = "string",
        UntrustedServerCert = "string",
    },
    DynamicSortSubtable = "string",
    EchOuterSnis = new[]
    {
        new Fortios.Firewall.Inputs.SslsshprofileEchOuterSniArgs
        {
            Name = "string",
            Sni = "string",
        },
    },
    Ftps = new Fortios.Firewall.Inputs.SslsshprofileFtpsArgs
    {
        CertValidationFailure = "string",
        CertValidationTimeout = "string",
        ClientCertRequest = "string",
        ClientCertificate = "string",
        ExpiredServerCert = "string",
        InvalidServerCert = "string",
        MinAllowedSslVersion = "string",
        Ports = "string",
        RevokedServerCert = "string",
        SniServerCertCheck = "string",
        Status = "string",
        UnsupportedSsl = "string",
        UnsupportedSslCipher = "string",
        UnsupportedSslNegotiation = "string",
        UnsupportedSslVersion = "string",
        UntrustedServerCert = "string",
    },
    GetAllTables = "string",
    Https = new Fortios.Firewall.Inputs.SslsshprofileHttpsArgs
    {
        CertProbeFailure = "string",
        CertValidationFailure = "string",
        CertValidationTimeout = "string",
        ClientCertRequest = "string",
        ClientCertificate = "string",
        EncryptedClientHello = "string",
        ExpiredServerCert = "string",
        InvalidServerCert = "string",
        MinAllowedSslVersion = "string",
        Ports = "string",
        ProxyAfterTcpHandshake = "string",
        Quic = "string",
        RevokedServerCert = "string",
        SniServerCertCheck = "string",
        Status = "string",
        UnsupportedSsl = "string",
        UnsupportedSslCipher = "string",
        UnsupportedSslNegotiation = "string",
        UnsupportedSslVersion = "string",
        UntrustedServerCert = "string",
    },
    Imaps = new Fortios.Firewall.Inputs.SslsshprofileImapsArgs
    {
        CertValidationFailure = "string",
        CertValidationTimeout = "string",
        ClientCertRequest = "string",
        ClientCertificate = "string",
        ExpiredServerCert = "string",
        InvalidServerCert = "string",
        Ports = "string",
        ProxyAfterTcpHandshake = "string",
        RevokedServerCert = "string",
        SniServerCertCheck = "string",
        Status = "string",
        UnsupportedSsl = "string",
        UnsupportedSslCipher = "string",
        UnsupportedSslNegotiation = "string",
        UnsupportedSslVersion = "string",
        UntrustedServerCert = "string",
    },
    MapiOverHttps = "string",
    Name = "string",
    Pop3s = new Fortios.Firewall.Inputs.SslsshprofilePop3sArgs
    {
        CertValidationFailure = "string",
        CertValidationTimeout = "string",
        ClientCertRequest = "string",
        ClientCertificate = "string",
        ExpiredServerCert = "string",
        InvalidServerCert = "string",
        Ports = "string",
        ProxyAfterTcpHandshake = "string",
        RevokedServerCert = "string",
        SniServerCertCheck = "string",
        Status = "string",
        UnsupportedSsl = "string",
        UnsupportedSslCipher = "string",
        UnsupportedSslNegotiation = "string",
        UnsupportedSslVersion = "string",
        UntrustedServerCert = "string",
    },
    RpcOverHttps = "string",
    ServerCert = "string",
    ServerCertMode = "string",
    Smtps = new Fortios.Firewall.Inputs.SslsshprofileSmtpsArgs
    {
        CertValidationFailure = "string",
        CertValidationTimeout = "string",
        ClientCertRequest = "string",
        ClientCertificate = "string",
        ExpiredServerCert = "string",
        InvalidServerCert = "string",
        Ports = "string",
        ProxyAfterTcpHandshake = "string",
        RevokedServerCert = "string",
        SniServerCertCheck = "string",
        Status = "string",
        UnsupportedSsl = "string",
        UnsupportedSslCipher = "string",
        UnsupportedSslNegotiation = "string",
        UnsupportedSslVersion = "string",
        UntrustedServerCert = "string",
    },
    Ssh = new Fortios.Firewall.Inputs.SslsshprofileSshArgs
    {
        InspectAll = "string",
        Ports = "string",
        ProxyAfterTcpHandshake = "string",
        SshAlgorithm = "string",
        SshPolicyCheck = "string",
        SshTunPolicyCheck = "string",
        Status = "string",
        UnsupportedVersion = "string",
    },
    Ssl = new Fortios.Firewall.Inputs.SslsshprofileSslArgs
    {
        CertProbeFailure = "string",
        CertValidationFailure = "string",
        CertValidationTimeout = "string",
        ClientCertRequest = "string",
        ClientCertificate = "string",
        EncryptedClientHello = "string",
        ExpiredServerCert = "string",
        InspectAll = "string",
        InvalidServerCert = "string",
        MinAllowedSslVersion = "string",
        RevokedServerCert = "string",
        SniServerCertCheck = "string",
        UnsupportedSsl = "string",
        UnsupportedSslCipher = "string",
        UnsupportedSslNegotiation = "string",
        UnsupportedSslVersion = "string",
        UntrustedServerCert = "string",
    },
    SslAnomaliesLog = "string",
    SslAnomalyLog = "string",
    SslExemptionIpRating = "string",
    SslExemptionLog = "string",
    SslExemptionsLog = "string",
    SslExempts = new[]
    {
        new Fortios.Firewall.Inputs.SslsshprofileSslExemptArgs
        {
            Address = "string",
            Address6 = "string",
            FortiguardCategory = 0,
            Id = 0,
            Regex = "string",
            Type = "string",
            WildcardFqdn = "string",
        },
    },
    SslHandshakeLog = "string",
    SslNegotiationLog = "string",
    SslServerCertLog = "string",
    SslServers = new[]
    {
        new Fortios.Firewall.Inputs.SslsshprofileSslServerArgs
        {
            FtpsClientCertRequest = "string",
            FtpsClientCertificate = "string",
            HttpsClientCertRequest = "string",
            HttpsClientCertificate = "string",
            Id = 0,
            ImapsClientCertRequest = "string",
            ImapsClientCertificate = "string",
            Ip = "string",
            Pop3sClientCertRequest = "string",
            Pop3sClientCertificate = "string",
            SmtpsClientCertRequest = "string",
            SmtpsClientCertificate = "string",
            SslOtherClientCertRequest = "string",
            SslOtherClientCertificate = "string",
        },
    },
    SupportedAlpn = "string",
    UntrustedCaname = "string",
    UseSslServer = "string",
    Vdomparam = "string",
    Whitelist = "string",
});

example, err := firewall.NewSslsshprofile(ctx, "sslsshprofileResource", &firewall.SslsshprofileArgs{
	Allowlist:                    pulumi.String("string"),
	BlockBlacklistedCertificates: pulumi.String("string"),
	BlockBlocklistedCertificates: pulumi.String("string"),
	Caname:                       pulumi.String("string"),
	Comment:                      pulumi.String("string"),
	Dot: &firewall.SslsshprofileDotArgs{
		CertValidationFailure:     pulumi.String("string"),
		CertValidationTimeout:     pulumi.String("string"),
		ClientCertificate:         pulumi.String("string"),
		ExpiredServerCert:         pulumi.String("string"),
		ProxyAfterTcpHandshake:    pulumi.String("string"),
		Quic:                      pulumi.String("string"),
		RevokedServerCert:         pulumi.String("string"),
		SniServerCertCheck:        pulumi.String("string"),
		Status:                    pulumi.String("string"),
		UnsupportedSslCipher:      pulumi.String("string"),
		UnsupportedSslNegotiation: pulumi.String("string"),
		UnsupportedSslVersion:     pulumi.String("string"),
		UntrustedServerCert:       pulumi.String("string"),
	},
	DynamicSortSubtable: pulumi.String("string"),
	EchOuterSnis: firewall.SslsshprofileEchOuterSniArray{
		&firewall.SslsshprofileEchOuterSniArgs{
			Name: pulumi.String("string"),
			Sni:  pulumi.String("string"),
		},
	},
	Ftps: &firewall.SslsshprofileFtpsArgs{
		CertValidationFailure:     pulumi.String("string"),
		CertValidationTimeout:     pulumi.String("string"),
		ClientCertRequest:         pulumi.String("string"),
		ClientCertificate:         pulumi.String("string"),
		ExpiredServerCert:         pulumi.String("string"),
		InvalidServerCert:         pulumi.String("string"),
		MinAllowedSslVersion:      pulumi.String("string"),
		Ports:                     pulumi.String("string"),
		RevokedServerCert:         pulumi.String("string"),
		SniServerCertCheck:        pulumi.String("string"),
		Status:                    pulumi.String("string"),
		UnsupportedSsl:            pulumi.String("string"),
		UnsupportedSslCipher:      pulumi.String("string"),
		UnsupportedSslNegotiation: pulumi.String("string"),
		UnsupportedSslVersion:     pulumi.String("string"),
		UntrustedServerCert:       pulumi.String("string"),
	},
	GetAllTables: pulumi.String("string"),
	Https: &firewall.SslsshprofileHttpsArgs{
		CertProbeFailure:          pulumi.String("string"),
		CertValidationFailure:     pulumi.String("string"),
		CertValidationTimeout:     pulumi.String("string"),
		ClientCertRequest:         pulumi.String("string"),
		ClientCertificate:         pulumi.String("string"),
		EncryptedClientHello:      pulumi.String("string"),
		ExpiredServerCert:         pulumi.String("string"),
		InvalidServerCert:         pulumi.String("string"),
		MinAllowedSslVersion:      pulumi.String("string"),
		Ports:                     pulumi.String("string"),
		ProxyAfterTcpHandshake:    pulumi.String("string"),
		Quic:                      pulumi.String("string"),
		RevokedServerCert:         pulumi.String("string"),
		SniServerCertCheck:        pulumi.String("string"),
		Status:                    pulumi.String("string"),
		UnsupportedSsl:            pulumi.String("string"),
		UnsupportedSslCipher:      pulumi.String("string"),
		UnsupportedSslNegotiation: pulumi.String("string"),
		UnsupportedSslVersion:     pulumi.String("string"),
		UntrustedServerCert:       pulumi.String("string"),
	},
	Imaps: &firewall.SslsshprofileImapsArgs{
		CertValidationFailure:     pulumi.String("string"),
		CertValidationTimeout:     pulumi.String("string"),
		ClientCertRequest:         pulumi.String("string"),
		ClientCertificate:         pulumi.String("string"),
		ExpiredServerCert:         pulumi.String("string"),
		InvalidServerCert:         pulumi.String("string"),
		Ports:                     pulumi.String("string"),
		ProxyAfterTcpHandshake:    pulumi.String("string"),
		RevokedServerCert:         pulumi.String("string"),
		SniServerCertCheck:        pulumi.String("string"),
		Status:                    pulumi.String("string"),
		UnsupportedSsl:            pulumi.String("string"),
		UnsupportedSslCipher:      pulumi.String("string"),
		UnsupportedSslNegotiation: pulumi.String("string"),
		UnsupportedSslVersion:     pulumi.String("string"),
		UntrustedServerCert:       pulumi.String("string"),
	},
	MapiOverHttps: pulumi.String("string"),
	Name:          pulumi.String("string"),
	Pop3s: &firewall.SslsshprofilePop3sArgs{
		CertValidationFailure:     pulumi.String("string"),
		CertValidationTimeout:     pulumi.String("string"),
		ClientCertRequest:         pulumi.String("string"),
		ClientCertificate:         pulumi.String("string"),
		ExpiredServerCert:         pulumi.String("string"),
		InvalidServerCert:         pulumi.String("string"),
		Ports:                     pulumi.String("string"),
		ProxyAfterTcpHandshake:    pulumi.String("string"),
		RevokedServerCert:         pulumi.String("string"),
		SniServerCertCheck:        pulumi.String("string"),
		Status:                    pulumi.String("string"),
		UnsupportedSsl:            pulumi.String("string"),
		UnsupportedSslCipher:      pulumi.String("string"),
		UnsupportedSslNegotiation: pulumi.String("string"),
		UnsupportedSslVersion:     pulumi.String("string"),
		UntrustedServerCert:       pulumi.String("string"),
	},
	RpcOverHttps:   pulumi.String("string"),
	ServerCert:     pulumi.String("string"),
	ServerCertMode: pulumi.String("string"),
	Smtps: &firewall.SslsshprofileSmtpsArgs{
		CertValidationFailure:     pulumi.String("string"),
		CertValidationTimeout:     pulumi.String("string"),
		ClientCertRequest:         pulumi.String("string"),
		ClientCertificate:         pulumi.String("string"),
		ExpiredServerCert:         pulumi.String("string"),
		InvalidServerCert:         pulumi.String("string"),
		Ports:                     pulumi.String("string"),
		ProxyAfterTcpHandshake:    pulumi.String("string"),
		RevokedServerCert:         pulumi.String("string"),
		SniServerCertCheck:        pulumi.String("string"),
		Status:                    pulumi.String("string"),
		UnsupportedSsl:            pulumi.String("string"),
		UnsupportedSslCipher:      pulumi.String("string"),
		UnsupportedSslNegotiation: pulumi.String("string"),
		UnsupportedSslVersion:     pulumi.String("string"),
		UntrustedServerCert:       pulumi.String("string"),
	},
	Ssh: &firewall.SslsshprofileSshArgs{
		InspectAll:             pulumi.String("string"),
		Ports:                  pulumi.String("string"),
		ProxyAfterTcpHandshake: pulumi.String("string"),
		SshAlgorithm:           pulumi.String("string"),
		SshPolicyCheck:         pulumi.String("string"),
		SshTunPolicyCheck:      pulumi.String("string"),
		Status:                 pulumi.String("string"),
		UnsupportedVersion:     pulumi.String("string"),
	},
	Ssl: &firewall.SslsshprofileSslArgs{
		CertProbeFailure:          pulumi.String("string"),
		CertValidationFailure:     pulumi.String("string"),
		CertValidationTimeout:     pulumi.String("string"),
		ClientCertRequest:         pulumi.String("string"),
		ClientCertificate:         pulumi.String("string"),
		EncryptedClientHello:      pulumi.String("string"),
		ExpiredServerCert:         pulumi.String("string"),
		InspectAll:                pulumi.String("string"),
		InvalidServerCert:         pulumi.String("string"),
		MinAllowedSslVersion:      pulumi.String("string"),
		RevokedServerCert:         pulumi.String("string"),
		SniServerCertCheck:        pulumi.String("string"),
		UnsupportedSsl:            pulumi.String("string"),
		UnsupportedSslCipher:      pulumi.String("string"),
		UnsupportedSslNegotiation: pulumi.String("string"),
		UnsupportedSslVersion:     pulumi.String("string"),
		UntrustedServerCert:       pulumi.String("string"),
	},
	SslAnomaliesLog:      pulumi.String("string"),
	SslAnomalyLog:        pulumi.String("string"),
	SslExemptionIpRating: pulumi.String("string"),
	SslExemptionLog:      pulumi.String("string"),
	SslExemptionsLog:     pulumi.String("string"),
	SslExempts: firewall.SslsshprofileSslExemptArray{
		&firewall.SslsshprofileSslExemptArgs{
			Address:            pulumi.String("string"),
			Address6:           pulumi.String("string"),
			FortiguardCategory: pulumi.Int(0),
			Id:                 pulumi.Int(0),
			Regex:              pulumi.String("string"),
			Type:               pulumi.String("string"),
			WildcardFqdn:       pulumi.String("string"),
		},
	},
	SslHandshakeLog:   pulumi.String("string"),
	SslNegotiationLog: pulumi.String("string"),
	SslServerCertLog:  pulumi.String("string"),
	SslServers: firewall.SslsshprofileSslServerArray{
		&firewall.SslsshprofileSslServerArgs{
			FtpsClientCertRequest:     pulumi.String("string"),
			FtpsClientCertificate:     pulumi.String("string"),
			HttpsClientCertRequest:    pulumi.String("string"),
			HttpsClientCertificate:    pulumi.String("string"),
			Id:                        pulumi.Int(0),
			ImapsClientCertRequest:    pulumi.String("string"),
			ImapsClientCertificate:    pulumi.String("string"),
			Ip:                        pulumi.String("string"),
			Pop3sClientCertRequest:    pulumi.String("string"),
			Pop3sClientCertificate:    pulumi.String("string"),
			SmtpsClientCertRequest:    pulumi.String("string"),
			SmtpsClientCertificate:    pulumi.String("string"),
			SslOtherClientCertRequest: pulumi.String("string"),
			SslOtherClientCertificate: pulumi.String("string"),
		},
	},
	SupportedAlpn:   pulumi.String("string"),
	UntrustedCaname: pulumi.String("string"),
	UseSslServer:    pulumi.String("string"),
	Vdomparam:       pulumi.String("string"),
	Whitelist:       pulumi.String("string"),
})

var sslsshprofileResource = new Sslsshprofile("sslsshprofileResource", SslsshprofileArgs.builder()
    .allowlist("string")
    .blockBlacklistedCertificates("string")
    .blockBlocklistedCertificates("string")
    .caname("string")
    .comment("string")
    .dot(SslsshprofileDotArgs.builder()
        .certValidationFailure("string")
        .certValidationTimeout("string")
        .clientCertificate("string")
        .expiredServerCert("string")
        .proxyAfterTcpHandshake("string")
        .quic("string")
        .revokedServerCert("string")
        .sniServerCertCheck("string")
        .status("string")
        .unsupportedSslCipher("string")
        .unsupportedSslNegotiation("string")
        .unsupportedSslVersion("string")
        .untrustedServerCert("string")
        .build())
    .dynamicSortSubtable("string")
    .echOuterSnis(SslsshprofileEchOuterSniArgs.builder()
        .name("string")
        .sni("string")
        .build())
    .ftps(SslsshprofileFtpsArgs.builder()
        .certValidationFailure("string")
        .certValidationTimeout("string")
        .clientCertRequest("string")
        .clientCertificate("string")
        .expiredServerCert("string")
        .invalidServerCert("string")
        .minAllowedSslVersion("string")
        .ports("string")
        .revokedServerCert("string")
        .sniServerCertCheck("string")
        .status("string")
        .unsupportedSsl("string")
        .unsupportedSslCipher("string")
        .unsupportedSslNegotiation("string")
        .unsupportedSslVersion("string")
        .untrustedServerCert("string")
        .build())
    .getAllTables("string")
    .https(SslsshprofileHttpsArgs.builder()
        .certProbeFailure("string")
        .certValidationFailure("string")
        .certValidationTimeout("string")
        .clientCertRequest("string")
        .clientCertificate("string")
        .encryptedClientHello("string")
        .expiredServerCert("string")
        .invalidServerCert("string")
        .minAllowedSslVersion("string")
        .ports("string")
        .proxyAfterTcpHandshake("string")
        .quic("string")
        .revokedServerCert("string")
        .sniServerCertCheck("string")
        .status("string")
        .unsupportedSsl("string")
        .unsupportedSslCipher("string")
        .unsupportedSslNegotiation("string")
        .unsupportedSslVersion("string")
        .untrustedServerCert("string")
        .build())
    .imaps(SslsshprofileImapsArgs.builder()
        .certValidationFailure("string")
        .certValidationTimeout("string")
        .clientCertRequest("string")
        .clientCertificate("string")
        .expiredServerCert("string")
        .invalidServerCert("string")
        .ports("string")
        .proxyAfterTcpHandshake("string")
        .revokedServerCert("string")
        .sniServerCertCheck("string")
        .status("string")
        .unsupportedSsl("string")
        .unsupportedSslCipher("string")
        .unsupportedSslNegotiation("string")
        .unsupportedSslVersion("string")
        .untrustedServerCert("string")
        .build())
    .mapiOverHttps("string")
    .name("string")
    .pop3s(SslsshprofilePop3sArgs.builder()
        .certValidationFailure("string")
        .certValidationTimeout("string")
        .clientCertRequest("string")
        .clientCertificate("string")
        .expiredServerCert("string")
        .invalidServerCert("string")
        .ports("string")
        .proxyAfterTcpHandshake("string")
        .revokedServerCert("string")
        .sniServerCertCheck("string")
        .status("string")
        .unsupportedSsl("string")
        .unsupportedSslCipher("string")
        .unsupportedSslNegotiation("string")
        .unsupportedSslVersion("string")
        .untrustedServerCert("string")
        .build())
    .rpcOverHttps("string")
    .serverCert("string")
    .serverCertMode("string")
    .smtps(SslsshprofileSmtpsArgs.builder()
        .certValidationFailure("string")
        .certValidationTimeout("string")
        .clientCertRequest("string")
        .clientCertificate("string")
        .expiredServerCert("string")
        .invalidServerCert("string")
        .ports("string")
        .proxyAfterTcpHandshake("string")
        .revokedServerCert("string")
        .sniServerCertCheck("string")
        .status("string")
        .unsupportedSsl("string")
        .unsupportedSslCipher("string")
        .unsupportedSslNegotiation("string")
        .unsupportedSslVersion("string")
        .untrustedServerCert("string")
        .build())
    .ssh(SslsshprofileSshArgs.builder()
        .inspectAll("string")
        .ports("string")
        .proxyAfterTcpHandshake("string")
        .sshAlgorithm("string")
        .sshPolicyCheck("string")
        .sshTunPolicyCheck("string")
        .status("string")
        .unsupportedVersion("string")
        .build())
    .ssl(SslsshprofileSslArgs.builder()
        .certProbeFailure("string")
        .certValidationFailure("string")
        .certValidationTimeout("string")
        .clientCertRequest("string")
        .clientCertificate("string")
        .encryptedClientHello("string")
        .expiredServerCert("string")
        .inspectAll("string")
        .invalidServerCert("string")
        .minAllowedSslVersion("string")
        .revokedServerCert("string")
        .sniServerCertCheck("string")
        .unsupportedSsl("string")
        .unsupportedSslCipher("string")
        .unsupportedSslNegotiation("string")
        .unsupportedSslVersion("string")
        .untrustedServerCert("string")
        .build())
    .sslAnomaliesLog("string")
    .sslAnomalyLog("string")
    .sslExemptionIpRating("string")
    .sslExemptionLog("string")
    .sslExemptionsLog("string")
    .sslExempts(SslsshprofileSslExemptArgs.builder()
        .address("string")
        .address6("string")
        .fortiguardCategory(0)
        .id(0)
        .regex("string")
        .type("string")
        .wildcardFqdn("string")
        .build())
    .sslHandshakeLog("string")
    .sslNegotiationLog("string")
    .sslServerCertLog("string")
    .sslServers(SslsshprofileSslServerArgs.builder()
        .ftpsClientCertRequest("string")
        .ftpsClientCertificate("string")
        .httpsClientCertRequest("string")
        .httpsClientCertificate("string")
        .id(0)
        .imapsClientCertRequest("string")
        .imapsClientCertificate("string")
        .ip("string")
        .pop3sClientCertRequest("string")
        .pop3sClientCertificate("string")
        .smtpsClientCertRequest("string")
        .smtpsClientCertificate("string")
        .sslOtherClientCertRequest("string")
        .sslOtherClientCertificate("string")
        .build())
    .supportedAlpn("string")
    .untrustedCaname("string")
    .useSslServer("string")
    .vdomparam("string")
    .whitelist("string")
    .build());

