f5bigip.sys.Ocsp
Explore with Pulumi AI
f5bigip.sys.Ocsp Manages F5 BIG-IP OCSP responder using iControl REST.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as f5bigip from "@pulumi/f5bigip";
const test_ocsp = new f5bigip.sys.Ocsp("test-ocsp", {
    name: "/Uncommon/test-ocsp",
    proxyServerPool: "/Common/test-poolxyz",
    signerKey: "/Common/le-ssl",
    signerCert: "/Common/le-ssl",
    passphrase: "testabcdef",
});
import pulumi
import pulumi_f5bigip as f5bigip
test_ocsp = f5bigip.sys.Ocsp("test-ocsp",
    name="/Uncommon/test-ocsp",
    proxy_server_pool="/Common/test-poolxyz",
    signer_key="/Common/le-ssl",
    signer_cert="/Common/le-ssl",
    passphrase="testabcdef")
package main
import (
	"github.com/pulumi/pulumi-f5bigip/sdk/v3/go/f5bigip/sys"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := sys.NewOcsp(ctx, "test-ocsp", &sys.OcspArgs{
			Name:            pulumi.String("/Uncommon/test-ocsp"),
			ProxyServerPool: pulumi.String("/Common/test-poolxyz"),
			SignerKey:       pulumi.String("/Common/le-ssl"),
			SignerCert:      pulumi.String("/Common/le-ssl"),
			Passphrase:      pulumi.String("testabcdef"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using F5BigIP = Pulumi.F5BigIP;
return await Deployment.RunAsync(() => 
{
    var test_ocsp = new F5BigIP.Sys.Ocsp("test-ocsp", new()
    {
        Name = "/Uncommon/test-ocsp",
        ProxyServerPool = "/Common/test-poolxyz",
        SignerKey = "/Common/le-ssl",
        SignerCert = "/Common/le-ssl",
        Passphrase = "testabcdef",
    });
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.f5bigip.sys.Ocsp;
import com.pulumi.f5bigip.sys.OcspArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var test_ocsp = new Ocsp("test-ocsp", OcspArgs.builder()
            .name("/Uncommon/test-ocsp")
            .proxyServerPool("/Common/test-poolxyz")
            .signerKey("/Common/le-ssl")
            .signerCert("/Common/le-ssl")
            .passphrase("testabcdef")
            .build());
    }
}
resources:
  test-ocsp:
    type: f5bigip:sys:Ocsp
    properties:
      name: /Uncommon/test-ocsp
      proxyServerPool: /Common/test-poolxyz
      signerKey: /Common/le-ssl
      signerCert: /Common/le-ssl
      passphrase: testabcdef
Create Ocsp Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new Ocsp(name: string, args: OcspArgs, opts?: CustomResourceOptions);@overload
def Ocsp(resource_name: str,
         args: OcspArgs,
         opts: Optional[ResourceOptions] = None)
@overload
def Ocsp(resource_name: str,
         opts: Optional[ResourceOptions] = None,
         name: Optional[str] = None,
         proxy_server_pool: Optional[str] = None,
         route_domain: Optional[str] = None,
         concurrent_connections_limit: Optional[int] = None,
         connection_timeout: Optional[int] = None,
         dns_resolver: Optional[str] = None,
         cache_timeout: Optional[str] = None,
         clock_skew: Optional[int] = None,
         passphrase: Optional[str] = None,
         responder_url: Optional[str] = None,
         cache_error_timeout: Optional[int] = None,
         sign_hash: Optional[str] = None,
         signer_cert: Optional[str] = None,
         signer_key: Optional[str] = None,
         status_age: Optional[int] = None,
         strict_resp_cert_check: Optional[str] = None,
         trusted_responders: Optional[str] = None)func NewOcsp(ctx *Context, name string, args OcspArgs, opts ...ResourceOption) (*Ocsp, error)public Ocsp(string name, OcspArgs args, CustomResourceOptions? opts = null)type: f5bigip:sys:Ocsp
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args OcspArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args OcspArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args OcspArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args OcspArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args OcspArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var ocspResource = new F5BigIP.Sys.Ocsp("ocspResource", new()
{
    Name = "string",
