- URL:
- https://<root>/machines/<machine>/sslCertificates/update
- Methods:
- POST
- Required Capability:
- Access allowed with the "Security and Infrastructure" privilege
- Version Introduced:
- 10.8
Description
The update operation configures the web server certificate, TLS protocols, and cipher suites used by the portal in a high availability (multiple machine) environment.
Request parameters
| Parameter | Details | 
|---|---|
| 
 (Required) | The name of the certificate. The certificate must be present in the portal. Example  | 
| 
 | The TLS protocols the portal will use.  Example  | 
| 
 | The cipher suites the portal will use. Refer to the list of valid and default cipher suites in the next section. Values must be separated by commas. Example  | 
| 
 | A boolean value that indicates whether HTTP Strict Transport Security (HSTS) is being used by the portal. See Enforce strict HTTPS communication for more information. The default is  Values:  | 
| 
 | The response format. The default response format is  Values:  | 
Valid cipher suites
The following cipher suites are enabled by default in the portal:
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
TLS_RSA_WITH_AES_256_GCM_SHA384,
TLS_RSA_WITH_AES_256_CBC_SHA256,
TLS_RSA_WITH_AES_256_CBC_SHA,
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
TLS_RSA_WITH_AES_128_GCM_SHA256,
TLS_RSA_WITH_AES_128_CBC_SHA256,
TLS_RSA_WITH_AES_128_CBC_SHA,
TLS_AES_256_GCM_SHA384,
TLS_AES_128_GCM_SHA256,
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHAThe following cipher suites are not enabled by default, but are valid and can be added using this operation:
TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,
TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,
TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,
TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,
TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA,
TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,
SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA,
SSL_RSA_WITH_3DES_EDE_CBC_SHAExample usage
The following is a sample POST request for the update operation:
POST /webadaptor/portaladmin/machines/MACHINE.DOMAIN.COM/sslCertificates/update HTTP/1.1
Host: machine.domain.com
Content-Type: application/x-www-form-urlencoded
Content-Length: []
webServerCertificateAlias=myselfsignedcertificate&sslProtocols=TLSv1.2&HSTSEnabled=false&cipherSuites=TLS_RSA_WITH_AES_256_CBC_SHA&f=jsonJSON Response example
{"status": "success"}