sslsshprofile_resource = fortios.firewall.Sslsshprofile("sslsshprofileResource",
    allowlist="string",
    block_blacklisted_certificates="string",
    block_blocklisted_certificates="string",
    caname="string",
    comment="string",
    dot={
        "cert_validation_failure": "string",
        "cert_validation_timeout": "string",
        "client_certificate": "string",
        "expired_server_cert": "string",
        "proxy_after_tcp_handshake": "string",
        "quic": "string",
        "revoked_server_cert": "string",
        "sni_server_cert_check": "string",
        "status": "string",
        "unsupported_ssl_cipher": "string",
        "unsupported_ssl_negotiation": "string",
        "unsupported_ssl_version": "string",
        "untrusted_server_cert": "string",
    },
    dynamic_sort_subtable="string",
    ech_outer_snis=[{
        "name": "string",
        "sni": "string",
    }],
    ftps={
        "cert_validation_failure": "string",
        "cert_validation_timeout": "string",
        "client_cert_request": "string",
        "client_certificate": "string",
        "expired_server_cert": "string",
        "invalid_server_cert": "string",
        "min_allowed_ssl_version": "string",
        "ports": "string",
        "revoked_server_cert": "string",
        "sni_server_cert_check": "string",
        "status": "string",
        "unsupported_ssl": "string",
        "unsupported_ssl_cipher": "string",
        "unsupported_ssl_negotiation": "string",
        "unsupported_ssl_version": "string",
        "untrusted_server_cert": "string",
    },
    get_all_tables="string",
    https={
        "cert_probe_failure": "string",
        "cert_validation_failure": "string",
        "cert_validation_timeout": "string",
        "client_cert_request": "string",
        "client_certificate": "string",
        "encrypted_client_hello": "string",
        "expired_server_cert": "string",
        "invalid_server_cert": "string",
        "min_allowed_ssl_version": "string",
        "ports": "string",
        "proxy_after_tcp_handshake": "string",
        "quic": "string",
        "revoked_server_cert": "string",
        "sni_server_cert_check": "string",
        "status": "string",
        "unsupported_ssl": "string",
        "unsupported_ssl_cipher": "string",
        "unsupported_ssl_negotiation": "string",
        "unsupported_ssl_version": "string",
        "untrusted_server_cert": "string",
    },
    imaps={
        "cert_validation_failure": "string",
        "cert_validation_timeout": "string",
        "client_cert_request": "string",
        "client_certificate": "string",
        "expired_server_cert": "string",
        "invalid_server_cert": "string",
        "ports": "string",
        "proxy_after_tcp_handshake": "string",
        "revoked_server_cert": "string",
        "sni_server_cert_check": "string",
        "status": "string",
        "unsupported_ssl": "string",
        "unsupported_ssl_cipher": "string",
        "unsupported_ssl_negotiation": "string",
        "unsupported_ssl_version": "string",
        "untrusted_server_cert": "string",
    },
    mapi_over_https="string",
    name="string",
    pop3s={
        "cert_validation_failure": "string",
        "cert_validation_timeout": "string",
        "client_cert_request": "string",
        "client_certificate": "string",
        "expired_server_cert": "string",
        "invalid_server_cert": "string",
        "ports": "string",
        "proxy_after_tcp_handshake": "string",
        "revoked_server_cert": "string",
        "sni_server_cert_check": "string",
        "status": "string",
        "unsupported_ssl": "string",
        "unsupported_ssl_cipher": "string",
        "unsupported_ssl_negotiation": "string",
        "unsupported_ssl_version": "string",
        "untrusted_server_cert": "string",
    },
    rpc_over_https="string",
    server_cert="string",
    server_cert_mode="string",
    smtps={
        "cert_validation_failure": "string",
        "cert_validation_timeout": "string",
        "client_cert_request": "string",
        "client_certificate": "string",
        "expired_server_cert": "string",
        "invalid_server_cert": "string",
        "ports": "string",
        "proxy_after_tcp_handshake": "string",
        "revoked_server_cert": "string",
        "sni_server_cert_check": "string",
        "status": "string",
        "unsupported_ssl": "string",
        "unsupported_ssl_cipher": "string",
        "unsupported_ssl_negotiation": "string",
        "unsupported_ssl_version": "string",
        "untrusted_server_cert": "string",
    },
    ssh={
        "inspect_all": "string",
        "ports": "string",
        "proxy_after_tcp_handshake": "string",
        "ssh_algorithm": "string",
        "ssh_policy_check": "string",
        "ssh_tun_policy_check": "string",
        "status": "string",
        "unsupported_version": "string",
    },
    ssl={
        "cert_probe_failure": "string",
        "cert_validation_failure": "string",
        "cert_validation_timeout": "string",
        "client_cert_request": "string",
        "client_certificate": "string",
        "encrypted_client_hello": "string",
        "expired_server_cert": "string",
        "inspect_all": "string",
        "invalid_server_cert": "string",
        "min_allowed_ssl_version": "string",
        "revoked_server_cert": "string",
        "sni_server_cert_check": "string",
        "unsupported_ssl": "string",
        "unsupported_ssl_cipher": "string",
        "unsupported_ssl_negotiation": "string",
        "unsupported_ssl_version": "string",
        "untrusted_server_cert": "string",
    },
    ssl_anomalies_log="string",
    ssl_anomaly_log="string",
    ssl_exemption_ip_rating="string",
    ssl_exemption_log="string",
    ssl_exemptions_log="string",
    ssl_exempts=[{
        "address": "string",
        "address6": "string",
        "fortiguard_category": 0,
        "id": 0,
        "regex": "string",
        "type": "string",
        "wildcard_fqdn": "string",
    }],
    ssl_handshake_log="string",
    ssl_negotiation_log="string",
    ssl_server_cert_log="string",
    ssl_servers=[{
        "ftps_client_cert_request": "string",
        "ftps_client_certificate": "string",
        "https_client_cert_request": "string",
        "https_client_certificate": "string",
        "id": 0,
        "imaps_client_cert_request": "string",
        "imaps_client_certificate": "string",
        "ip": "string",
        "pop3s_client_cert_request": "string",
        "pop3s_client_certificate": "string",
        "smtps_client_cert_request": "string",
        "smtps_client_certificate": "string",
        "ssl_other_client_cert_request": "string",
        "ssl_other_client_certificate": "string",
    }],
    supported_alpn="string",
    untrusted_caname="string",
    use_ssl_server="string",
    vdomparam="string",
    whitelist="string")

const sslsshprofileResource = new fortios.firewall.Sslsshprofile("sslsshprofileResource", {
    allowlist: "string",
    blockBlacklistedCertificates: "string",
    blockBlocklistedCertificates: "string",
    caname: "string",
    comment: "string",
    dot: {
        certValidationFailure: "string",
        certValidationTimeout: "string",
        clientCertificate: "string",
        expiredServerCert: "string",
        proxyAfterTcpHandshake: "string",
        quic: "string",
        revokedServerCert: "string",
        sniServerCertCheck: "string",
        status: "string",
        unsupportedSslCipher: "string",
        unsupportedSslNegotiation: "string",
        unsupportedSslVersion: "string",
        untrustedServerCert: "string",
    },
    dynamicSortSubtable: "string",
    echOuterSnis: [{
        name: "string",
        sni: "string",
    }],
    ftps: {
        certValidationFailure: "string",
        certValidationTimeout: "string",
        clientCertRequest: "string",
        clientCertificate: "string",
        expiredServerCert: "string",
        invalidServerCert: "string",
        minAllowedSslVersion: "string",
        ports: "string",
        revokedServerCert: "string",
        sniServerCertCheck: "string",
        status: "string",
        unsupportedSsl: "string",
        unsupportedSslCipher: "string",
        unsupportedSslNegotiation: "string",
        unsupportedSslVersion: "string",
        untrustedServerCert: "string",
    },
    getAllTables: "string",
    https: {
        certProbeFailure: "string",
        certValidationFailure: "string",
        certValidationTimeout: "string",
        clientCertRequest: "string",
        clientCertificate: "string",
        encryptedClientHello: "string",
        expiredServerCert: "string",
        invalidServerCert: "string",
        minAllowedSslVersion: "string",
        ports: "string",
        proxyAfterTcpHandshake: "string",
        quic: "string",
        revokedServerCert: "string",
        sniServerCertCheck: "string",
        status: "string",
        unsupportedSsl: "string",
        unsupportedSslCipher: "string",
        unsupportedSslNegotiation: "string",
        unsupportedSslVersion: "string",
        untrustedServerCert: "string",
    },
    imaps: {
        certValidationFailure: "string",
        certValidationTimeout: "string",
        clientCertRequest: "string",
        clientCertificate: "string",
        expiredServerCert: "string",
        invalidServerCert: "string",
        ports: "string",
        proxyAfterTcpHandshake: "string",
        revokedServerCert: "string",
        sniServerCertCheck: "string",
        status: "string",
        unsupportedSsl: "string",
        unsupportedSslCipher: "string",
        unsupportedSslNegotiation: "string",
        unsupportedSslVersion: "string",
        untrustedServerCert: "string",
    },
    mapiOverHttps: "string",
    name: "string",
    pop3s: {
        certValidationFailure: "string",
        certValidationTimeout: "string",
        clientCertRequest: "string",
        clientCertificate: "string",
        expiredServerCert: "string",
        invalidServerCert: "string",
        ports: "string",
        proxyAfterTcpHandshake: "string",
        revokedServerCert: "string",
        sniServerCertCheck: "string",
        status: "string",
        unsupportedSsl: "string",
        unsupportedSslCipher: "string",
        unsupportedSslNegotiation: "string",
        unsupportedSslVersion: "string",
        untrustedServerCert: "string",
    },
    rpcOverHttps: "string",
    serverCert: "string",
    serverCertMode: "string",
    smtps: {
        certValidationFailure: "string",
        certValidationTimeout: "string",
        clientCertRequest: "string",
        clientCertificate: "string",
        expiredServerCert: "string",
        invalidServerCert: "string",
        ports: "string",
        proxyAfterTcpHandshake: "string",
        revokedServerCert: "string",
        sniServerCertCheck: "string",
        status: "string",
        unsupportedSsl: "string",
        unsupportedSslCipher: "string",
        unsupportedSslNegotiation: "string",
        unsupportedSslVersion: "string",
        untrustedServerCert: "string",
    },
    ssh: {
        inspectAll: "string",
        ports: "string",
        proxyAfterTcpHandshake: "string",
        sshAlgorithm: "string",
        sshPolicyCheck: "string",
        sshTunPolicyCheck: "string",
        status: "string",
        unsupportedVersion: "string",
    },
    ssl: {
        certProbeFailure: "string",
        certValidationFailure: "string",
        certValidationTimeout: "string",
        clientCertRequest: "string",
        clientCertificate: "string",
        encryptedClientHello: "string",
        expiredServerCert: "string",
        inspectAll: "string",
        invalidServerCert: "string",
        minAllowedSslVersion: "string",
        revokedServerCert: "string",
        sniServerCertCheck: "string",
        unsupportedSsl: "string",
        unsupportedSslCipher: "string",
        unsupportedSslNegotiation: "string",
        unsupportedSslVersion: "string",
        untrustedServerCert: "string",
    },
    sslAnomaliesLog: "string",
    sslAnomalyLog: "string",
    sslExemptionIpRating: "string",
    sslExemptionLog: "string",
    sslExemptionsLog: "string",
    sslExempts: [{
        address: "string",
        address6: "string",
        fortiguardCategory: 0,
        id: 0,
        regex: "string",
        type: "string",
        wildcardFqdn: "string",
    }],
    sslHandshakeLog: "string",
    sslNegotiationLog: "string",
    sslServerCertLog: "string",
    sslServers: [{
        ftpsClientCertRequest: "string",
        ftpsClientCertificate: "string",
        httpsClientCertRequest: "string",
        httpsClientCertificate: "string",
        id: 0,
        imapsClientCertRequest: "string",
        imapsClientCertificate: "string",
        ip: "string",
        pop3sClientCertRequest: "string",
        pop3sClientCertificate: "string",
        smtpsClientCertRequest: "string",
        smtpsClientCertificate: "string",
        sslOtherClientCertRequest: "string",
        sslOtherClientCertificate: "string",
    }],
    supportedAlpn: "string",
    untrustedCaname: "string",
    useSslServer: "string",
    vdomparam: "string",
    whitelist: "string",
});

type: fortios:firewall:Sslsshprofile
properties:
    allowlist: string
    blockBlacklistedCertificates: string
    blockBlocklistedCertificates: string
    caname: string
    comment: string
    dot:
        certValidationFailure: string
        certValidationTimeout: string
        clientCertificate: string
        expiredServerCert: string
        proxyAfterTcpHandshake: string
        quic: string
        revokedServerCert: string
        sniServerCertCheck: string
        status: string
        unsupportedSslCipher: string
        unsupportedSslNegotiation: string
        unsupportedSslVersion: string
        untrustedServerCert: string
    dynamicSortSubtable: string
    echOuterSnis:
        - name: string
          sni: string
    ftps:
        certValidationFailure: string
        certValidationTimeout: string
        clientCertRequest: string
        clientCertificate: string
        expiredServerCert: string
        invalidServerCert: string
        minAllowedSslVersion: string
        ports: string
        revokedServerCert: string
        sniServerCertCheck: string
        status: string
        unsupportedSsl: string
        unsupportedSslCipher: string
        unsupportedSslNegotiation: string
        unsupportedSslVersion: string
        untrustedServerCert: string
    getAllTables: string
    https:
        certProbeFailure: string
        certValidationFailure: string
        certValidationTimeout: string
        clientCertRequest: string
        clientCertificate: string
        encryptedClientHello: string
        expiredServerCert: string
        invalidServerCert: string
        minAllowedSslVersion: string
        ports: string
        proxyAfterTcpHandshake: string
        quic: string
        revokedServerCert: string
        sniServerCertCheck: string
        status: string
        unsupportedSsl: string
        unsupportedSslCipher: string
        unsupportedSslNegotiation: string
        unsupportedSslVersion: string
        untrustedServerCert: string
    imaps:
        certValidationFailure: string
        certValidationTimeout: string
        clientCertRequest: string
        clientCertificate: string
        expiredServerCert: string
        invalidServerCert: string
        ports: string
        proxyAfterTcpHandshake: string
        revokedServerCert: string
        sniServerCertCheck: string
        status: string
        unsupportedSsl: string
        unsupportedSslCipher: string
        unsupportedSslNegotiation: string
        unsupportedSslVersion: string
        untrustedServerCert: string
    mapiOverHttps: string
    name: string
    pop3s:
        certValidationFailure: string
        certValidationTimeout: string
        clientCertRequest: string
        clientCertificate: string
        expiredServerCert: string
        invalidServerCert: string
        ports: string
        proxyAfterTcpHandshake: string
        revokedServerCert: string
        sniServerCertCheck: string
        status: string
        unsupportedSsl: string
        unsupportedSslCipher: string
        unsupportedSslNegotiation: string
        unsupportedSslVersion: string
        untrustedServerCert: string
    rpcOverHttps: string
    serverCert: string
    serverCertMode: string
    smtps:
        certValidationFailure: string
        certValidationTimeout: string
        clientCertRequest: string
        clientCertificate: string
        expiredServerCert: string
        invalidServerCert: string
        ports: string
        proxyAfterTcpHandshake: string
        revokedServerCert: string
        sniServerCertCheck: string
        status: string
        unsupportedSsl: string
        unsupportedSslCipher: string
        unsupportedSslNegotiation: string
        unsupportedSslVersion: string
        untrustedServerCert: string
    ssh:
        inspectAll: string
        ports: string
        proxyAfterTcpHandshake: string
        sshAlgorithm: string
        sshPolicyCheck: string
        sshTunPolicyCheck: string
        status: string
        unsupportedVersion: string
    ssl:
        certProbeFailure: string
        certValidationFailure: string
        certValidationTimeout: string
        clientCertRequest: string
        clientCertificate: string
        encryptedClientHello: string
        expiredServerCert: string
        inspectAll: string
        invalidServerCert: string
        minAllowedSslVersion: string
        revokedServerCert: string
        sniServerCertCheck: string
        unsupportedSsl: string
        unsupportedSslCipher: string
        unsupportedSslNegotiation: string
        unsupportedSslVersion: string
        untrustedServerCert: string
    sslAnomaliesLog: string
    sslAnomalyLog: string
    sslExemptionIpRating: string
    sslExemptionLog: string
    sslExemptionsLog: string
    sslExempts:
        - address: string
          address6: string
          fortiguardCategory: 0
          id: 0
          regex: string
          type: string
          wildcardFqdn: string
    sslHandshakeLog: string
    sslNegotiationLog: string
    sslServerCertLog: string
    sslServers:
        - ftpsClientCertRequest: string
          ftpsClientCertificate: string
          httpsClientCertRequest: string
          httpsClientCertificate: string
          id: 0
          imapsClientCertRequest: string
          imapsClientCertificate: string
          ip: string
          pop3sClientCertRequest: string
          pop3sClientCertificate: string
          smtpsClientCertRequest: string
          smtpsClientCertificate: string
          sslOtherClientCertRequest: string
          sslOtherClientCertificate: string
    supportedAlpn: string
    untrustedCaname: string
    useSslServer: string
    vdomparam: string
    whitelist: string

Sslsshprofile Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The Sslsshprofile resource accepts the following input properties:

Allowlist string: Enable/disable exempting servers by FortiGuard allowlist. Valid values: enable, disable.
BlockBlacklistedCertificates string: Enable/disable blocking SSL-based botnet communication by FortiGuard certificate blacklist. Valid values: disable, enable.
BlockBlocklistedCertificates string: Enable/disable blocking SSL-based botnet communication by FortiGuard certificate blocklist. Valid values: disable, enable.
Caname string: CA certificate used by SSL Inspection.
Comment string: Optional comments.
Dot Pulumiverse.Fortios.Firewall.Inputs.SslsshprofileDot: Configure DNS over TLS options. The structure of dot block is documented below.
DynamicSortSubtable string: Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
EchOuterSnis List<Pulumiverse.Fortios.Firewall.Inputs.SslsshprofileEchOuterSni>: ClientHelloOuter SNIs to be blocked. The structure of ech_outer_sni block is documented below.
Ftps Pulumiverse.Fortios.Firewall.Inputs.SslsshprofileFtps: Configure FTPS options. The structure of ftps block is documented below.
GetAllTables string: Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
Https Pulumiverse.Fortios.Firewall.Inputs.SslsshprofileHttps: Configure HTTPS options. The structure of https block is documented below.
Imaps Pulumiverse.Fortios.Firewall.Inputs.SslsshprofileImaps: Configure IMAPS options. The structure of imaps block is documented below.
MapiOverHttps string: Enable/disable inspection of MAPI over HTTPS. Valid values: enable, disable.
Name string: Name.
Pop3s Pulumiverse.Fortios.Firewall.Inputs.SslsshprofilePop3s: Configure POP3S options. The structure of pop3s block is documented below.
RpcOverHttps string: Enable/disable inspection of RPC over HTTPS. Valid values: enable, disable.
ServerCert string: Certificate used by SSL Inspection to replace server certificate.
ServerCertMode string: Re-sign or replace the server's certificate. Valid values: re-sign, replace.
Smtps Pulumiverse.Fortios.Firewall.Inputs.SslsshprofileSmtps: Configure SMTPS options. The structure of smtps block is documented below.
Ssh Pulumiverse.Fortios.Firewall.Inputs.SslsshprofileSsh: Configure SSH options. The structure of ssh block is documented below.
Ssl Pulumiverse.Fortios.Firewall.Inputs.SslsshprofileSsl: Configure SSL options. The structure of ssl block is documented below.
SslAnomaliesLog string: Enable/disable logging SSL anomalies. Valid values: disable, enable.
SslAnomalyLog string: Enable/disable logging SSL anomalies. Valid values: disable, enable.
SslExemptionIpRating string: Enable/disable IP based URL rating. Valid values: enable, disable.
SslExemptionLog string: Enable/disable logging SSL exemptions. Valid values: disable, enable.
SslExemptionsLog string: Enable/disable logging SSL exemptions. Valid values: disable, enable.
SslExempts List<Pulumiverse.Fortios.Firewall.Inputs.SslsshprofileSslExempt>: Servers to exempt from SSL inspection. The structure of ssl_exempt block is documented below.
SslHandshakeLog string: Enable/disable logging of TLS handshakes. Valid values: disable, enable.
SslNegotiationLog string: Enable/disable logging SSL negotiation. Valid values: disable, enable.
SslServerCertLog string: Enable/disable logging of server certificate information. Valid values: disable, enable.
SslServers List<Pulumiverse.Fortios.Firewall.Inputs.SslsshprofileSslServer>: SSL servers. The structure of ssl_server block is documented below.
SupportedAlpn string: Configure ALPN option. Valid values: http1-1, http2, all, none.
UntrustedCaname string: Untrusted CA certificate used by SSL Inspection.
UseSslServer string: Enable/disable the use of SSL server table for SSL offloading. Valid values: disable, enable.
Vdomparam string: Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
Whitelist string: Enable/disable exempting servers by FortiGuard whitelist. Valid values: enable, disable.

Allowlist string: Enable/disable exempting servers by FortiGuard allowlist. Valid values: enable, disable.
BlockBlacklistedCertificates string: Enable/disable blocking SSL-based botnet communication by FortiGuard certificate blacklist. Valid values: disable, enable.
BlockBlocklistedCertificates string: Enable/disable blocking SSL-based botnet communication by FortiGuard certificate blocklist. Valid values: disable, enable.
Caname string: CA certificate used by SSL Inspection.
Comment string: Optional comments.
Dot SslsshprofileDotArgs: Configure DNS over TLS options. The structure of dot block is documented below.
DynamicSortSubtable string: Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
EchOuterSnis []SslsshprofileEchOuterSniArgs: ClientHelloOuter SNIs to be blocked. The structure of ech_outer_sni block is documented below.
Ftps SslsshprofileFtpsArgs: Configure FTPS options. The structure of ftps block is documented below.
GetAllTables string: Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
Https SslsshprofileHttpsArgs: Configure HTTPS options. The structure of https block is documented below.
Imaps SslsshprofileImapsArgs: Configure IMAPS options. The structure of imaps block is documented below.
MapiOverHttps string: Enable/disable inspection of MAPI over HTTPS. Valid values: enable, disable.
Name string: Name.
Pop3s SslsshprofilePop3sArgs: Configure POP3S options. The structure of pop3s block is documented below.
RpcOverHttps string: Enable/disable inspection of RPC over HTTPS. Valid values: enable, disable.
ServerCert string: Certificate used by SSL Inspection to replace server certificate.
ServerCertMode string: Re-sign or replace the server's certificate. Valid values: re-sign, replace.
Smtps SslsshprofileSmtpsArgs: Configure SMTPS options. The structure of smtps block is documented below.
Ssh SslsshprofileSshArgs: Configure SSH options. The structure of ssh block is documented below.
Ssl SslsshprofileSslArgs: Configure SSL options. The structure of ssl block is documented below.
SslAnomaliesLog string: Enable/disable logging SSL anomalies. Valid values: disable, enable.
SslAnomalyLog string: Enable/disable logging SSL anomalies. Valid values: disable, enable.
SslExemptionIpRating string: Enable/disable IP based URL rating. Valid values: enable, disable.
SslExemptionLog string: Enable/disable logging SSL exemptions. Valid values: disable, enable.
SslExemptionsLog string: Enable/disable logging SSL exemptions. Valid values: disable, enable.
SslExempts []SslsshprofileSslExemptArgs: Servers to exempt from SSL inspection. The structure of ssl_exempt block is documented below.
SslHandshakeLog string: Enable/disable logging of TLS handshakes. Valid values: disable, enable.
SslNegotiationLog string: Enable/disable logging SSL negotiation. Valid values: disable, enable.
SslServerCertLog string: Enable/disable logging of server certificate information. Valid values: disable, enable.
SslServers []SslsshprofileSslServerArgs: SSL servers. The structure of ssl_server block is documented below.
SupportedAlpn string: Configure ALPN option. Valid values: http1-1, http2, all, none.
UntrustedCaname string: Untrusted CA certificate used by SSL Inspection.
UseSslServer string: Enable/disable the use of SSL server table for SSL offloading. Valid values: disable, enable.
Vdomparam string: Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
Whitelist string: Enable/disable exempting servers by FortiGuard whitelist. Valid values: enable, disable.

allowlist String: Enable/disable exempting servers by FortiGuard allowlist. Valid values: enable, disable.
blockBlacklistedCertificates String: Enable/disable blocking SSL-based botnet communication by FortiGuard certificate blacklist. Valid values: disable, enable.
blockBlocklistedCertificates String: Enable/disable blocking SSL-based botnet communication by FortiGuard certificate blocklist. Valid values: disable, enable.
caname String: CA certificate used by SSL Inspection.
comment String: Optional comments.
dot SslsshprofileDot: Configure DNS over TLS options. The structure of dot block is documented below.
dynamicSortSubtable String: Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
echOuterSnis List<SslsshprofileEchOuterSni>: ClientHelloOuter SNIs to be blocked. The structure of ech_outer_sni block is documented below.
ftps SslsshprofileFtps: Configure FTPS options. The structure of ftps block is documented below.
getAllTables String: Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
https SslsshprofileHttps: Configure HTTPS options. The structure of https block is documented below.
imaps SslsshprofileImaps: Configure IMAPS options. The structure of imaps block is documented below.
mapiOverHttps String: Enable/disable inspection of MAPI over HTTPS. Valid values: enable, disable.
name String: Name.
pop3s SslsshprofilePop3s: Configure POP3S options. The structure of pop3s block is documented below.
rpcOverHttps String: Enable/disable inspection of RPC over HTTPS. Valid values: enable, disable.
serverCert String: Certificate used by SSL Inspection to replace server certificate.
serverCertMode String: Re-sign or replace the server's certificate. Valid values: re-sign, replace.
smtps SslsshprofileSmtps: Configure SMTPS options. The structure of smtps block is documented below.
ssh SslsshprofileSsh: Configure SSH options. The structure of ssh block is documented below.
ssl SslsshprofileSsl: Configure SSL options. The structure of ssl block is documented below.
sslAnomaliesLog String: Enable/disable logging SSL anomalies. Valid values: disable, enable.
sslAnomalyLog String: Enable/disable logging SSL anomalies. Valid values: disable, enable.
sslExemptionIpRating String: Enable/disable IP based URL rating. Valid values: enable, disable.
sslExemptionLog String: Enable/disable logging SSL exemptions. Valid values: disable, enable.
sslExemptionsLog String: Enable/disable logging SSL exemptions. Valid values: disable, enable.
sslExempts List<SslsshprofileSslExempt>: Servers to exempt from SSL inspection. The structure of ssl_exempt block is documented below.
sslHandshakeLog String: Enable/disable logging of TLS handshakes. Valid values: disable, enable.
sslNegotiationLog String: Enable/disable logging SSL negotiation. Valid values: disable, enable.
sslServerCertLog String: Enable/disable logging of server certificate information. Valid values: disable, enable.
sslServers List<SslsshprofileSslServer>: SSL servers. The structure of ssl_server block is documented below.
supportedAlpn String: Configure ALPN option. Valid values: http1-1, http2, all, none.
untrustedCaname String: Untrusted CA certificate used by SSL Inspection.
useSslServer String: Enable/disable the use of SSL server table for SSL offloading. Valid values: disable, enable.
vdomparam String: Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
whitelist String: Enable/disable exempting servers by FortiGuard whitelist. Valid values: enable, disable.

allowlist string: Enable/disable exempting servers by FortiGuard allowlist. Valid values: enable, disable.
blockBlacklistedCertificates string: Enable/disable blocking SSL-based botnet communication by FortiGuard certificate blacklist. Valid values: disable, enable.
blockBlocklistedCertificates string: Enable/disable blocking SSL-based botnet communication by FortiGuard certificate blocklist. Valid values: disable, enable.
caname string: CA certificate used by SSL Inspection.
comment string: Optional comments.
dot SslsshprofileDot: Configure DNS over TLS options. The structure of dot block is documented below.
dynamicSortSubtable string: Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
echOuterSnis SslsshprofileEchOuterSni[]: ClientHelloOuter SNIs to be blocked. The structure of ech_outer_sni block is documented below.
ftps SslsshprofileFtps: Configure FTPS options. The structure of ftps block is documented below.
getAllTables string: Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
https SslsshprofileHttps: Configure HTTPS options. The structure of https block is documented below.
imaps SslsshprofileImaps: Configure IMAPS options. The structure of imaps block is documented below.
mapiOverHttps string: Enable/disable inspection of MAPI over HTTPS. Valid values: enable, disable.
name string: Name.
pop3s SslsshprofilePop3s: Configure POP3S options. The structure of pop3s block is documented below.
rpcOverHttps string: Enable/disable inspection of RPC over HTTPS. Valid values: enable, disable.
serverCert string: Certificate used by SSL Inspection to replace server certificate.
serverCertMode string: Re-sign or replace the server's certificate. Valid values: re-sign, replace.
smtps SslsshprofileSmtps: Configure SMTPS options. The structure of smtps block is documented below.
ssh SslsshprofileSsh: Configure SSH options. The structure of ssh block is documented below.
ssl SslsshprofileSsl: Configure SSL options. The structure of ssl block is documented below.
sslAnomaliesLog string: Enable/disable logging SSL anomalies. Valid values: disable, enable.
sslAnomalyLog string: Enable/disable logging SSL anomalies. Valid values: disable, enable.
sslExemptionIpRating string: Enable/disable IP based URL rating. Valid values: enable, disable.
sslExemptionLog string: Enable/disable logging SSL exemptions. Valid values: disable, enable.
sslExemptionsLog string: Enable/disable logging SSL exemptions. Valid values: disable, enable.
sslExempts SslsshprofileSslExempt[]: Servers to exempt from SSL inspection. The structure of ssl_exempt block is documented below.
sslHandshakeLog string: Enable/disable logging of TLS handshakes. Valid values: disable, enable.
sslNegotiationLog string: Enable/disable logging SSL negotiation. Valid values: disable, enable.
sslServerCertLog string: Enable/disable logging of server certificate information. Valid values: disable, enable.
sslServers SslsshprofileSslServer[]: SSL servers. The structure of ssl_server block is documented below.
supportedAlpn string: Configure ALPN option. Valid values: http1-1, http2, all, none.
untrustedCaname string: Untrusted CA certificate used by SSL Inspection.
useSslServer string: Enable/disable the use of SSL server table for SSL offloading. Valid values: disable, enable.
vdomparam string: Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
whitelist string: Enable/disable exempting servers by FortiGuard whitelist. Valid values: enable, disable.

allowlist str: Enable/disable exempting servers by FortiGuard allowlist. Valid values: enable, disable.
block_blacklisted_certificates str: Enable/disable blocking SSL-based botnet communication by FortiGuard certificate blacklist. Valid values: disable, enable.
block_blocklisted_certificates str: Enable/disable blocking SSL-based botnet communication by FortiGuard certificate blocklist. Valid values: disable, enable.
caname str: CA certificate used by SSL Inspection.
comment str: Optional comments.
dot SslsshprofileDotArgs: Configure DNS over TLS options. The structure of dot block is documented below.
dynamic_sort_subtable str: Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
ech_outer_snis Sequence[SslsshprofileEchOuterSniArgs]: ClientHelloOuter SNIs to be blocked. The structure of ech_outer_sni block is documented below.
ftps SslsshprofileFtpsArgs: Configure FTPS options. The structure of ftps block is documented below.
get_all_tables str: Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
https SslsshprofileHttpsArgs: Configure HTTPS options. The structure of https block is documented below.
imaps SslsshprofileImapsArgs: Configure IMAPS options. The structure of imaps block is documented below.
mapi_over_https str: Enable/disable inspection of MAPI over HTTPS. Valid values: enable, disable.
name str: Name.
pop3s SslsshprofilePop3sArgs: Configure POP3S options. The structure of pop3s block is documented below.
rpc_over_https str: Enable/disable inspection of RPC over HTTPS. Valid values: enable, disable.
server_cert str: Certificate used by SSL Inspection to replace server certificate.
server_cert_mode str: Re-sign or replace the server's certificate. Valid values: re-sign, replace.
smtps SslsshprofileSmtpsArgs: Configure SMTPS options. The structure of smtps block is documented below.
ssh SslsshprofileSshArgs: Configure SSH options. The structure of ssh block is documented below.
ssl SslsshprofileSslArgs: Configure SSL options. The structure of ssl block is documented below.
ssl_anomalies_log str: Enable/disable logging SSL anomalies. Valid values: disable, enable.
ssl_anomaly_log str: Enable/disable logging SSL anomalies. Valid values: disable, enable.
ssl_exemption_ip_rating str: Enable/disable IP based URL rating. Valid values: enable, disable.
ssl_exemption_log str: Enable/disable logging SSL exemptions. Valid values: disable, enable.
ssl_exemptions_log str: Enable/disable logging SSL exemptions. Valid values: disable, enable.
ssl_exempts Sequence[SslsshprofileSslExemptArgs]: Servers to exempt from SSL inspection. The structure of ssl_exempt block is documented below.
ssl_handshake_log str: Enable/disable logging of TLS handshakes. Valid values: disable, enable.
ssl_negotiation_log str: Enable/disable logging SSL negotiation. Valid values: disable, enable.
ssl_server_cert_log str: Enable/disable logging of server certificate information. Valid values: disable, enable.
ssl_servers Sequence[SslsshprofileSslServerArgs]: SSL servers. The structure of ssl_server block is documented below.
supported_alpn str: Configure ALPN option. Valid values: http1-1, http2, all, none.
untrusted_caname str: Untrusted CA certificate used by SSL Inspection.
use_ssl_server str: Enable/disable the use of SSL server table for SSL offloading. Valid values: disable, enable.
vdomparam str: Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
whitelist str: Enable/disable exempting servers by FortiGuard whitelist. Valid values: enable, disable.

allowlist String: Enable/disable exempting servers by FortiGuard allowlist. Valid values: enable, disable.
blockBlacklistedCertificates String: Enable/disable blocking SSL-based botnet communication by FortiGuard certificate blacklist. Valid values: disable, enable.
blockBlocklistedCertificates String: Enable/disable blocking SSL-based botnet communication by FortiGuard certificate blocklist. Valid values: disable, enable.
caname String: CA certificate used by SSL Inspection.
comment String: Optional comments.
dot Property Map: Configure DNS over TLS options. The structure of dot block is documented below.
dynamicSortSubtable String: Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
echOuterSnis List<Property Map>: ClientHelloOuter SNIs to be blocked. The structure of ech_outer_sni block is documented below.
ftps Property Map: Configure FTPS options. The structure of ftps block is documented below.
getAllTables String: Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
https Property Map: Configure HTTPS options. The structure of https block is documented below.
imaps Property Map: Configure IMAPS options. The structure of imaps block is documented below.
mapiOverHttps String: Enable/disable inspection of MAPI over HTTPS. Valid values: enable, disable.
name String: Name.
pop3s Property Map: Configure POP3S options. The structure of pop3s block is documented below.
rpcOverHttps String: Enable/disable inspection of RPC over HTTPS. Valid values: enable, disable.
serverCert String: Certificate used by SSL Inspection to replace server certificate.
serverCertMode String: Re-sign or replace the server's certificate. Valid values: re-sign, replace.
smtps Property Map: Configure SMTPS options. The structure of smtps block is documented below.
ssh Property Map: Configure SSH options. The structure of ssh block is documented below.
ssl Property Map: Configure SSL options. The structure of ssl block is documented below.
sslAnomaliesLog String: Enable/disable logging SSL anomalies. Valid values: disable, enable.
sslAnomalyLog String: Enable/disable logging SSL anomalies. Valid values: disable, enable.
sslExemptionIpRating String: Enable/disable IP based URL rating. Valid values: enable, disable.
sslExemptionLog String: Enable/disable logging SSL exemptions. Valid values: disable, enable.
sslExemptionsLog String: Enable/disable logging SSL exemptions. Valid values: disable, enable.
sslExempts List<Property Map>: Servers to exempt from SSL inspection. The structure of ssl_exempt block is documented below.
sslHandshakeLog String: Enable/disable logging of TLS handshakes. Valid values: disable, enable.
sslNegotiationLog String: Enable/disable logging SSL negotiation. Valid values: disable, enable.
sslServerCertLog String: Enable/disable logging of server certificate information. Valid values: disable, enable.
sslServers List<Property Map>: SSL servers. The structure of ssl_server block is documented below.
supportedAlpn String: Configure ALPN option. Valid values: http1-1, http2, all, none.
untrustedCaname String: Untrusted CA certificate used by SSL Inspection.
useSslServer String: Enable/disable the use of SSL server table for SSL offloading. Valid values: disable, enable.
vdomparam String: Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
whitelist String: Enable/disable exempting servers by FortiGuard whitelist. Valid values: enable, disable.

Outputs

All input properties are implicitly available as output properties. Additionally, the Sslsshprofile resource produces the following output properties:

Id string: The provider-assigned unique ID for this managed resource.

Id string: The provider-assigned unique ID for this managed resource.

id String: The provider-assigned unique ID for this managed resource.

id string: The provider-assigned unique ID for this managed resource.

id str: The provider-assigned unique ID for this managed resource.

id String: The provider-assigned unique ID for this managed resource.