    ProxyServerPool = "string",
    RouteDomain = "string",
    ConcurrentConnectionsLimit = 0,
    ConnectionTimeout = 0,
    DnsResolver = "string",
    CacheTimeout = "string",
    ClockSkew = 0,
    Passphrase = "string",
    ResponderUrl = "string",
    CacheErrorTimeout = 0,
    SignHash = "string",
    SignerCert = "string",
    SignerKey = "string",
    StatusAge = 0,
    StrictRespCertCheck = "string",
    TrustedResponders = "string",
});
example, err := sys.NewOcsp(ctx, "ocspResource", &sys.OcspArgs{
	Name:                       pulumi.String("string"),
	ProxyServerPool:            pulumi.String("string"),
	RouteDomain:                pulumi.String("string"),
	ConcurrentConnectionsLimit: pulumi.Int(0),
	ConnectionTimeout:          pulumi.Int(0),
	DnsResolver:                pulumi.String("string"),
	CacheTimeout:               pulumi.String("string"),
	ClockSkew:                  pulumi.Int(0),
	Passphrase:                 pulumi.String("string"),
	ResponderUrl:               pulumi.String("string"),
	CacheErrorTimeout:          pulumi.Int(0),
	SignHash:                   pulumi.String("string"),
	SignerCert:                 pulumi.String("string"),
	SignerKey:                  pulumi.String("string"),
	StatusAge:                  pulumi.Int(0),
	StrictRespCertCheck:        pulumi.String("string"),
	TrustedResponders:          pulumi.String("string"),
})
var ocspResource = new Ocsp("ocspResource", OcspArgs.builder()
    .name("string")
    .proxyServerPool("string")
    .routeDomain("string")
    .concurrentConnectionsLimit(0)
    .connectionTimeout(0)
    .dnsResolver("string")
    .cacheTimeout("string")
    .clockSkew(0)
    .passphrase("string")
    .responderUrl("string")
    .cacheErrorTimeout(0)
    .signHash("string")
    .signerCert("string")
    .signerKey("string")
    .statusAge(0)
    .strictRespCertCheck("string")
    .trustedResponders("string")
    .build());
ocsp_resource = f5bigip.sys.Ocsp("ocspResource",
    name="string",
    proxy_server_pool="string",
    route_domain="string",
    concurrent_connections_limit=0,
    connection_timeout=0,
    dns_resolver="string",
    cache_timeout="string",
    clock_skew=0,
    passphrase="string",
    responder_url="string",
    cache_error_timeout=0,
    sign_hash="string",
    signer_cert="string",
    signer_key="string",
    status_age=0,
    strict_resp_cert_check="string",
    trusted_responders="string")
const ocspResource = new f5bigip.sys.Ocsp("ocspResource", {
    name: "string",
    proxyServerPool: "string",
    routeDomain: "string",
    concurrentConnectionsLimit: 0,
    connectionTimeout: 0,
    dnsResolver: "string",
    cacheTimeout: "string",
    clockSkew: 0,
    passphrase: "string",
    responderUrl: "string",
    cacheErrorTimeout: 0,
    signHash: "string",
    signerCert: "string",
    signerKey: "string",
    statusAge: 0,
    strictRespCertCheck: "string",
    trustedResponders: "string",
});
type: f5bigip:sys:Ocsp
properties:
    cacheErrorTimeout: 0
    cacheTimeout: string
    clockSkew: 0
    concurrentConnectionsLimit: 0
    connectionTimeout: 0
    dnsResolver: string
    name: string
    passphrase: string
    proxyServerPool: string
    responderUrl: string
    routeDomain: string
    signHash: string
    signerCert: string
    signerKey: string
    statusAge: 0
    strictRespCertCheck: string
    trustedResponders: string
Ocsp Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The Ocsp resource accepts the following input properties:
- Name string
- Name of the OCSP Responder. Name should be in pattern /partition/ocsp_name.
- CacheError intTimeout 
- Specifies the lifetime of an error response in the cache, in seconds. This value must be greater than connection_timeout. The default value is 3600.
- CacheTimeout string
- Specifies the lifetime of the OCSP response in the cache, in seconds. The default value is indefinite.
- ClockSkew int
- Specifies the time interval that the BIG-IP system allows for clock skew, in seconds. The default value is 300.