Look up Existing Sslsshprofile Resource

Get an existing Sslsshprofile resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: SslsshprofileState, opts?: CustomResourceOptions): Sslsshprofile

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        allowlist: Optional[str] = None,
        block_blacklisted_certificates: Optional[str] = None,
        block_blocklisted_certificates: Optional[str] = None,
        caname: Optional[str] = None,
        comment: Optional[str] = None,
        dot: Optional[SslsshprofileDotArgs] = None,
        dynamic_sort_subtable: Optional[str] = None,
        ech_outer_snis: Optional[Sequence[SslsshprofileEchOuterSniArgs]] = None,
        ftps: Optional[SslsshprofileFtpsArgs] = None,
        get_all_tables: Optional[str] = None,
        https: Optional[SslsshprofileHttpsArgs] = None,
        imaps: Optional[SslsshprofileImapsArgs] = None,
        mapi_over_https: Optional[str] = None,
        name: Optional[str] = None,
        pop3s: Optional[SslsshprofilePop3sArgs] = None,
        rpc_over_https: Optional[str] = None,
        server_cert: Optional[str] = None,
        server_cert_mode: Optional[str] = None,
        smtps: Optional[SslsshprofileSmtpsArgs] = None,
        ssh: Optional[SslsshprofileSshArgs] = None,
        ssl: Optional[SslsshprofileSslArgs] = None,
        ssl_anomalies_log: Optional[str] = None,
        ssl_anomaly_log: Optional[str] = None,
        ssl_exemption_ip_rating: Optional[str] = None,
        ssl_exemption_log: Optional[str] = None,
        ssl_exemptions_log: Optional[str] = None,
        ssl_exempts: Optional[Sequence[SslsshprofileSslExemptArgs]] = None,
        ssl_handshake_log: Optional[str] = None,
        ssl_negotiation_log: Optional[str] = None,
        ssl_server_cert_log: Optional[str] = None,
        ssl_servers: Optional[Sequence[SslsshprofileSslServerArgs]] = None,
        supported_alpn: Optional[str] = None,
        untrusted_caname: Optional[str] = None,
        use_ssl_server: Optional[str] = None,
        vdomparam: Optional[str] = None,
        whitelist: Optional[str] = None) -> Sslsshprofile

func GetSslsshprofile(ctx *Context, name string, id IDInput, state *SslsshprofileState, opts ...ResourceOption) (*Sslsshprofile, error)

public static Sslsshprofile Get(string name, Input<string> id, SslsshprofileState? state, CustomResourceOptions? opts = null)

public static Sslsshprofile get(String name, Output<String> id, SslsshprofileState state, CustomResourceOptions options)

resources:  _:    type: fortios:firewall:Sslsshprofile    get:      id: ${id}

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

Allowlist string: Enable/disable exempting servers by FortiGuard allowlist. Valid values: enable, disable.
BlockBlacklistedCertificates string: Enable/disable blocking SSL-based botnet communication by FortiGuard certificate blacklist. Valid values: disable, enable.
BlockBlocklistedCertificates string: Enable/disable blocking SSL-based botnet communication by FortiGuard certificate blocklist. Valid values: disable, enable.
Caname string: CA certificate used by SSL Inspection.
Comment string: Optional comments.
Dot Pulumiverse.Fortios.Firewall.Inputs.SslsshprofileDot: Configure DNS over TLS options. The structure of dot block is documented below.
DynamicSortSubtable string: Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
EchOuterSnis List<Pulumiverse.Fortios.Firewall.Inputs.SslsshprofileEchOuterSni>: ClientHelloOuter SNIs to be blocked. The structure of ech_outer_sni block is documented below.
Ftps Pulumiverse.Fortios.Firewall.Inputs.SslsshprofileFtps: Configure FTPS options. The structure of ftps block is documented below.
GetAllTables string: Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
Https Pulumiverse.Fortios.Firewall.Inputs.SslsshprofileHttps: Configure HTTPS options. The structure of https block is documented below.
Imaps Pulumiverse.Fortios.Firewall.Inputs.SslsshprofileImaps: Configure IMAPS options. The structure of imaps block is documented below.
MapiOverHttps string: Enable/disable inspection of MAPI over HTTPS. Valid values: enable, disable.
Name string: Name.
Pop3s Pulumiverse.Fortios.Firewall.Inputs.SslsshprofilePop3s: Configure POP3S options. The structure of pop3s block is documented below.
RpcOverHttps string: Enable/disable inspection of RPC over HTTPS. Valid values: enable, disable.
ServerCert string: Certificate used by SSL Inspection to replace server certificate.
ServerCertMode string: Re-sign or replace the server's certificate. Valid values: re-sign, replace.
Smtps Pulumiverse.Fortios.Firewall.Inputs.SslsshprofileSmtps: Configure SMTPS options. The structure of smtps block is documented below.
Ssh Pulumiverse.Fortios.Firewall.Inputs.SslsshprofileSsh: Configure SSH options. The structure of ssh block is documented below.
Ssl Pulumiverse.Fortios.Firewall.Inputs.SslsshprofileSsl: Configure SSL options. The structure of ssl block is documented below.
SslAnomaliesLog string: Enable/disable logging SSL anomalies. Valid values: disable, enable.
SslAnomalyLog string: Enable/disable logging SSL anomalies. Valid values: disable, enable.
SslExemptionIpRating string: Enable/disable IP based URL rating. Valid values: enable, disable.
SslExemptionLog string: Enable/disable logging SSL exemptions. Valid values: disable, enable.
SslExemptionsLog string: Enable/disable logging SSL exemptions. Valid values: disable, enable.
SslExempts List<Pulumiverse.Fortios.Firewall.Inputs.SslsshprofileSslExempt>: Servers to exempt from SSL inspection. The structure of ssl_exempt block is documented below.
SslHandshakeLog string: Enable/disable logging of TLS handshakes. Valid values: disable, enable.
SslNegotiationLog string: Enable/disable logging SSL negotiation. Valid values: disable, enable.
SslServerCertLog string: Enable/disable logging of server certificate information. Valid values: disable, enable.
SslServers List<Pulumiverse.Fortios.Firewall.Inputs.SslsshprofileSslServer>: SSL servers. The structure of ssl_server block is documented below.
SupportedAlpn string: Configure ALPN option. Valid values: http1-1, http2, all, none.
UntrustedCaname string: Untrusted CA certificate used by SSL Inspection.
UseSslServer string: Enable/disable the use of SSL server table for SSL offloading. Valid values: disable, enable.
Vdomparam string: Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
Whitelist string: Enable/disable exempting servers by FortiGuard whitelist. Valid values: enable, disable.

Allowlist string: Enable/disable exempting servers by FortiGuard allowlist. Valid values: enable, disable.
BlockBlacklistedCertificates string: Enable/disable blocking SSL-based botnet communication by FortiGuard certificate blacklist. Valid values: disable, enable.
BlockBlocklistedCertificates string: Enable/disable blocking SSL-based botnet communication by FortiGuard certificate blocklist. Valid values: disable, enable.
Caname string: CA certificate used by SSL Inspection.
Comment string: Optional comments.
Dot SslsshprofileDotArgs: Configure DNS over TLS options. The structure of dot block is documented below.
DynamicSortSubtable string: Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
EchOuterSnis []SslsshprofileEchOuterSniArgs: ClientHelloOuter SNIs to be blocked. The structure of ech_outer_sni block is documented below.
Ftps SslsshprofileFtpsArgs: Configure FTPS options. The structure of ftps block is documented below.
GetAllTables string: Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
Https SslsshprofileHttpsArgs: Configure HTTPS options. The structure of https block is documented below.
Imaps SslsshprofileImapsArgs: Configure IMAPS options. The structure of imaps block is documented below.
MapiOverHttps string: Enable/disable inspection of MAPI over HTTPS. Valid values: enable, disable.
Name string: Name.
Pop3s SslsshprofilePop3sArgs: Configure POP3S options. The structure of pop3s block is documented below.
RpcOverHttps string: Enable/disable inspection of RPC over HTTPS. Valid values: enable, disable.
ServerCert string: Certificate used by SSL Inspection to replace server certificate.
ServerCertMode string: Re-sign or replace the server's certificate. Valid values: re-sign, replace.
Smtps SslsshprofileSmtpsArgs: Configure SMTPS options. The structure of smtps block is documented below.
Ssh SslsshprofileSshArgs: Configure SSH options. The structure of ssh block is documented below.
Ssl SslsshprofileSslArgs: Configure SSL options. The structure of ssl block is documented below.
SslAnomaliesLog string: Enable/disable logging SSL anomalies. Valid values: disable, enable.
SslAnomalyLog string: Enable/disable logging SSL anomalies. Valid values: disable, enable.
SslExemptionIpRating string: Enable/disable IP based URL rating. Valid values: enable, disable.
SslExemptionLog string: Enable/disable logging SSL exemptions. Valid values: disable, enable.
SslExemptionsLog string: Enable/disable logging SSL exemptions. Valid values: disable, enable.
SslExempts []SslsshprofileSslExemptArgs: Servers to exempt from SSL inspection. The structure of ssl_exempt block is documented below.
SslHandshakeLog string: Enable/disable logging of TLS handshakes. Valid values: disable, enable.
SslNegotiationLog string: Enable/disable logging SSL negotiation. Valid values: disable, enable.
SslServerCertLog string: Enable/disable logging of server certificate information. Valid values: disable, enable.
SslServers []SslsshprofileSslServerArgs: SSL servers. The structure of ssl_server block is documented below.
SupportedAlpn string: Configure ALPN option. Valid values: http1-1, http2, all, none.
UntrustedCaname string: Untrusted CA certificate used by SSL Inspection.
UseSslServer string: Enable/disable the use of SSL server table for SSL offloading. Valid values: disable, enable.
Vdomparam string: Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
Whitelist string: Enable/disable exempting servers by FortiGuard whitelist. Valid values: enable, disable.

allowlist String: Enable/disable exempting servers by FortiGuard allowlist. Valid values: enable, disable.
blockBlacklistedCertificates String: Enable/disable blocking SSL-based botnet communication by FortiGuard certificate blacklist. Valid values: disable, enable.
blockBlocklistedCertificates String: Enable/disable blocking SSL-based botnet communication by FortiGuard certificate blocklist. Valid values: disable, enable.
caname String: CA certificate used by SSL Inspection.
comment String: Optional comments.
dot SslsshprofileDot: Configure DNS over TLS options. The structure of dot block is documented below.
dynamicSortSubtable String: Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
echOuterSnis List<SslsshprofileEchOuterSni>: ClientHelloOuter SNIs to be blocked. The structure of ech_outer_sni block is documented below.
ftps SslsshprofileFtps: Configure FTPS options. The structure of ftps block is documented below.
getAllTables String: Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
https SslsshprofileHttps: Configure HTTPS options. The structure of https block is documented below.
imaps SslsshprofileImaps: Configure IMAPS options. The structure of imaps block is documented below.
mapiOverHttps String: Enable/disable inspection of MAPI over HTTPS. Valid values: enable, disable.
name String: Name.
pop3s SslsshprofilePop3s: Configure POP3S options. The structure of pop3s block is documented below.
rpcOverHttps String: Enable/disable inspection of RPC over HTTPS. Valid values: enable, disable.
serverCert String: Certificate used by SSL Inspection to replace server certificate.
serverCertMode String: Re-sign or replace the server's certificate. Valid values: re-sign, replace.
smtps SslsshprofileSmtps: Configure SMTPS options. The structure of smtps block is documented below.
ssh SslsshprofileSsh: Configure SSH options. The structure of ssh block is documented below.
ssl SslsshprofileSsl: Configure SSL options. The structure of ssl block is documented below.
sslAnomaliesLog String: Enable/disable logging SSL anomalies. Valid values: disable, enable.
sslAnomalyLog String: Enable/disable logging SSL anomalies. Valid values: disable, enable.
sslExemptionIpRating String: Enable/disable IP based URL rating. Valid values: enable, disable.
sslExemptionLog String: Enable/disable logging SSL exemptions. Valid values: disable, enable.
sslExemptionsLog String: Enable/disable logging SSL exemptions. Valid values: disable, enable.
sslExempts List<SslsshprofileSslExempt>: Servers to exempt from SSL inspection. The structure of ssl_exempt block is documented below.
sslHandshakeLog String: Enable/disable logging of TLS handshakes. Valid values: disable, enable.
sslNegotiationLog String: Enable/disable logging SSL negotiation. Valid values: disable, enable.
sslServerCertLog String: Enable/disable logging of server certificate information. Valid values: disable, enable.
sslServers List<SslsshprofileSslServer>: SSL servers. The structure of ssl_server block is documented below.
supportedAlpn String: Configure ALPN option. Valid values: http1-1, http2, all, none.
untrustedCaname String: Untrusted CA certificate used by SSL Inspection.
useSslServer String: Enable/disable the use of SSL server table for SSL offloading. Valid values: disable, enable.
vdomparam String: Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
whitelist String: Enable/disable exempting servers by FortiGuard whitelist. Valid values: enable, disable.

allowlist string: Enable/disable exempting servers by FortiGuard allowlist. Valid values: enable, disable.
blockBlacklistedCertificates string: Enable/disable blocking SSL-based botnet communication by FortiGuard certificate blacklist. Valid values: disable, enable.
blockBlocklistedCertificates string: Enable/disable blocking SSL-based botnet communication by FortiGuard certificate blocklist. Valid values: disable, enable.
caname string: CA certificate used by SSL Inspection.
comment string: Optional comments.
dot SslsshprofileDot: Configure DNS over TLS options. The structure of dot block is documented below.
dynamicSortSubtable string: Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
echOuterSnis SslsshprofileEchOuterSni[]: ClientHelloOuter SNIs to be blocked. The structure of ech_outer_sni block is documented below.
ftps SslsshprofileFtps: Configure FTPS options. The structure of ftps block is documented below.
getAllTables string: Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
https SslsshprofileHttps: Configure HTTPS options. The structure of https block is documented below.
imaps SslsshprofileImaps: Configure IMAPS options. The structure of imaps block is documented below.
mapiOverHttps string: Enable/disable inspection of MAPI over HTTPS. Valid values: enable, disable.
name string: Name.
pop3s SslsshprofilePop3s: Configure POP3S options. The structure of pop3s block is documented below.
rpcOverHttps string: Enable/disable inspection of RPC over HTTPS. Valid values: enable, disable.
serverCert string: Certificate used by SSL Inspection to replace server certificate.
serverCertMode string: Re-sign or replace the server's certificate. Valid values: re-sign, replace.
smtps SslsshprofileSmtps: Configure SMTPS options. The structure of smtps block is documented below.
ssh SslsshprofileSsh: Configure SSH options. The structure of ssh block is documented below.
ssl SslsshprofileSsl: Configure SSL options. The structure of ssl block is documented below.
sslAnomaliesLog string: Enable/disable logging SSL anomalies. Valid values: disable, enable.
sslAnomalyLog string: Enable/disable logging SSL anomalies. Valid values: disable, enable.
sslExemptionIpRating string: Enable/disable IP based URL rating. Valid values: enable, disable.
sslExemptionLog string: Enable/disable logging SSL exemptions. Valid values: disable, enable.
sslExemptionsLog string: Enable/disable logging SSL exemptions. Valid values: disable, enable.
sslExempts SslsshprofileSslExempt[]: Servers to exempt from SSL inspection. The structure of ssl_exempt block is documented below.
sslHandshakeLog string: Enable/disable logging of TLS handshakes. Valid values: disable, enable.
sslNegotiationLog string: Enable/disable logging SSL negotiation. Valid values: disable, enable.
sslServerCertLog string: Enable/disable logging of server certificate information. Valid values: disable, enable.
sslServers SslsshprofileSslServer[]: SSL servers. The structure of ssl_server block is documented below.
supportedAlpn string: Configure ALPN option. Valid values: http1-1, http2, all, none.
untrustedCaname string: Untrusted CA certificate used by SSL Inspection.
useSslServer string: Enable/disable the use of SSL server table for SSL offloading. Valid values: disable, enable.
vdomparam string: Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
whitelist string: Enable/disable exempting servers by FortiGuard whitelist. Valid values: enable, disable.

allowlist str: Enable/disable exempting servers by FortiGuard allowlist. Valid values: enable, disable.
block_blacklisted_certificates str: Enable/disable blocking SSL-based botnet communication by FortiGuard certificate blacklist. Valid values: disable, enable.
block_blocklisted_certificates str: Enable/disable blocking SSL-based botnet communication by FortiGuard certificate blocklist. Valid values: disable, enable.
caname str: CA certificate used by SSL Inspection.
comment str: Optional comments.
dot SslsshprofileDotArgs: Configure DNS over TLS options. The structure of dot block is documented below.
dynamic_sort_subtable str: Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
ech_outer_snis Sequence[SslsshprofileEchOuterSniArgs]: ClientHelloOuter SNIs to be blocked. The structure of ech_outer_sni block is documented below.
ftps SslsshprofileFtpsArgs: Configure FTPS options. The structure of ftps block is documented below.
get_all_tables str: Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
https SslsshprofileHttpsArgs: Configure HTTPS options. The structure of https block is documented below.
imaps SslsshprofileImapsArgs: Configure IMAPS options. The structure of imaps block is documented below.
mapi_over_https str: Enable/disable inspection of MAPI over HTTPS. Valid values: enable, disable.
name str: Name.
pop3s SslsshprofilePop3sArgs: Configure POP3S options. The structure of pop3s block is documented below.
rpc_over_https str: Enable/disable inspection of RPC over HTTPS. Valid values: enable, disable.
server_cert str: Certificate used by SSL Inspection to replace server certificate.
server_cert_mode str: Re-sign or replace the server's certificate. Valid values: re-sign, replace.
smtps SslsshprofileSmtpsArgs: Configure SMTPS options. The structure of smtps block is documented below.
ssh SslsshprofileSshArgs: Configure SSH options. The structure of ssh block is documented below.
ssl SslsshprofileSslArgs: Configure SSL options. The structure of ssl block is documented below.
ssl_anomalies_log str: Enable/disable logging SSL anomalies. Valid values: disable, enable.
ssl_anomaly_log str: Enable/disable logging SSL anomalies. Valid values: disable, enable.
ssl_exemption_ip_rating str: Enable/disable IP based URL rating. Valid values: enable, disable.
ssl_exemption_log str: Enable/disable logging SSL exemptions. Valid values: disable, enable.
ssl_exemptions_log str: Enable/disable logging SSL exemptions. Valid values: disable, enable.
ssl_exempts Sequence[SslsshprofileSslExemptArgs]: Servers to exempt from SSL inspection. The structure of ssl_exempt block is documented below.
ssl_handshake_log str: Enable/disable logging of TLS handshakes. Valid values: disable, enable.
ssl_negotiation_log str: Enable/disable logging SSL negotiation. Valid values: disable, enable.
ssl_server_cert_log str: Enable/disable logging of server certificate information. Valid values: disable, enable.
ssl_servers Sequence[SslsshprofileSslServerArgs]: SSL servers. The structure of ssl_server block is documented below.
supported_alpn str: Configure ALPN option. Valid values: http1-1, http2, all, none.
untrusted_caname str: Untrusted CA certificate used by SSL Inspection.
use_ssl_server str: Enable/disable the use of SSL server table for SSL offloading. Valid values: disable, enable.
vdomparam str: Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
whitelist str: Enable/disable exempting servers by FortiGuard whitelist. Valid values: enable, disable.

allowlist String: Enable/disable exempting servers by FortiGuard allowlist. Valid values: enable, disable.
blockBlacklistedCertificates String: Enable/disable blocking SSL-based botnet communication by FortiGuard certificate blacklist. Valid values: disable, enable.
blockBlocklistedCertificates String: Enable/disable blocking SSL-based botnet communication by FortiGuard certificate blocklist. Valid values: disable, enable.
caname String: CA certificate used by SSL Inspection.
comment String: Optional comments.
dot Property Map: Configure DNS over TLS options. The structure of dot block is documented below.
dynamicSortSubtable String: Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
echOuterSnis List<Property Map>: ClientHelloOuter SNIs to be blocked. The structure of ech_outer_sni block is documented below.
ftps Property Map: Configure FTPS options. The structure of ftps block is documented below.
getAllTables String: Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
https Property Map: Configure HTTPS options. The structure of https block is documented below.
imaps Property Map: Configure IMAPS options. The structure of imaps block is documented below.
mapiOverHttps String: Enable/disable inspection of MAPI over HTTPS. Valid values: enable, disable.
name String: Name.
pop3s Property Map: Configure POP3S options. The structure of pop3s block is documented below.
rpcOverHttps String: Enable/disable inspection of RPC over HTTPS. Valid values: enable, disable.
serverCert String: Certificate used by SSL Inspection to replace server certificate.
serverCertMode String: Re-sign or replace the server's certificate. Valid values: re-sign, replace.
smtps Property Map: Configure SMTPS options. The structure of smtps block is documented below.
ssh Property Map: Configure SSH options. The structure of ssh block is documented below.
ssl Property Map: Configure SSL options. The structure of ssl block is documented below.
sslAnomaliesLog String: Enable/disable logging SSL anomalies. Valid values: disable, enable.
sslAnomalyLog String: Enable/disable logging SSL anomalies. Valid values: disable, enable.
sslExemptionIpRating String: Enable/disable IP based URL rating. Valid values: enable, disable.
sslExemptionLog String: Enable/disable logging SSL exemptions. Valid values: disable, enable.
sslExemptionsLog String: Enable/disable logging SSL exemptions. Valid values: disable, enable.
sslExempts List<Property Map>: Servers to exempt from SSL inspection. The structure of ssl_exempt block is documented below.
sslHandshakeLog String: Enable/disable logging of TLS handshakes. Valid values: disable, enable.
sslNegotiationLog String: Enable/disable logging SSL negotiation. Valid values: disable, enable.
sslServerCertLog String: Enable/disable logging of server certificate information. Valid values: disable, enable.
sslServers List<Property Map>: SSL servers. The structure of ssl_server block is documented below.
supportedAlpn String: Configure ALPN option. Valid values: http1-1, http2, all, none.
untrustedCaname String: Untrusted CA certificate used by SSL Inspection.
useSslServer String: Enable/disable the use of SSL server table for SSL offloading. Valid values: disable, enable.
vdomparam String: Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
whitelist String: Enable/disable exempting servers by FortiGuard whitelist. Valid values: enable, disable.

Supporting Types

SslsshprofileDot, SslsshprofileDotArgs

CertValidationFailure string: Action based on certificate validation failure. Valid values: allow, block, ignore.
CertValidationTimeout string: Action based on certificate validation timeout. Valid values: allow, block, ignore.
ClientCertificate string: Action based on received client certificate. Valid values: bypass, inspect, block.
ExpiredServerCert string: Action based on server certificate is expired. Valid values: allow, block, ignore.
ProxyAfterTcpHandshake string: Proxy traffic after the TCP 3-way handshake has been established (not before). Valid values: enable, disable.
Quic string: QUIC inspection status. On FortiOS versions 7.4.1: default = disable. On FortiOS versions >= 7.4.2: default = inspect.
RevokedServerCert string: Action based on server certificate is revoked. Valid values: allow, block, ignore.
SniServerCertCheck string: Check the SNI in the client hello message with the CN or SAN fields in the returned server certificate. Valid values: enable, strict, disable.
Status string: Configure protocol inspection status. Valid values: disable, deep-inspection.
UnsupportedSslCipher string: Action based on the SSL cipher used being unsupported. Valid values: allow, block.
UnsupportedSslNegotiation string: Action based on the SSL negotiation used being unsupported. Valid values: allow, block.
UnsupportedSslVersion string: Action based on the SSL version used being unsupported.
UntrustedServerCert string: Action based on server certificate is not issued by a trusted CA. Valid values: allow, block, ignore.

CertValidationFailure string: Action based on certificate validation failure. Valid values: allow, block, ignore.
CertValidationTimeout string: Action based on certificate validation timeout. Valid values: allow, block, ignore.
ClientCertificate string: Action based on received client certificate. Valid values: bypass, inspect, block.
ExpiredServerCert string: Action based on server certificate is expired. Valid values: allow, block, ignore.
ProxyAfterTcpHandshake string: Proxy traffic after the TCP 3-way handshake has been established (not before). Valid values: enable, disable.
Quic string: QUIC inspection status. On FortiOS versions 7.4.1: default = disable. On FortiOS versions >= 7.4.2: default = inspect.
RevokedServerCert string: Action based on server certificate is revoked. Valid values: allow, block, ignore.
SniServerCertCheck string: Check the SNI in the client hello message with the CN or SAN fields in the returned server certificate. Valid values: enable, strict, disable.
Status string: Configure protocol inspection status. Valid values: disable, deep-inspection.
UnsupportedSslCipher string: Action based on the SSL cipher used being unsupported. Valid values: allow, block.
UnsupportedSslNegotiation string: Action based on the SSL negotiation used being unsupported. Valid values: allow, block.
UnsupportedSslVersion string: Action based on the SSL version used being unsupported.
UntrustedServerCert string: Action based on server certificate is not issued by a trusted CA. Valid values: allow, block, ignore.

certValidationFailure String: Action based on certificate validation failure. Valid values: allow, block, ignore.
certValidationTimeout String: Action based on certificate validation timeout. Valid values: allow, block, ignore.
clientCertificate String: Action based on received client certificate. Valid values: bypass, inspect, block.
expiredServerCert String: Action based on server certificate is expired. Valid values: allow, block, ignore.
proxyAfterTcpHandshake String: Proxy traffic after the TCP 3-way handshake has been established (not before). Valid values: enable, disable.
quic String: QUIC inspection status. On FortiOS versions 7.4.1: default = disable. On FortiOS versions >= 7.4.2: default = inspect.
revokedServerCert String: Action based on server certificate is revoked. Valid values: allow, block, ignore.
sniServerCertCheck String: Check the SNI in the client hello message with the CN or SAN fields in the returned server certificate. Valid values: enable, strict, disable.
status String: Configure protocol inspection status. Valid values: disable, deep-inspection.
unsupportedSslCipher String: Action based on the SSL cipher used being unsupported. Valid values: allow, block.
unsupportedSslNegotiation String: Action based on the SSL negotiation used being unsupported. Valid values: allow, block.
unsupportedSslVersion String: Action based on the SSL version used being unsupported.
untrustedServerCert String: Action based on server certificate is not issued by a trusted CA. Valid values: allow, block, ignore.

certValidationFailure string: Action based on certificate validation failure. Valid values: allow, block, ignore.
certValidationTimeout string: Action based on certificate validation timeout. Valid values: allow, block, ignore.
clientCertificate string: Action based on received client certificate. Valid values: bypass, inspect, block.
expiredServerCert string: Action based on server certificate is expired. Valid values: allow, block, ignore.
proxyAfterTcpHandshake string: Proxy traffic after the TCP 3-way handshake has been established (not before). Valid values: enable, disable.
quic string: QUIC inspection status. On FortiOS versions 7.4.1: default = disable. On FortiOS versions >= 7.4.2: default = inspect.
revokedServerCert string: Action based on server certificate is revoked. Valid values: allow, block, ignore.
sniServerCertCheck string: Check the SNI in the client hello message with the CN or SAN fields in the returned server certificate. Valid values: enable, strict, disable.
status string: Configure protocol inspection status. Valid values: disable, deep-inspection.
unsupportedSslCipher string: Action based on the SSL cipher used being unsupported. Valid values: allow, block.
unsupportedSslNegotiation string: Action based on the SSL negotiation used being unsupported. Valid values: allow, block.
unsupportedSslVersion string: Action based on the SSL version used being unsupported.
untrustedServerCert string: Action based on server certificate is not issued by a trusted CA. Valid values: allow, block, ignore.

cert_validation_failure str: Action based on certificate validation failure. Valid values: allow, block, ignore.
cert_validation_timeout str: Action based on certificate validation timeout. Valid values: allow, block, ignore.
client_certificate str: Action based on received client certificate. Valid values: bypass, inspect, block.
expired_server_cert str: Action based on server certificate is expired. Valid values: allow, block, ignore.
proxy_after_tcp_handshake str: Proxy traffic after the TCP 3-way handshake has been established (not before). Valid values: enable, disable.
quic str: QUIC inspection status. On FortiOS versions 7.4.1: default = disable. On FortiOS versions >= 7.4.2: default = inspect.
revoked_server_cert str: Action based on server certificate is revoked. Valid values: allow, block, ignore.
sni_server_cert_check str: Check the SNI in the client hello message with the CN or SAN fields in the returned server certificate. Valid values: enable, strict, disable.
status str: Configure protocol inspection status. Valid values: disable, deep-inspection.
unsupported_ssl_cipher str: Action based on the SSL cipher used being unsupported. Valid values: allow, block.
unsupported_ssl_negotiation str: Action based on the SSL negotiation used being unsupported. Valid values: allow, block.
unsupported_ssl_version str: Action based on the SSL version used being unsupported.
untrusted_server_cert str: Action based on server certificate is not issued by a trusted CA. Valid values: allow, block, ignore.

certValidationFailure String: Action based on certificate validation failure. Valid values: allow, block, ignore.
certValidationTimeout String: Action based on certificate validation timeout. Valid values: allow, block, ignore.
clientCertificate String: Action based on received client certificate. Valid values: bypass, inspect, block.
expiredServerCert String: Action based on server certificate is expired. Valid values: allow, block, ignore.
proxyAfterTcpHandshake String: Proxy traffic after the TCP 3-way handshake has been established (not before). Valid values: enable, disable.
quic String: QUIC inspection status. On FortiOS versions 7.4.1: default = disable. On FortiOS versions >= 7.4.2: default = inspect.
revokedServerCert String: Action based on server certificate is revoked. Valid values: allow, block, ignore.
sniServerCertCheck String: Check the SNI in the client hello message with the CN or SAN fields in the returned server certificate. Valid values: enable, strict, disable.
status String: Configure protocol inspection status. Valid values: disable, deep-inspection.
unsupportedSslCipher String: Action based on the SSL cipher used being unsupported. Valid values: allow, block.
unsupportedSslNegotiation String: Action based on the SSL negotiation used being unsupported. Valid values: allow, block.
unsupportedSslVersion String: Action based on the SSL version used being unsupported.
untrustedServerCert String: Action based on server certificate is not issued by a trusted CA. Valid values: allow, block, ignore.

SslsshprofileEchOuterSni, SslsshprofileEchOuterSniArgs

Name string: ClientHelloOuter SNI name.
Sni string: ClientHelloOuter SNI to be blocked.

Name string: ClientHelloOuter SNI name.
Sni string: ClientHelloOuter SNI to be blocked.

name String: ClientHelloOuter SNI name.
sni String: ClientHelloOuter SNI to be blocked.

name string: ClientHelloOuter SNI name.
sni string: ClientHelloOuter SNI to be blocked.

name str: ClientHelloOuter SNI name.
sni str: ClientHelloOuter SNI to be blocked.

name String: ClientHelloOuter SNI name.
sni String: ClientHelloOuter SNI to be blocked.

SslsshprofileFtps, SslsshprofileFtpsArgs

CertValidationFailure string: Action based on certificate validation failure. Valid values: allow, block, ignore.
CertValidationTimeout string: Action based on certificate validation timeout. Valid values: allow, block, ignore.
ClientCertRequest string: Action based on client certificate request. Valid values: bypass, inspect, block.
ClientCertificate string: Action based on received client certificate. Valid values: bypass, inspect, block.
ExpiredServerCert string: Action based on server certificate is expired. Valid values: allow, block, ignore.
InvalidServerCert string: Allow or block the invalid SSL session server certificate. Valid values: allow, block.
MinAllowedSslVersion string: Minimum SSL version to be allowed. Valid values: ssl-3.0, tls-1.0, tls-1.1, tls-1.2, tls-1.3.
Ports string: Ports to use for scanning (1 - 65535, default = 443).
RevokedServerCert string: Action based on server certificate is revoked. Valid values: allow, block, ignore.
SniServerCertCheck string: Check the SNI in the client hello message with the CN or SAN fields in the returned server certificate. Valid values: enable, strict, disable.
Status string: Configure protocol inspection status. Valid values: disable, deep-inspection.
UnsupportedSsl string: Action based on the SSL encryption used being unsupported. Valid values: bypass, inspect, block.
UnsupportedSslCipher string: Action based on the SSL cipher used being unsupported. Valid values: allow, block.
UnsupportedSslNegotiation string: Action based on the SSL negotiation used being unsupported. Valid values: allow, block.
UnsupportedSslVersion string: Action based on the SSL version used being unsupported.
UntrustedServerCert string: Allow, ignore, or block the untrusted SSL session server certificate. Valid values: allow, block, ignore.

CertValidationFailure string: Action based on certificate validation failure. Valid values: allow, block, ignore.
CertValidationTimeout string: Action based on certificate validation timeout. Valid values: allow, block, ignore.
ClientCertRequest string: Action based on client certificate request. Valid values: bypass, inspect, block.
ClientCertificate string: Action based on received client certificate. Valid values: bypass, inspect, block.
ExpiredServerCert string: Action based on server certificate is expired. Valid values: allow, block, ignore.
InvalidServerCert string: Allow or block the invalid SSL session server certificate. Valid values: allow, block.
MinAllowedSslVersion string: Minimum SSL version to be allowed. Valid values: ssl-3.0, tls-1.0, tls-1.1, tls-1.2, tls-1.3.
Ports string: Ports to use for scanning (1 - 65535, default = 443).
RevokedServerCert string: Action based on server certificate is revoked. Valid values: allow, block, ignore.
SniServerCertCheck string: Check the SNI in the client hello message with the CN or SAN fields in the returned server certificate. Valid values: enable, strict, disable.
Status string: Configure protocol inspection status. Valid values: disable, deep-inspection.
UnsupportedSsl string: Action based on the SSL encryption used being unsupported. Valid values: bypass, inspect, block.
UnsupportedSslCipher string: Action based on the SSL cipher used being unsupported. Valid values: allow, block.
UnsupportedSslNegotiation string: Action based on the SSL negotiation used being unsupported. Valid values: allow, block.
UnsupportedSslVersion string: Action based on the SSL version used being unsupported.
UntrustedServerCert string: Allow, ignore, or block the untrusted SSL session server certificate. Valid values: allow, block, ignore.

certValidationFailure String: Action based on certificate validation failure. Valid values: allow, block, ignore.
certValidationTimeout String: Action based on certificate validation timeout. Valid values: allow, block, ignore.
clientCertRequest String: Action based on client certificate request. Valid values: bypass, inspect, block.
clientCertificate String: Action based on received client certificate. Valid values: bypass, inspect, block.
expiredServerCert String: Action based on server certificate is expired. Valid values: allow, block, ignore.
invalidServerCert String: Allow or block the invalid SSL session server certificate. Valid values: allow, block.
minAllowedSslVersion String: Minimum SSL version to be allowed. Valid values: ssl-3.0, tls-1.0, tls-1.1, tls-1.2, tls-1.3.
ports String: Ports to use for scanning (1 - 65535, default = 443).
revokedServerCert String: Action based on server certificate is revoked. Valid values: allow, block, ignore.
sniServerCertCheck String: Check the SNI in the client hello message with the CN or SAN fields in the returned server certificate. Valid values: enable, strict, disable.
status String: Configure protocol inspection status. Valid values: disable, deep-inspection.
unsupportedSsl String: Action based on the SSL encryption used being unsupported. Valid values: bypass, inspect, block.
unsupportedSslCipher String: Action based on the SSL cipher used being unsupported. Valid values: allow, block.
unsupportedSslNegotiation String: Action based on the SSL negotiation used being unsupported. Valid values: allow, block.
unsupportedSslVersion String: Action based on the SSL version used being unsupported.
untrustedServerCert String: Allow, ignore, or block the untrusted SSL session server certificate. Valid values: allow, block, ignore.

certValidationFailure string: Action based on certificate validation failure. Valid values: allow, block, ignore.
certValidationTimeout string: Action based on certificate validation timeout. Valid values: allow, block, ignore.
clientCertRequest string: Action based on client certificate request. Valid values: bypass, inspect, block.
clientCertificate string: Action based on received client certificate. Valid values: bypass, inspect, block.
expiredServerCert string: Action based on server certificate is expired. Valid values: allow, block, ignore.
invalidServerCert string: Allow or block the invalid SSL session server certificate. Valid values: allow, block.
minAllowedSslVersion string: Minimum SSL version to be allowed. Valid values: ssl-3.0, tls-1.0, tls-1.1, tls-1.2, tls-1.3.
ports string: Ports to use for scanning (1 - 65535, default = 443).
revokedServerCert string: Action based on server certificate is revoked. Valid values: allow, block, ignore.
sniServerCertCheck string: Check the SNI in the client hello message with the CN or SAN fields in the returned server certificate. Valid values: enable, strict, disable.
status string: Configure protocol inspection status. Valid values: disable, deep-inspection.
unsupportedSsl string: Action based on the SSL encryption used being unsupported. Valid values: bypass, inspect, block.
unsupportedSslCipher string: Action based on the SSL cipher used being unsupported. Valid values: allow, block.
unsupportedSslNegotiation string: Action based on the SSL negotiation used being unsupported. Valid values: allow, block.
unsupportedSslVersion string: Action based on the SSL version used being unsupported.
untrustedServerCert string: Allow, ignore, or block the untrusted SSL session server certificate. Valid values: allow, block, ignore.

cert_validation_failure str: Action based on certificate validation failure. Valid values: allow, block, ignore.
cert_validation_timeout str: Action based on certificate validation timeout. Valid values: allow, block, ignore.
client_cert_request str: Action based on client certificate request. Valid values: bypass, inspect, block.
client_certificate str: Action based on received client certificate. Valid values: bypass, inspect, block.
expired_server_cert str: Action based on server certificate is expired. Valid values: allow, block, ignore.
invalid_server_cert str: Allow or block the invalid SSL session server certificate. Valid values: allow, block.
min_allowed_ssl_version str: Minimum SSL version to be allowed. Valid values: ssl-3.0, tls-1.0, tls-1.1, tls-1.2, tls-1.3.
ports str: Ports to use for scanning (1 - 65535, default = 443).
revoked_server_cert str: Action based on server certificate is revoked. Valid values: allow, block, ignore.
sni_server_cert_check str: Check the SNI in the client hello message with the CN or SAN fields in the returned server certificate. Valid values: enable, strict, disable.
status str: Configure protocol inspection status. Valid values: disable, deep-inspection.
unsupported_ssl str: Action based on the SSL encryption used being unsupported. Valid values: bypass, inspect, block.
unsupported_ssl_cipher str: Action based on the SSL cipher used being unsupported. Valid values: allow, block.
unsupported_ssl_negotiation str: Action based on the SSL negotiation used being unsupported. Valid values: allow, block.
unsupported_ssl_version str: Action based on the SSL version used being unsupported.
untrusted_server_cert str: Allow, ignore, or block the untrusted SSL session server certificate. Valid values: allow, block, ignore.

certValidationFailure String: Action based on certificate validation failure. Valid values: allow, block, ignore.
certValidationTimeout String: Action based on certificate validation timeout. Valid values: allow, block, ignore.
clientCertRequest String: Action based on client certificate request. Valid values: bypass, inspect, block.
clientCertificate String: Action based on received client certificate. Valid values: bypass, inspect, block.
expiredServerCert String: Action based on server certificate is expired. Valid values: allow, block, ignore.
invalidServerCert String: Allow or block the invalid SSL session server certificate. Valid values: allow, block.
minAllowedSslVersion String: Minimum SSL version to be allowed. Valid values: ssl-3.0, tls-1.0, tls-1.1, tls-1.2, tls-1.3.
ports String: Ports to use for scanning (1 - 65535, default = 443).
revokedServerCert String: Action based on server certificate is revoked. Valid values: allow, block, ignore.
sniServerCertCheck String: Check the SNI in the client hello message with the CN or SAN fields in the returned server certificate. Valid values: enable, strict, disable.
status String: Configure protocol inspection status. Valid values: disable, deep-inspection.
unsupportedSsl String: Action based on the SSL encryption used being unsupported. Valid values: bypass, inspect, block.
unsupportedSslCipher String: Action based on the SSL cipher used being unsupported. Valid values: allow, block.
unsupportedSslNegotiation String: Action based on the SSL negotiation used being unsupported. Valid values: allow, block.
unsupportedSslVersion String: Action based on the SSL version used being unsupported.
untrustedServerCert String: Allow, ignore, or block the untrusted SSL session server certificate. Valid values: allow, block, ignore.

SslsshprofileHttps, SslsshprofileHttpsArgs

CertProbeFailure string: Action based on certificate probe failure. Valid values: allow, block.
CertValidationFailure string: Action based on certificate validation failure. Valid values: allow, block, ignore.
CertValidationTimeout string: Action based on certificate validation timeout. Valid values: allow, block, ignore.
ClientCertRequest string: Action based on client certificate request. Valid values: bypass, inspect, block.
ClientCertificate string: Action based on received client certificate. Valid values: bypass, inspect, block.
EncryptedClientHello string: Block/allow session based on existence of encrypted-client-hello. Valid values: allow, block.
ExpiredServerCert string: Action based on server certificate is expired. Valid values: allow, block, ignore.
InvalidServerCert string: Allow or block the invalid SSL session server certificate. Valid values: allow, block.
MinAllowedSslVersion string: Minimum SSL version to be allowed. Valid values: ssl-3.0, tls-1.0, tls-1.1, tls-1.2, tls-1.3.
Ports string: Ports to use for scanning (1 - 65535, default = 443).
ProxyAfterTcpHandshake string: Proxy traffic after the TCP 3-way handshake has been established (not before). Valid values: enable, disable.
Quic string: QUIC inspection status. On FortiOS versions 7.4.1: default = disable. On FortiOS versions >= 7.4.2: default = inspect.
RevokedServerCert string: Action based on server certificate is revoked. Valid values: allow, block, ignore.
SniServerCertCheck string: Check the SNI in the client hello message with the CN or SAN fields in the returned server certificate. Valid values: enable, strict, disable.
Status string: Configure protocol inspection status. Valid values: disable, certificate-inspection, deep-inspection.
UnsupportedSsl string: Action based on the SSL encryption used being unsupported. Valid values: bypass, inspect, block.
UnsupportedSslCipher string: Action based on the SSL cipher used being unsupported. Valid values: allow, block.
UnsupportedSslNegotiation string: Action based on the SSL negotiation used being unsupported. Valid values: allow, block.
UnsupportedSslVersion string: Action based on the SSL version used being unsupported.
UntrustedServerCert string: Allow, ignore, or block the untrusted SSL session server certificate. Valid values: allow, block, ignore.

CertProbeFailure string: Action based on certificate probe failure. Valid values: allow, block.
CertValidationFailure string: Action based on certificate validation failure. Valid values: allow, block, ignore.
CertValidationTimeout string: Action based on certificate validation timeout. Valid values: allow, block, ignore.
ClientCertRequest string: Action based on client certificate request. Valid values: bypass, inspect, block.
ClientCertificate string: Action based on received client certificate. Valid values: bypass, inspect, block.
EncryptedClientHello string: Block/allow session based on existence of encrypted-client-hello. Valid values: allow, block.
ExpiredServerCert string: Action based on server certificate is expired. Valid values: allow, block, ignore.
InvalidServerCert string: Allow or block the invalid SSL session server certificate. Valid values: allow, block.
MinAllowedSslVersion string: Minimum SSL version to be allowed. Valid values: ssl-3.0, tls-1.0, tls-1.1, tls-1.2, tls-1.3.
Ports string: Ports to use for scanning (1 - 65535, default = 443).
ProxyAfterTcpHandshake string: Proxy traffic after the TCP 3-way handshake has been established (not before). Valid values: enable, disable.
Quic string: QUIC inspection status. On FortiOS versions 7.4.1: default = disable. On FortiOS versions >= 7.4.2: default = inspect.
RevokedServerCert string: Action based on server certificate is revoked. Valid values: allow, block, ignore.
SniServerCertCheck string: Check the SNI in the client hello message with the CN or SAN fields in the returned server certificate. Valid values: enable, strict, disable.
Status string: Configure protocol inspection status. Valid values: disable, certificate-inspection, deep-inspection.
UnsupportedSsl string: Action based on the SSL encryption used being unsupported. Valid values: bypass, inspect, block.
UnsupportedSslCipher string: Action based on the SSL cipher used being unsupported. Valid values: allow, block.
UnsupportedSslNegotiation string: Action based on the SSL negotiation used being unsupported. Valid values: allow, block.
UnsupportedSslVersion string: Action based on the SSL version used being unsupported.
UntrustedServerCert string: Allow, ignore, or block the untrusted SSL session server certificate. Valid values: allow, block, ignore.

certProbeFailure String: Action based on certificate probe failure. Valid values: allow, block.
certValidationFailure String: Action based on certificate validation failure. Valid values: allow, block, ignore.
certValidationTimeout String: Action based on certificate validation timeout. Valid values: allow, block, ignore.
clientCertRequest String: Action based on client certificate request. Valid values: bypass, inspect, block.
clientCertificate String: Action based on received client certificate. Valid values: bypass, inspect, block.
encryptedClientHello String: Block/allow session based on existence of encrypted-client-hello. Valid values: allow, block.
expiredServerCert String: Action based on server certificate is expired. Valid values: allow, block, ignore.
invalidServerCert String: Allow or block the invalid SSL session server certificate. Valid values: allow, block.
minAllowedSslVersion String: Minimum SSL version to be allowed. Valid values: ssl-3.0, tls-1.0, tls-1.1, tls-1.2, tls-1.3.
ports String: Ports to use for scanning (1 - 65535, default = 443).
proxyAfterTcpHandshake String: Proxy traffic after the TCP 3-way handshake has been established (not before). Valid values: enable, disable.
quic String: QUIC inspection status. On FortiOS versions 7.4.1: default = disable. On FortiOS versions >= 7.4.2: default = inspect.
revokedServerCert String: Action based on server certificate is revoked. Valid values: allow, block, ignore.
sniServerCertCheck String: Check the SNI in the client hello message with the CN or SAN fields in the returned server certificate. Valid values: enable, strict, disable.
status String: Configure protocol inspection status. Valid values: disable, certificate-inspection, deep-inspection.
unsupportedSsl String: Action based on the SSL encryption used being unsupported. Valid values: bypass, inspect, block.
unsupportedSslCipher String: Action based on the SSL cipher used being unsupported. Valid values: allow, block.
unsupportedSslNegotiation String: Action based on the SSL negotiation used being unsupported. Valid values: allow, block.
unsupportedSslVersion String: Action based on the SSL version used being unsupported.
untrustedServerCert String: Allow, ignore, or block the untrusted SSL session server certificate. Valid values: allow, block, ignore.

certProbeFailure string: Action based on certificate probe failure. Valid values: allow, block.
certValidationFailure string: Action based on certificate validation failure. Valid values: allow, block, ignore.
certValidationTimeout string: Action based on certificate validation timeout. Valid values: allow, block, ignore.
clientCertRequest string: Action based on client certificate request. Valid values: bypass, inspect, block.
clientCertificate string: Action based on received client certificate. Valid values: bypass, inspect, block.
encryptedClientHello string: Block/allow session based on existence of encrypted-client-hello. Valid values: allow, block.
expiredServerCert string: Action based on server certificate is expired. Valid values: allow, block, ignore.
invalidServerCert string: Allow or block the invalid SSL session server certificate. Valid values: allow, block.
minAllowedSslVersion string: Minimum SSL version to be allowed. Valid values: ssl-3.0, tls-1.0, tls-1.1, tls-1.2, tls-1.3.
ports string: Ports to use for scanning (1 - 65535, default = 443).
proxyAfterTcpHandshake string: Proxy traffic after the TCP 3-way handshake has been established (not before). Valid values: enable, disable.
quic string: QUIC inspection status. On FortiOS versions 7.4.1: default = disable. On FortiOS versions >= 7.4.2: default = inspect.
revokedServerCert string: Action based on server certificate is revoked. Valid values: allow, block, ignore.
sniServerCertCheck string: Check the SNI in the client hello message with the CN or SAN fields in the returned server certificate. Valid values: enable, strict, disable.
status string: Configure protocol inspection status. Valid values: disable, certificate-inspection, deep-inspection.
unsupportedSsl string: Action based on the SSL encryption used being unsupported. Valid values: bypass, inspect, block.
unsupportedSslCipher string: Action based on the SSL cipher used being unsupported. Valid values: allow, block.
unsupportedSslNegotiation string: Action based on the SSL negotiation used being unsupported. Valid values: allow, block.
unsupportedSslVersion string: Action based on the SSL version used being unsupported.
untrustedServerCert string: Allow, ignore, or block the untrusted SSL session server certificate. Valid values: allow, block, ignore.

cert_probe_failure str: Action based on certificate probe failure. Valid values: allow, block.
cert_validation_failure str: Action based on certificate validation failure. Valid values: allow, block, ignore.
cert_validation_timeout str: Action based on certificate validation timeout. Valid values: allow, block, ignore.
client_cert_request str: Action based on client certificate request. Valid values: bypass, inspect, block.
client_certificate str: Action based on received client certificate. Valid values: bypass, inspect, block.
encrypted_client_hello str: Block/allow session based on existence of encrypted-client-hello. Valid values: allow, block.
expired_server_cert str: Action based on server certificate is expired. Valid values: allow, block, ignore.
invalid_server_cert str: Allow or block the invalid SSL session server certificate. Valid values: allow, block.
min_allowed_ssl_version str: Minimum SSL version to be allowed. Valid values: ssl-3.0, tls-1.0, tls-1.1, tls-1.2, tls-1.3.
ports str: Ports to use for scanning (1 - 65535, default = 443).
proxy_after_tcp_handshake str: Proxy traffic after the TCP 3-way handshake has been established (not before). Valid values: enable, disable.
quic str: QUIC inspection status. On FortiOS versions 7.4.1: default = disable. On FortiOS versions >= 7.4.2: default = inspect.
revoked_server_cert str: Action based on server certificate is revoked. Valid values: allow, block, ignore.
sni_server_cert_check str: Check the SNI in the client hello message with the CN or SAN fields in the returned server certificate. Valid values: enable, strict, disable.
status str: Configure protocol inspection status. Valid values: disable, certificate-inspection, deep-inspection.
unsupported_ssl str: Action based on the SSL encryption used being unsupported. Valid values: bypass, inspect, block.
unsupported_ssl_cipher str: Action based on the SSL cipher used being unsupported. Valid values: allow, block.
unsupported_ssl_negotiation str: Action based on the SSL negotiation used being unsupported. Valid values: allow, block.
unsupported_ssl_version str: Action based on the SSL version used being unsupported.
untrusted_server_cert str: Allow, ignore, or block the untrusted SSL session server certificate. Valid values: allow, block, ignore.

certProbeFailure String: Action based on certificate probe failure. Valid values: allow, block.
certValidationFailure String: Action based on certificate validation failure. Valid values: allow, block, ignore.
certValidationTimeout String: Action based on certificate validation timeout. Valid values: allow, block, ignore.
clientCertRequest String: Action based on client certificate request. Valid values: bypass, inspect, block.
clientCertificate String: Action based on received client certificate. Valid values: bypass, inspect, block.
encryptedClientHello String: Block/allow session based on existence of encrypted-client-hello. Valid values: allow, block.
expiredServerCert String: Action based on server certificate is expired. Valid values: allow, block, ignore.
invalidServerCert String: Allow or block the invalid SSL session server certificate. Valid values: allow, block.
minAllowedSslVersion String: Minimum SSL version to be allowed. Valid values: ssl-3.0, tls-1.0, tls-1.1, tls-1.2, tls-1.3.
ports String: Ports to use for scanning (1 - 65535, default = 443).
proxyAfterTcpHandshake String: Proxy traffic after the TCP 3-way handshake has been established (not before). Valid values: enable, disable.
quic String: QUIC inspection status. On FortiOS versions 7.4.1: default = disable. On FortiOS versions >= 7.4.2: default = inspect.
revokedServerCert String: Action based on server certificate is revoked. Valid values: allow, block, ignore.
sniServerCertCheck String: Check the SNI in the client hello message with the CN or SAN fields in the returned server certificate. Valid values: enable, strict, disable.
status String: Configure protocol inspection status. Valid values: disable, certificate-inspection, deep-inspection.
unsupportedSsl String: Action based on the SSL encryption used being unsupported. Valid values: bypass, inspect, block.
unsupportedSslCipher String: Action based on the SSL cipher used being unsupported. Valid values: allow, block.
unsupportedSslNegotiation String: Action based on the SSL negotiation used being unsupported. Valid values: allow, block.
unsupportedSslVersion String: Action based on the SSL version used being unsupported.
untrustedServerCert String: Allow, ignore, or block the untrusted SSL session server certificate. Valid values: allow, block, ignore.

SslsshprofileImaps, SslsshprofileImapsArgs

CertValidationFailure string: Action based on certificate validation failure. Valid values: allow, block, ignore.
CertValidationTimeout string: Action based on certificate validation timeout. Valid values: allow, block, ignore.
ClientCertRequest string: Action based on client certificate request. Valid values: bypass, inspect, block.
ClientCertificate string: Action based on received client certificate. Valid values: bypass, inspect, block.
ExpiredServerCert string: Action based on server certificate is expired. Valid values: allow, block, ignore.
InvalidServerCert string: Allow or block the invalid SSL session server certificate. Valid values: allow, block.
Ports string: Ports to use for scanning (1 - 65535, default = 443).
ProxyAfterTcpHandshake string: Proxy traffic after the TCP 3-way handshake has been established (not before). Valid values: enable, disable.
RevokedServerCert string: Action based on server certificate is revoked. Valid values: allow, block, ignore.
SniServerCertCheck string: Check the SNI in the client hello message with the CN or SAN fields in the returned server certificate. Valid values: enable, strict, disable.
Status string: Configure protocol inspection status. Valid values: disable, deep-inspection.
UnsupportedSsl string: Action based on the SSL encryption used being unsupported. Valid values: bypass, inspect, block.
UnsupportedSslCipher string: Action based on the SSL cipher used being unsupported. Valid values: allow, block.
UnsupportedSslNegotiation string: Action based on the SSL negotiation used being unsupported. Valid values: allow, block.
UnsupportedSslVersion string: Action based on the SSL version used being unsupported.
UntrustedServerCert string: Allow, ignore, or block the untrusted SSL session server certificate. Valid values: allow, block, ignore.

CertValidationFailure string: Action based on certificate validation failure. Valid values: allow, block, ignore.
CertValidationTimeout string: Action based on certificate validation timeout. Valid values: allow, block, ignore.
ClientCertRequest string: Action based on client certificate request. Valid values: bypass, inspect, block.
ClientCertificate string: Action based on received client certificate. Valid values: bypass, inspect, block.
ExpiredServerCert string: Action based on server certificate is expired. Valid values: allow, block, ignore.
InvalidServerCert string: Allow or block the invalid SSL session server certificate. Valid values: allow, block.
Ports string: Ports to use for scanning (1 - 65535, default = 443).
ProxyAfterTcpHandshake string: Proxy traffic after the TCP 3-way handshake has been established (not before). Valid values: enable, disable.
RevokedServerCert string: Action based on server certificate is revoked. Valid values: allow, block, ignore.
SniServerCertCheck string: Check the SNI in the client hello message with the CN or SAN fields in the returned server certificate. Valid values: enable, strict, disable.
Status string: Configure protocol inspection status. Valid values: disable, deep-inspection.
UnsupportedSsl string: Action based on the SSL encryption used being unsupported. Valid values: bypass, inspect, block.
UnsupportedSslCipher string: Action based on the SSL cipher used being unsupported. Valid values: allow, block.
UnsupportedSslNegotiation string: Action based on the SSL negotiation used being unsupported. Valid values: allow, block.
UnsupportedSslVersion string: Action based on the SSL version used being unsupported.
UntrustedServerCert string: Allow, ignore, or block the untrusted SSL session server certificate. Valid values: allow, block, ignore.

certValidationFailure String: Action based on certificate validation failure. Valid values: allow, block, ignore.
certValidationTimeout String: Action based on certificate validation timeout. Valid values: allow, block, ignore.
clientCertRequest String: Action based on client certificate request. Valid values: bypass, inspect, block.
clientCertificate String: Action based on received client certificate. Valid values: bypass, inspect, block.
expiredServerCert String: Action based on server certificate is expired. Valid values: allow, block, ignore.
invalidServerCert String: Allow or block the invalid SSL session server certificate. Valid values: allow, block.
ports String: Ports to use for scanning (1 - 65535, default = 443).
proxyAfterTcpHandshake String: Proxy traffic after the TCP 3-way handshake has been established (not before). Valid values: enable, disable.
revokedServerCert String: Action based on server certificate is revoked. Valid values: allow, block, ignore.
sniServerCertCheck String: Check the SNI in the client hello message with the CN or SAN fields in the returned server certificate. Valid values: enable, strict, disable.
status String: Configure protocol inspection status. Valid values: disable, deep-inspection.
unsupportedSsl String: Action based on the SSL encryption used being unsupported. Valid values: bypass, inspect, block.
unsupportedSslCipher String: Action based on the SSL cipher used being unsupported. Valid values: allow, block.
unsupportedSslNegotiation String: Action based on the SSL negotiation used being unsupported. Valid values: allow, block.
unsupportedSslVersion String: Action based on the SSL version used being unsupported.
untrustedServerCert String: Allow, ignore, or block the untrusted SSL session server certificate. Valid values: allow, block, ignore.

certValidationFailure string: Action based on certificate validation failure. Valid values: allow, block, ignore.
certValidationTimeout string: Action based on certificate validation timeout. Valid values: allow, block, ignore.
clientCertRequest string: Action based on client certificate request. Valid values: bypass, inspect, block.
clientCertificate string: Action based on received client certificate. Valid values: bypass, inspect, block.
expiredServerCert string: Action based on server certificate is expired. Valid values: allow, block, ignore.
invalidServerCert string: Allow or block the invalid SSL session server certificate. Valid values: allow, block.
ports string: Ports to use for scanning (1 - 65535, default = 443).
proxyAfterTcpHandshake string: Proxy traffic after the TCP 3-way handshake has been established (not before). Valid values: enable, disable.
revokedServerCert string: Action based on server certificate is revoked. Valid values: allow, block, ignore.
sniServerCertCheck string: Check the SNI in the client hello message with the CN or SAN fields in the returned server certificate. Valid values: enable, strict, disable.
status string: Configure protocol inspection status. Valid values: disable, deep-inspection.
unsupportedSsl string: Action based on the SSL encryption used being unsupported. Valid values: bypass, inspect, block.
unsupportedSslCipher string: Action based on the SSL cipher used being unsupported. Valid values: allow, block.
unsupportedSslNegotiation string: Action based on the SSL negotiation used being unsupported. Valid values: allow, block.
unsupportedSslVersion string: Action based on the SSL version used being unsupported.
untrustedServerCert string: Allow, ignore, or block the untrusted SSL session server certificate. Valid values: allow, block, ignore.

cert_validation_failure str: Action based on certificate validation failure. Valid values: allow, block, ignore.
cert_validation_timeout str: Action based on certificate validation timeout. Valid values: allow, block, ignore.
client_cert_request str: Action based on client certificate request. Valid values: bypass, inspect, block.
client_certificate str: Action based on received client certificate. Valid values: bypass, inspect, block.
expired_server_cert str: Action based on server certificate is expired. Valid values: allow, block, ignore.
invalid_server_cert str: Allow or block the invalid SSL session server certificate. Valid values: allow, block.
ports str: Ports to use for scanning (1 - 65535, default = 443).
proxy_after_tcp_handshake str: Proxy traffic after the TCP 3-way handshake has been established (not before). Valid values: enable, disable.
revoked_server_cert str: Action based on server certificate is revoked. Valid values: allow, block, ignore.
sni_server_cert_check str: Check the SNI in the client hello message with the CN or SAN fields in the returned server certificate. Valid values: enable, strict, disable.
status str: Configure protocol inspection status. Valid values: disable, deep-inspection.
unsupported_ssl str: Action based on the SSL encryption used being unsupported. Valid values: bypass, inspect, block.
unsupported_ssl_cipher str: Action based on the SSL cipher used being unsupported. Valid values: allow, block.
unsupported_ssl_negotiation str: Action based on the SSL negotiation used being unsupported. Valid values: allow, block.
unsupported_ssl_version str: Action based on the SSL version used being unsupported.
untrusted_server_cert str: Allow, ignore, or block the untrusted SSL session server certificate. Valid values: allow, block, ignore.

certValidationFailure String: Action based on certificate validation failure. Valid values: allow, block, ignore.
certValidationTimeout String: Action based on certificate validation timeout. Valid values: allow, block, ignore.
clientCertRequest String: Action based on client certificate request. Valid values: bypass, inspect, block.
clientCertificate String: Action based on received client certificate. Valid values: bypass, inspect, block.
expiredServerCert String: Action based on server certificate is expired. Valid values: allow, block, ignore.
invalidServerCert String: Allow or block the invalid SSL session server certificate. Valid values: allow, block.
ports String: Ports to use for scanning (1 - 65535, default = 443).
proxyAfterTcpHandshake String: Proxy traffic after the TCP 3-way handshake has been established (not before). Valid values: enable, disable.
revokedServerCert String: Action based on server certificate is revoked. Valid values: allow, block, ignore.
sniServerCertCheck String: Check the SNI in the client hello message with the CN or SAN fields in the returned server certificate. Valid values: enable, strict, disable.
status String: Configure protocol inspection status. Valid values: disable, deep-inspection.
unsupportedSsl String: Action based on the SSL encryption used being unsupported. Valid values: bypass, inspect, block.
unsupportedSslCipher String: Action based on the SSL cipher used being unsupported. Valid values: allow, block.
unsupportedSslNegotiation String: Action based on the SSL negotiation used being unsupported. Valid values: allow, block.
unsupportedSslVersion String: Action based on the SSL version used being unsupported.
untrustedServerCert String: Allow, ignore, or block the untrusted SSL session server certificate. Valid values: allow, block, ignore.

SslsshprofilePop3s, SslsshprofilePop3sArgs

CertValidationFailure string
CertValidationTimeout string
ClientCertRequest string
ClientCertificate string
ExpiredServerCert string
InvalidServerCert string
Ports string
ProxyAfterTcpHandshake string
RevokedServerCert string
SniServerCertCheck string
Status string
UnsupportedSsl string
UnsupportedSslCipher string
UnsupportedSslNegotiation string
UnsupportedSslVersion string
UntrustedServerCert string

CertValidationFailure string
CertValidationTimeout string
ClientCertRequest string
ClientCertificate string
ExpiredServerCert string
InvalidServerCert string
Ports string
ProxyAfterTcpHandshake string
RevokedServerCert string
SniServerCertCheck string
Status string
UnsupportedSsl string
UnsupportedSslCipher string
UnsupportedSslNegotiation string
UnsupportedSslVersion string
UntrustedServerCert string

certValidationFailure String
certValidationTimeout String
clientCertRequest String
clientCertificate String
expiredServerCert String
invalidServerCert String
ports String
proxyAfterTcpHandshake String
revokedServerCert String
sniServerCertCheck String
status String
unsupportedSsl String
unsupportedSslCipher String
unsupportedSslNegotiation String
unsupportedSslVersion String
untrustedServerCert String

certValidationFailure string
certValidationTimeout string
clientCertRequest string
clientCertificate string
expiredServerCert string
invalidServerCert string
ports string
proxyAfterTcpHandshake string
revokedServerCert string
sniServerCertCheck string
status string
unsupportedSsl string
unsupportedSslCipher string
unsupportedSslNegotiation string
unsupportedSslVersion string
untrustedServerCert string

cert_validation_failure str
cert_validation_timeout str
client_cert_request str
client_certificate str
expired_server_cert str
invalid_server_cert str
ports str
proxy_after_tcp_handshake str
revoked_server_cert str
sni_server_cert_check str
status str
unsupported_ssl str
unsupported_ssl_cipher str
unsupported_ssl_negotiation str
unsupported_ssl_version str
untrusted_server_cert str

certValidationFailure String
certValidationTimeout String
clientCertRequest String
clientCertificate String
expiredServerCert String
invalidServerCert String
ports String
proxyAfterTcpHandshake String
revokedServerCert String
sniServerCertCheck String
status String
unsupportedSsl String
unsupportedSslCipher String
unsupportedSslNegotiation String
unsupportedSslVersion String
untrustedServerCert String

SslsshprofileSmtps, SslsshprofileSmtpsArgs

CertValidationFailure string: Action based on certificate validation failure. Valid values: allow, block, ignore.
CertValidationTimeout string: Action based on certificate validation timeout. Valid values: allow, block, ignore.
ClientCertRequest string: Action based on client certificate request. Valid values: bypass, inspect, block.
ClientCertificate string: Action based on received client certificate. Valid values: bypass, inspect, block.
ExpiredServerCert string: Action based on server certificate is expired. Valid values: allow, block, ignore.
InvalidServerCert string: Allow or block the invalid SSL session server certificate. Valid values: allow, block.
Ports string: Ports to use for scanning (1 - 65535, default = 443).
ProxyAfterTcpHandshake string: Proxy traffic after the TCP 3-way handshake has been established (not before). Valid values: enable, disable.
RevokedServerCert string: Action based on server certificate is revoked. Valid values: allow, block, ignore.
SniServerCertCheck string: Check the SNI in the client hello message with the CN or SAN fields in the returned server certificate. Valid values: enable, strict, disable.
Status string: Configure protocol inspection status. Valid values: disable, deep-inspection.
UnsupportedSsl string: Action based on the SSL encryption used being unsupported. Valid values: bypass, inspect, block.
UnsupportedSslCipher string: Action based on the SSL cipher used being unsupported. Valid values: allow, block.
UnsupportedSslNegotiation string: Action based on the SSL negotiation used being unsupported. Valid values: allow, block.
UnsupportedSslVersion string: Action based on the SSL version used being unsupported.
UntrustedServerCert string: Allow, ignore, or block the untrusted SSL session server certificate. Valid values: allow, block, ignore.

CertValidationFailure string: Action based on certificate validation failure. Valid values: allow, block, ignore.
CertValidationTimeout string: Action based on certificate validation timeout. Valid values: allow, block, ignore.
ClientCertRequest string: Action based on client certificate request. Valid values: bypass, inspect, block.
ClientCertificate string: Action based on received client certificate. Valid values: bypass, inspect, block.
ExpiredServerCert string: Action based on server certificate is expired. Valid values: allow, block, ignore.
InvalidServerCert string: Allow or block the invalid SSL session server certificate. Valid values: allow, block.
Ports string: Ports to use for scanning (1 - 65535, default = 443).
ProxyAfterTcpHandshake string: Proxy traffic after the TCP 3-way handshake has been established (not before). Valid values: enable, disable.
RevokedServerCert string: Action based on server certificate is revoked. Valid values: allow, block, ignore.
SniServerCertCheck string: Check the SNI in the client hello message with the CN or SAN fields in the returned server certificate. Valid values: enable, strict, disable.
Status string: Configure protocol inspection status. Valid values: disable, deep-inspection.
UnsupportedSsl string: Action based on the SSL encryption used being unsupported. Valid values: bypass, inspect, block.
UnsupportedSslCipher string: Action based on the SSL cipher used being unsupported. Valid values: allow, block.
UnsupportedSslNegotiation string: Action based on the SSL negotiation used being unsupported. Valid values: allow, block.
UnsupportedSslVersion string: Action based on the SSL version used being unsupported.
UntrustedServerCert string: Allow, ignore, or block the untrusted SSL session server certificate. Valid values: allow, block, ignore.

certValidationFailure String: Action based on certificate validation failure. Valid values: allow, block, ignore.
certValidationTimeout String: Action based on certificate validation timeout. Valid values: allow, block, ignore.
clientCertRequest String: Action based on client certificate request. Valid values: bypass, inspect, block.
clientCertificate String: Action based on received client certificate. Valid values: bypass, inspect, block.
expiredServerCert String: Action based on server certificate is expired. Valid values: allow, block, ignore.
invalidServerCert String: Allow or block the invalid SSL session server certificate. Valid values: allow, block.
ports String: Ports to use for scanning (1 - 65535, default = 443).
proxyAfterTcpHandshake String: Proxy traffic after the TCP 3-way handshake has been established (not before). Valid values: enable, disable.
revokedServerCert String: Action based on server certificate is revoked. Valid values: allow, block, ignore.
sniServerCertCheck String: Check the SNI in the client hello message with the CN or SAN fields in the returned server certificate. Valid values: enable, strict, disable.
status String: Configure protocol inspection status. Valid values: disable, deep-inspection.
unsupportedSsl String: Action based on the SSL encryption used being unsupported. Valid values: bypass, inspect, block.
unsupportedSslCipher String: Action based on the SSL cipher used being unsupported. Valid values: allow, block.
unsupportedSslNegotiation String: Action based on the SSL negotiation used being unsupported. Valid values: allow, block.
unsupportedSslVersion String: Action based on the SSL version used being unsupported.
untrustedServerCert String: Allow, ignore, or block the untrusted SSL session server certificate. Valid values: allow, block, ignore.

certValidationFailure string: Action based on certificate validation failure. Valid values: allow, block, ignore.
certValidationTimeout string: Action based on certificate validation timeout. Valid values: allow, block, ignore.
clientCertRequest string: Action based on client certificate request. Valid values: bypass, inspect, block.
clientCertificate string: Action based on received client certificate. Valid values: bypass, inspect, block.
expiredServerCert string: Action based on server certificate is expired. Valid values: allow, block, ignore.
invalidServerCert string: Allow or block the invalid SSL session server certificate. Valid values: allow, block.
ports string: Ports to use for scanning (1 - 65535, default = 443).
proxyAfterTcpHandshake string: Proxy traffic after the TCP 3-way handshake has been established (not before). Valid values: enable, disable.
revokedServerCert string: Action based on server certificate is revoked. Valid values: allow, block, ignore.
sniServerCertCheck string: Check the SNI in the client hello message with the CN or SAN fields in the returned server certificate. Valid values: enable, strict, disable.
status string: Configure protocol inspection status. Valid values: disable, deep-inspection.
unsupportedSsl string: Action based on the SSL encryption used being unsupported. Valid values: bypass, inspect, block.
unsupportedSslCipher string: Action based on the SSL cipher used being unsupported. Valid values: allow, block.
unsupportedSslNegotiation string: Action based on the SSL negotiation used being unsupported. Valid values: allow, block.
unsupportedSslVersion string: Action based on the SSL version used being unsupported.
untrustedServerCert string: Allow, ignore, or block the untrusted SSL session server certificate. Valid values: allow, block, ignore.

cert_validation_failure str: Action based on certificate validation failure. Valid values: allow, block, ignore.
cert_validation_timeout str: Action based on certificate validation timeout. Valid values: allow, block, ignore.
client_cert_request str: Action based on client certificate request. Valid values: bypass, inspect, block.
client_certificate str: Action based on received client certificate. Valid values: bypass, inspect, block.
expired_server_cert str: Action based on server certificate is expired. Valid values: allow, block, ignore.
invalid_server_cert str: Allow or block the invalid SSL session server certificate. Valid values: allow, block.
ports str: Ports to use for scanning (1 - 65535, default = 443).
proxy_after_tcp_handshake str: Proxy traffic after the TCP 3-way handshake has been established (not before). Valid values: enable, disable.
revoked_server_cert str: Action based on server certificate is revoked. Valid values: allow, block, ignore.
sni_server_cert_check str: Check the SNI in the client hello message with the CN or SAN fields in the returned server certificate. Valid values: enable, strict, disable.
status str: Configure protocol inspection status. Valid values: disable, deep-inspection.
unsupported_ssl str: Action based on the SSL encryption used being unsupported. Valid values: bypass, inspect, block.
unsupported_ssl_cipher str: Action based on the SSL cipher used being unsupported. Valid values: allow, block.
unsupported_ssl_negotiation str: Action based on the SSL negotiation used being unsupported. Valid values: allow, block.
unsupported_ssl_version str: Action based on the SSL version used being unsupported.
untrusted_server_cert str: Allow, ignore, or block the untrusted SSL session server certificate. Valid values: allow, block, ignore.

certValidationFailure String: Action based on certificate validation failure. Valid values: allow, block, ignore.
certValidationTimeout String: Action based on certificate validation timeout. Valid values: allow, block, ignore.
clientCertRequest String: Action based on client certificate request. Valid values: bypass, inspect, block.
clientCertificate String: Action based on received client certificate. Valid values: bypass, inspect, block.
expiredServerCert String: Action based on server certificate is expired. Valid values: allow, block, ignore.
invalidServerCert String: Allow or block the invalid SSL session server certificate. Valid values: allow, block.
ports String: Ports to use for scanning (1 - 65535, default = 443).
proxyAfterTcpHandshake String: Proxy traffic after the TCP 3-way handshake has been established (not before). Valid values: enable, disable.
revokedServerCert String: Action based on server certificate is revoked. Valid values: allow, block, ignore.
sniServerCertCheck String: Check the SNI in the client hello message with the CN or SAN fields in the returned server certificate. Valid values: enable, strict, disable.
status String: Configure protocol inspection status. Valid values: disable, deep-inspection.
unsupportedSsl String: Action based on the SSL encryption used being unsupported. Valid values: bypass, inspect, block.
unsupportedSslCipher String: Action based on the SSL cipher used being unsupported. Valid values: allow, block.
unsupportedSslNegotiation String: Action based on the SSL negotiation used being unsupported. Valid values: allow, block.
unsupportedSslVersion String: Action based on the SSL version used being unsupported.
untrustedServerCert String: Allow, ignore, or block the untrusted SSL session server certificate. Valid values: allow, block, ignore.

SslsshprofileSsh, SslsshprofileSshArgs

InspectAll string: Level of SSL inspection. Valid values: disable, deep-inspection.
Ports string: Ports to use for scanning (1 - 65535, default = 443).
ProxyAfterTcpHandshake string: Proxy traffic after the TCP 3-way handshake has been established (not before). Valid values: enable, disable.
SshAlgorithm string: Relative strength of encryption algorithms accepted during negotiation. Valid values: compatible, high-encryption.
SshPolicyCheck string: Enable/disable SSH policy check. Valid values: disable, enable.
SshTunPolicyCheck string: Enable/disable SSH tunnel policy check. Valid values: disable, enable.
Status string: Configure protocol inspection status. Valid values: disable, deep-inspection.
UnsupportedVersion string: Action based on SSH version being unsupported. Valid values: bypass, block.

InspectAll string: Level of SSL inspection. Valid values: disable, deep-inspection.
Ports string: Ports to use for scanning (1 - 65535, default = 443).
ProxyAfterTcpHandshake string: Proxy traffic after the TCP 3-way handshake has been established (not before). Valid values: enable, disable.
SshAlgorithm string: Relative strength of encryption algorithms accepted during negotiation. Valid values: compatible, high-encryption.
SshPolicyCheck string: Enable/disable SSH policy check. Valid values: disable, enable.
SshTunPolicyCheck string: Enable/disable SSH tunnel policy check. Valid values: disable, enable.
Status string: Configure protocol inspection status. Valid values: disable, deep-inspection.
UnsupportedVersion string: Action based on SSH version being unsupported. Valid values: bypass, block.

inspectAll String: Level of SSL inspection. Valid values: disable, deep-inspection.
ports String: Ports to use for scanning (1 - 65535, default = 443).
proxyAfterTcpHandshake String: Proxy traffic after the TCP 3-way handshake has been established (not before). Valid values: enable, disable.
sshAlgorithm String: Relative strength of encryption algorithms accepted during negotiation. Valid values: compatible, high-encryption.
sshPolicyCheck String: Enable/disable SSH policy check. Valid values: disable, enable.
sshTunPolicyCheck String: Enable/disable SSH tunnel policy check. Valid values: disable, enable.
status String: Configure protocol inspection status. Valid values: disable, deep-inspection.
unsupportedVersion String: Action based on SSH version being unsupported. Valid values: bypass, block.

inspectAll string: Level of SSL inspection. Valid values: disable, deep-inspection.
ports string: Ports to use for scanning (1 - 65535, default = 443).
proxyAfterTcpHandshake string: Proxy traffic after the TCP 3-way handshake has been established (not before). Valid values: enable, disable.
sshAlgorithm string: Relative strength of encryption algorithms accepted during negotiation. Valid values: compatible, high-encryption.
sshPolicyCheck string: Enable/disable SSH policy check. Valid values: disable, enable.
sshTunPolicyCheck string: Enable/disable SSH tunnel policy check. Valid values: disable, enable.
status string: Configure protocol inspection status. Valid values: disable, deep-inspection.
unsupportedVersion string: Action based on SSH version being unsupported. Valid values: bypass, block.

inspect_all str: Level of SSL inspection. Valid values: disable, deep-inspection.
ports str: Ports to use for scanning (1 - 65535, default = 443).
proxy_after_tcp_handshake str: Proxy traffic after the TCP 3-way handshake has been established (not before). Valid values: enable, disable.
ssh_algorithm str: Relative strength of encryption algorithms accepted during negotiation. Valid values: compatible, high-encryption.
ssh_policy_check str: Enable/disable SSH policy check. Valid values: disable, enable.
ssh_tun_policy_check str: Enable/disable SSH tunnel policy check. Valid values: disable, enable.
status str: Configure protocol inspection status. Valid values: disable, deep-inspection.
unsupported_version str: Action based on SSH version being unsupported. Valid values: bypass, block.

inspectAll String: Level of SSL inspection. Valid values: disable, deep-inspection.
ports String: Ports to use for scanning (1 - 65535, default = 443).
proxyAfterTcpHandshake String: Proxy traffic after the TCP 3-way handshake has been established (not before). Valid values: enable, disable.
sshAlgorithm String: Relative strength of encryption algorithms accepted during negotiation. Valid values: compatible, high-encryption.
sshPolicyCheck String: Enable/disable SSH policy check. Valid values: disable, enable.
sshTunPolicyCheck String: Enable/disable SSH tunnel policy check. Valid values: disable, enable.
status String: Configure protocol inspection status. Valid values: disable, deep-inspection.
unsupportedVersion String: Action based on SSH version being unsupported. Valid values: bypass, block.

SslsshprofileSsl, SslsshprofileSslArgs

CertProbeFailure string: Action based on certificate probe failure. Valid values: allow, block.
CertValidationFailure string: Action based on certificate validation failure. Valid values: allow, block, ignore.
CertValidationTimeout string: Action based on certificate validation timeout. Valid values: allow, block, ignore.
ClientCertRequest string: Action based on client certificate request. Valid values: bypass, inspect, block.
ClientCertificate string: Action based on received client certificate. Valid values: bypass, inspect, block.
EncryptedClientHello string: Block/allow session based on existence of encrypted-client-hello. Valid values: allow, block.
ExpiredServerCert string: Action based on server certificate is expired. Valid values: allow, block, ignore.
InspectAll string: Level of SSL inspection. Valid values: disable, certificate-inspection, deep-inspection.
InvalidServerCert string: Allow or block the invalid SSL session server certificate. Valid values: allow, block.
MinAllowedSslVersion string: Minimum SSL version to be allowed. Valid values: ssl-3.0, tls-1.0, tls-1.1, tls-1.2, tls-1.3.
RevokedServerCert string: Action based on server certificate is revoked. Valid values: allow, block, ignore.
SniServerCertCheck string: Check the SNI in the client hello message with the CN or SAN fields in the returned server certificate. Valid values: enable, strict, disable.
UnsupportedSsl string: Action based on the SSL encryption used being unsupported. Valid values: bypass, inspect, block.
UnsupportedSslCipher string: Action based on the SSL cipher used being unsupported. Valid values: allow, block.
UnsupportedSslNegotiation string: Action based on the SSL negotiation used being unsupported. Valid values: allow, block.
UnsupportedSslVersion string: Action based on the SSL version used being unsupported.
UntrustedServerCert string: Allow, ignore, or block the untrusted SSL session server certificate. Valid values: allow, block, ignore.

CertProbeFailure string: Action based on certificate probe failure. Valid values: allow, block.
CertValidationFailure string: Action based on certificate validation failure. Valid values: allow, block, ignore.
CertValidationTimeout string: Action based on certificate validation timeout. Valid values: allow, block, ignore.
ClientCertRequest string: Action based on client certificate request. Valid values: bypass, inspect, block.
ClientCertificate string: Action based on received client certificate. Valid values: bypass, inspect, block.
EncryptedClientHello string: Block/allow session based on existence of encrypted-client-hello. Valid values: allow, block.
ExpiredServerCert string: Action based on server certificate is expired. Valid values: allow, block, ignore.
InspectAll string: Level of SSL inspection. Valid values: disable, certificate-inspection, deep-inspection.
InvalidServerCert string: Allow or block the invalid SSL session server certificate. Valid values: allow, block.
MinAllowedSslVersion string: Minimum SSL version to be allowed. Valid values: ssl-3.0, tls-1.0, tls-1.1, tls-1.2, tls-1.3.
RevokedServerCert string: Action based on server certificate is revoked. Valid values: allow, block, ignore.
SniServerCertCheck string: Check the SNI in the client hello message with the CN or SAN fields in the returned server certificate. Valid values: enable, strict, disable.
UnsupportedSsl string: Action based on the SSL encryption used being unsupported. Valid values: bypass, inspect, block.
UnsupportedSslCipher string: Action based on the SSL cipher used being unsupported. Valid values: allow, block.
UnsupportedSslNegotiation string: Action based on the SSL negotiation used being unsupported. Valid values: allow, block.
UnsupportedSslVersion string: Action based on the SSL version used being unsupported.
UntrustedServerCert string: Allow, ignore, or block the untrusted SSL session server certificate. Valid values: allow, block, ignore.

certProbeFailure String: Action based on certificate probe failure. Valid values: allow, block.
certValidationFailure String: Action based on certificate validation failure. Valid values: allow, block, ignore.
certValidationTimeout String: Action based on certificate validation timeout. Valid values: allow, block, ignore.
clientCertRequest String: Action based on client certificate request. Valid values: bypass, inspect, block.
clientCertificate String: Action based on received client certificate. Valid values: bypass, inspect, block.
encryptedClientHello String: Block/allow session based on existence of encrypted-client-hello. Valid values: allow, block.
expiredServerCert String: Action based on server certificate is expired. Valid values: allow, block, ignore.
inspectAll String: Level of SSL inspection. Valid values: disable, certificate-inspection, deep-inspection.
invalidServerCert String: Allow or block the invalid SSL session server certificate. Valid values: allow, block.
minAllowedSslVersion String: Minimum SSL version to be allowed. Valid values: ssl-3.0, tls-1.0, tls-1.1, tls-1.2, tls-1.3.
revokedServerCert String: Action based on server certificate is revoked. Valid values: allow, block, ignore.
sniServerCertCheck String: Check the SNI in the client hello message with the CN or SAN fields in the returned server certificate. Valid values: enable, strict, disable.
unsupportedSsl String: Action based on the SSL encryption used being unsupported. Valid values: bypass, inspect, block.
unsupportedSslCipher String: Action based on the SSL cipher used being unsupported. Valid values: allow, block.
unsupportedSslNegotiation String: Action based on the SSL negotiation used being unsupported. Valid values: allow, block.
unsupportedSslVersion String: Action based on the SSL version used being unsupported.
untrustedServerCert String: Allow, ignore, or block the untrusted SSL session server certificate. Valid values: allow, block, ignore.

certProbeFailure string: Action based on certificate probe failure. Valid values: allow, block.
certValidationFailure string: Action based on certificate validation failure. Valid values: allow, block, ignore.
certValidationTimeout string: Action based on certificate validation timeout. Valid values: allow, block, ignore.
clientCertRequest string: Action based on client certificate request. Valid values: bypass, inspect, block.
clientCertificate string: Action based on received client certificate. Valid values: bypass, inspect, block.
encryptedClientHello string: Block/allow session based on existence of encrypted-client-hello. Valid values: allow, block.
expiredServerCert string: Action based on server certificate is expired. Valid values: allow, block, ignore.
inspectAll string: Level of SSL inspection. Valid values: disable, certificate-inspection, deep-inspection.
invalidServerCert string: Allow or block the invalid SSL session server certificate. Valid values: allow, block.
minAllowedSslVersion string: Minimum SSL version to be allowed. Valid values: ssl-3.0, tls-1.0, tls-1.1, tls-1.2, tls-1.3.
revokedServerCert string: Action based on server certificate is revoked. Valid values: allow, block, ignore.
sniServerCertCheck string: Check the SNI in the client hello message with the CN or SAN fields in the returned server certificate. Valid values: enable, strict, disable.
unsupportedSsl string: Action based on the SSL encryption used being unsupported. Valid values: bypass, inspect, block.
unsupportedSslCipher string: Action based on the SSL cipher used being unsupported. Valid values: allow, block.
unsupportedSslNegotiation string: Action based on the SSL negotiation used being unsupported. Valid values: allow, block.
unsupportedSslVersion string: Action based on the SSL version used being unsupported.
untrustedServerCert string: Allow, ignore, or block the untrusted SSL session server certificate. Valid values: allow, block, ignore.

cert_probe_failure str: Action based on certificate probe failure. Valid values: allow, block.
cert_validation_failure str: Action based on certificate validation failure. Valid values: allow, block, ignore.
cert_validation_timeout str: Action based on certificate validation timeout. Valid values: allow, block, ignore.
client_cert_request str: Action based on client certificate request. Valid values: bypass, inspect, block.
client_certificate str: Action based on received client certificate. Valid values: bypass, inspect, block.
encrypted_client_hello str: Block/allow session based on existence of encrypted-client-hello. Valid values: allow, block.
expired_server_cert str: Action based on server certificate is expired. Valid values: allow, block, ignore.
inspect_all str: Level of SSL inspection. Valid values: disable, certificate-inspection, deep-inspection.
invalid_server_cert str: Allow or block the invalid SSL session server certificate. Valid values: allow, block.
min_allowed_ssl_version str: Minimum SSL version to be allowed. Valid values: ssl-3.0, tls-1.0, tls-1.1, tls-1.2, tls-1.3.
revoked_server_cert str: Action based on server certificate is revoked. Valid values: allow, block, ignore.
sni_server_cert_check str: Check the SNI in the client hello message with the CN or SAN fields in the returned server certificate. Valid values: enable, strict, disable.
unsupported_ssl str: Action based on the SSL encryption used being unsupported. Valid values: bypass, inspect, block.
unsupported_ssl_cipher str: Action based on the SSL cipher used being unsupported. Valid values: allow, block.
unsupported_ssl_negotiation str: Action based on the SSL negotiation used being unsupported. Valid values: allow, block.
unsupported_ssl_version str: Action based on the SSL version used being unsupported.
untrusted_server_cert str: Allow, ignore, or block the untrusted SSL session server certificate. Valid values: allow, block, ignore.

certProbeFailure String: Action based on certificate probe failure. Valid values: allow, block.
certValidationFailure String: Action based on certificate validation failure. Valid values: allow, block, ignore.
certValidationTimeout String: Action based on certificate validation timeout. Valid values: allow, block, ignore.
clientCertRequest String: Action based on client certificate request. Valid values: bypass, inspect, block.
clientCertificate String: Action based on received client certificate. Valid values: bypass, inspect, block.
encryptedClientHello String: Block/allow session based on existence of encrypted-client-hello. Valid values: allow, block.
expiredServerCert String: Action based on server certificate is expired. Valid values: allow, block, ignore.
inspectAll String: Level of SSL inspection. Valid values: disable, certificate-inspection, deep-inspection.
invalidServerCert String: Allow or block the invalid SSL session server certificate. Valid values: allow, block.
minAllowedSslVersion String: Minimum SSL version to be allowed. Valid values: ssl-3.0, tls-1.0, tls-1.1, tls-1.2, tls-1.3.
revokedServerCert String: Action based on server certificate is revoked. Valid values: allow, block, ignore.
sniServerCertCheck String: Check the SNI in the client hello message with the CN or SAN fields in the returned server certificate. Valid values: enable, strict, disable.
unsupportedSsl String: Action based on the SSL encryption used being unsupported. Valid values: bypass, inspect, block.
unsupportedSslCipher String: Action based on the SSL cipher used being unsupported. Valid values: allow, block.
unsupportedSslNegotiation String: Action based on the SSL negotiation used being unsupported. Valid values: allow, block.
unsupportedSslVersion String: Action based on the SSL version used being unsupported.
untrustedServerCert String: Allow, ignore, or block the untrusted SSL session server certificate. Valid values: allow, block, ignore.

SslsshprofileSslExempt, SslsshprofileSslExemptArgs

Address string: IPv4 address object.
Address6 string: IPv6 address object.
FortiguardCategory int: FortiGuard category ID.
Id int: ID number.
Regex string: Exempt servers by regular expression.
Type string: Type of address object (IPv4 or IPv6) or FortiGuard category. Valid values: fortiguard-category, address, address6, wildcard-fqdn, regex.
WildcardFqdn string: Exempt servers by wildcard FQDN.

Address string: IPv4 address object.
Address6 string: IPv6 address object.
FortiguardCategory int: FortiGuard category ID.
Id int: ID number.
Regex string: Exempt servers by regular expression.
Type string: Type of address object (IPv4 or IPv6) or FortiGuard category. Valid values: fortiguard-category, address, address6, wildcard-fqdn, regex.
WildcardFqdn string: Exempt servers by wildcard FQDN.

address String: IPv4 address object.
address6 String: IPv6 address object.
fortiguardCategory Integer: FortiGuard category ID.
id Integer: ID number.
regex String: Exempt servers by regular expression.
type String: Type of address object (IPv4 or IPv6) or FortiGuard category. Valid values: fortiguard-category, address, address6, wildcard-fqdn, regex.
wildcardFqdn String: Exempt servers by wildcard FQDN.

address string: IPv4 address object.
address6 string: IPv6 address object.
fortiguardCategory number: FortiGuard category ID.
id number: ID number.
regex string: Exempt servers by regular expression.
type string: Type of address object (IPv4 or IPv6) or FortiGuard category. Valid values: fortiguard-category, address, address6, wildcard-fqdn, regex.
wildcardFqdn string: Exempt servers by wildcard FQDN.

address str: IPv4 address object.
address6 str: IPv6 address object.
fortiguard_category int: FortiGuard category ID.
id int: ID number.
regex str: Exempt servers by regular expression.
type str: Type of address object (IPv4 or IPv6) or FortiGuard category. Valid values: fortiguard-category, address, address6, wildcard-fqdn, regex.
wildcard_fqdn str: Exempt servers by wildcard FQDN.

address String: IPv4 address object.
address6 String: IPv6 address object.
fortiguardCategory Number: FortiGuard category ID.
id Number: ID number.
regex String: Exempt servers by regular expression.
type String: Type of address object (IPv4 or IPv6) or FortiGuard category. Valid values: fortiguard-category, address, address6, wildcard-fqdn, regex.
wildcardFqdn String: Exempt servers by wildcard FQDN.

SslsshprofileSslServer, SslsshprofileSslServerArgs

FtpsClientCertRequest string: Action based on client certificate request during the FTPS handshake. Valid values: bypass, inspect, block.
FtpsClientCertificate string: Action based on received client certificate during the FTPS handshake. Valid values: bypass, inspect, block.
HttpsClientCertRequest string: Action based on client certificate request during the HTTPS handshake. Valid values: bypass, inspect, block.
HttpsClientCertificate string: Action based on received client certificate during the HTTPS handshake. Valid values: bypass, inspect, block.
Id int: SSL server ID.
ImapsClientCertRequest string: Action based on client certificate request during the IMAPS handshake. Valid values: bypass, inspect, block.
ImapsClientCertificate string: Action based on received client certificate during the IMAPS handshake. Valid values: bypass, inspect, block.
Ip string: IPv4 address of the SSL server.
Pop3sClientCertRequest string: Action based on client certificate request during the POP3S handshake. Valid values: bypass, inspect, block.
Pop3sClientCertificate string: Action based on received client certificate during the POP3S handshake. Valid values: bypass, inspect, block.
SmtpsClientCertRequest string: Action based on client certificate request during the SMTPS handshake. Valid values: bypass, inspect, block.
SmtpsClientCertificate string: Action based on received client certificate during the SMTPS handshake. Valid values: bypass, inspect, block.
SslOtherClientCertRequest string: Action based on client certificate request during an SSL protocol handshake. Valid values: bypass, inspect, block.
SslOtherClientCertificate string: Action based on received client certificate during an SSL protocol handshake. Valid values: bypass, inspect, block.

FtpsClientCertRequest string: Action based on client certificate request during the FTPS handshake. Valid values: bypass, inspect, block.
FtpsClientCertificate string: Action based on received client certificate during the FTPS handshake. Valid values: bypass, inspect, block.
HttpsClientCertRequest string: Action based on client certificate request during the HTTPS handshake. Valid values: bypass, inspect, block.
HttpsClientCertificate string: Action based on received client certificate during the HTTPS handshake. Valid values: bypass, inspect, block.
Id int: SSL server ID.
ImapsClientCertRequest string: Action based on client certificate request during the IMAPS handshake. Valid values: bypass, inspect, block.
ImapsClientCertificate string: Action based on received client certificate during the IMAPS handshake. Valid values: bypass, inspect, block.
Ip string: IPv4 address of the SSL server.
Pop3sClientCertRequest string: Action based on client certificate request during the POP3S handshake. Valid values: bypass, inspect, block.
Pop3sClientCertificate string: Action based on received client certificate during the POP3S handshake. Valid values: bypass, inspect, block.
SmtpsClientCertRequest string: Action based on client certificate request during the SMTPS handshake. Valid values: bypass, inspect, block.
SmtpsClientCertificate string: Action based on received client certificate during the SMTPS handshake. Valid values: bypass, inspect, block.
SslOtherClientCertRequest string: Action based on client certificate request during an SSL protocol handshake. Valid values: bypass, inspect, block.
SslOtherClientCertificate string: Action based on received client certificate during an SSL protocol handshake. Valid values: bypass, inspect, block.

ftpsClientCertRequest String: Action based on client certificate request during the FTPS handshake. Valid values: bypass, inspect, block.
ftpsClientCertificate String: Action based on received client certificate during the FTPS handshake. Valid values: bypass, inspect, block.
httpsClientCertRequest String: Action based on client certificate request during the HTTPS handshake. Valid values: bypass, inspect, block.
httpsClientCertificate String: Action based on received client certificate during the HTTPS handshake. Valid values: bypass, inspect, block.
id Integer: SSL server ID.
imapsClientCertRequest String: Action based on client certificate request during the IMAPS handshake. Valid values: bypass, inspect, block.
imapsClientCertificate String: Action based on received client certificate during the IMAPS handshake. Valid values: bypass, inspect, block.
ip String: IPv4 address of the SSL server.
pop3sClientCertRequest String: Action based on client certificate request during the POP3S handshake. Valid values: bypass, inspect, block.
pop3sClientCertificate String: Action based on received client certificate during the POP3S handshake. Valid values: bypass, inspect, block.
smtpsClientCertRequest String: Action based on client certificate request during the SMTPS handshake. Valid values: bypass, inspect, block.
smtpsClientCertificate String: Action based on received client certificate during the SMTPS handshake. Valid values: bypass, inspect, block.
sslOtherClientCertRequest String: Action based on client certificate request during an SSL protocol handshake. Valid values: bypass, inspect, block.
sslOtherClientCertificate String: Action based on received client certificate during an SSL protocol handshake. Valid values: bypass, inspect, block.

ftpsClientCertRequest string: Action based on client certificate request during the FTPS handshake. Valid values: bypass, inspect, block.
ftpsClientCertificate string: Action based on received client certificate during the FTPS handshake. Valid values: bypass, inspect, block.
httpsClientCertRequest string: Action based on client certificate request during the HTTPS handshake. Valid values: bypass, inspect, block.
httpsClientCertificate string: Action based on received client certificate during the HTTPS handshake. Valid values: bypass, inspect, block.
id number: SSL server ID.
imapsClientCertRequest string: Action based on client certificate request during the IMAPS handshake. Valid values: bypass, inspect, block.
imapsClientCertificate string: Action based on received client certificate during the IMAPS handshake. Valid values: bypass, inspect, block.
ip string: IPv4 address of the SSL server.
pop3sClientCertRequest string: Action based on client certificate request during the POP3S handshake. Valid values: bypass, inspect, block.
pop3sClientCertificate string: Action based on received client certificate during the POP3S handshake. Valid values: bypass, inspect, block.
smtpsClientCertRequest string: Action based on client certificate request during the SMTPS handshake. Valid values: bypass, inspect, block.
smtpsClientCertificate string: Action based on received client certificate during the SMTPS handshake. Valid values: bypass, inspect, block.
sslOtherClientCertRequest string: Action based on client certificate request during an SSL protocol handshake. Valid values: bypass, inspect, block.
sslOtherClientCertificate string: Action based on received client certificate during an SSL protocol handshake. Valid values: bypass, inspect, block.

ftps_client_cert_request str: Action based on client certificate request during the FTPS handshake. Valid values: bypass, inspect, block.
ftps_client_certificate str: Action based on received client certificate during the FTPS handshake. Valid values: bypass, inspect, block.
https_client_cert_request str: Action based on client certificate request during the HTTPS handshake. Valid values: bypass, inspect, block.
https_client_certificate str: Action based on received client certificate during the HTTPS handshake. Valid values: bypass, inspect, block.
id int: SSL server ID.
imaps_client_cert_request str: Action based on client certificate request during the IMAPS handshake. Valid values: bypass, inspect, block.
imaps_client_certificate str: Action based on received client certificate during the IMAPS handshake. Valid values: bypass, inspect, block.
ip str: IPv4 address of the SSL server.
pop3s_client_cert_request str: Action based on client certificate request during the POP3S handshake. Valid values: bypass, inspect, block.
pop3s_client_certificate str: Action based on received client certificate during the POP3S handshake. Valid values: bypass, inspect, block.
smtps_client_cert_request str: Action based on client certificate request during the SMTPS handshake. Valid values: bypass, inspect, block.
smtps_client_certificate str: Action based on received client certificate during the SMTPS handshake. Valid values: bypass, inspect, block.
ssl_other_client_cert_request str: Action based on client certificate request during an SSL protocol handshake. Valid values: bypass, inspect, block.
ssl_other_client_certificate str: Action based on received client certificate during an SSL protocol handshake. Valid values: bypass, inspect, block.

ftpsClientCertRequest String: Action based on client certificate request during the FTPS handshake. Valid values: bypass, inspect, block.
ftpsClientCertificate String: Action based on received client certificate during the FTPS handshake. Valid values: bypass, inspect, block.
httpsClientCertRequest String: Action based on client certificate request during the HTTPS handshake. Valid values: bypass, inspect, block.
httpsClientCertificate String: Action based on received client certificate during the HTTPS handshake. Valid values: bypass, inspect, block.
id Number: SSL server ID.
imapsClientCertRequest String: Action based on client certificate request during the IMAPS handshake. Valid values: bypass, inspect, block.
imapsClientCertificate String: Action based on received client certificate during the IMAPS handshake. Valid values: bypass, inspect, block.
ip String: IPv4 address of the SSL server.
pop3sClientCertRequest String: Action based on client certificate request during the POP3S handshake. Valid values: bypass, inspect, block.
pop3sClientCertificate String: Action based on received client certificate during the POP3S handshake. Valid values: bypass, inspect, block.
smtpsClientCertRequest String: Action based on client certificate request during the SMTPS handshake. Valid values: bypass, inspect, block.
smtpsClientCertificate String: Action based on received client certificate during the SMTPS handshake. Valid values: bypass, inspect, block.
sslOtherClientCertRequest String: Action based on client certificate request during an SSL protocol handshake. Valid values: bypass, inspect, block.
sslOtherClientCertificate String: Action based on received client certificate during an SSL protocol handshake. Valid values: bypass, inspect, block.

Import

Firewall SslSshProfile can be imported using any of these accepted formats:

$ pulumi import fortios:firewall/sslsshprofile:Sslsshprofile labelname {{name}}

If you do not want to import arguments of block:

$ export “FORTIOS_IMPORT_TABLE”=“false”

$ pulumi import fortios:firewall/sslsshprofile:Sslsshprofile labelname {{name}}

$ unset “FORTIOS_IMPORT_TABLE”

To learn more about importing existing cloud resources, see Importing resources.

Package Details

Repository: fortios pulumiverse/pulumi-fortios
License: Apache-2.0
Notes: This Pulumi package is based on the fortios Terraform Provider.

Fortios v0.0.6 published on Tuesday, Jul 9, 2024 by pulumiverse

pulumiverse/pulumi-fortios

fortios.firewall.Sslsshprofile

On this page

On this page

Example Usage

Create Sslsshprofile Resource

Constructor syntax

Parameters

Constructor example

Sslsshprofile Resource Properties

Inputs

Outputs

Look up Existing Sslsshprofile Resource

Supporting Types

SslsshprofileDot, SslsshprofileDotArgs

SslsshprofileEchOuterSni, SslsshprofileEchOuterSniArgs

SslsshprofileFtps, SslsshprofileFtpsArgs

SslsshprofileHttps, SslsshprofileHttpsArgs

SslsshprofileImaps, SslsshprofileImapsArgs

SslsshprofilePop3s, SslsshprofilePop3sArgs

SslsshprofileSmtps, SslsshprofileSmtpsArgs

SslsshprofileSsh, SslsshprofileSshArgs

SslsshprofileSsl, SslsshprofileSslArgs

SslsshprofileSslExempt, SslsshprofileSslExemptArgs

SslsshprofileSslServer, SslsshprofileSslServerArgs

Import

Package Details

On this page

On this page