- ConcurrentConnections intLimit 
- Specifies the maximum number of connections per second allowed for the OCSP certificate validator. The default value is 50.
- ConnectionTimeout int
- Specifies the time interval that the BIG-IP system waits for before ending the connection to the OCSP responder, in seconds. The default value is 8.
- DnsResolver string
- Specifies the internal DNS resolver the BIG-IP system uses to fetch the OCSP response.
- Passphrase string
- Specifies a passphrase used to sign an OCSP request.
- ProxyServer stringPool 
- Specifies the proxy server pool the BIG-IP system uses to fetch the OCSP response.
- ResponderUrl string
- Specifies the URL of the OCSP responder.
- RouteDomain string
- Specifies the route domain for the OCSP responder.
- SignHash string
- Specifies the hash algorithm used to sign the OCSP request. The default value is sha256.
- SignerCert string
- Specifies the certificate used to sign the OCSP request.
- SignerKey string
- Specifies the key used to sign the OCSP request.
- StatusAge int
- Specifies the maximum allowed lag time that the BIG-IP system accepts for the 'thisUpdate' time in the OCSP response, in seconds. The default value is 0.
- StrictResp stringCert Check 
- Specifies whether the responder's certificate is checked for an OCSP signing extension. The default value is enabled.
- TrustedResponders string
- Specifies the certificates used for validating the OCSP response.
- Name string
- Name of the OCSP Responder. Name should be in pattern /partition/ocsp_name.
- CacheError intTimeout 
- Specifies the lifetime of an error response in the cache, in seconds. This value must be greater than connection_timeout. The default value is 3600.
- CacheTimeout string
- Specifies the lifetime of the OCSP response in the cache, in seconds. The default value is indefinite.
- ClockSkew int
- Specifies the time interval that the BIG-IP system allows for clock skew, in seconds. The default value is 300.
- ConcurrentConnections intLimit 
- Specifies the maximum number of connections per second allowed for the OCSP certificate validator. The default value is 50.
- ConnectionTimeout int
- Specifies the time interval that the BIG-IP system waits for before ending the connection to the OCSP responder, in seconds. The default value is 8.
- DnsResolver string
- Specifies the internal DNS resolver the BIG-IP system uses to fetch the OCSP response.
- Passphrase string
- Specifies a passphrase used to sign an OCSP request.
- ProxyServer stringPool 
- Specifies the proxy server pool the BIG-IP system uses to fetch the OCSP response.
- ResponderUrl string
- Specifies the URL of the OCSP responder.
- RouteDomain string
- Specifies the route domain for the OCSP responder.
- SignHash string
- Specifies the hash algorithm used to sign the OCSP request. The default value is sha256.
- SignerCert string
- Specifies the certificate used to sign the OCSP request.
- SignerKey string
- Specifies the key used to sign the OCSP request.
- StatusAge int
- Specifies the maximum allowed lag time that the BIG-IP system accepts for the 'thisUpdate' time in the OCSP response, in seconds. The default value is 0.
- StrictResp stringCert Check 
- Specifies whether the responder's certificate is checked for an OCSP signing extension. The default value is enabled.
- TrustedResponders string
- Specifies the certificates used for validating the OCSP response.
- name String
- Name of the OCSP Responder. Name should be in pattern /partition/ocsp_name.
- cacheError IntegerTimeout 
- Specifies the lifetime of an error response in the cache, in seconds. This value must be greater than connection_timeout. The default value is 3600.
- cacheTimeout String
- Specifies the lifetime of the OCSP response in the cache, in seconds. The default value is indefinite.
- clockSkew Integer
- Specifies the time interval that the BIG-IP system allows for clock skew, in seconds. The default value is 300.
- concurrentConnections IntegerLimit 
- Specifies the maximum number of connections per second allowed for the OCSP certificate validator. The default value is 50.
- connectionTimeout Integer
- Specifies the time interval that the BIG-IP system waits for before ending the connection to the OCSP responder, in seconds. The default value is 8.
- dnsResolver String
- Specifies the internal DNS resolver the BIG-IP system uses to fetch the OCSP response.
- passphrase String
- Specifies a passphrase used to sign an OCSP request.
- proxyServer StringPool 
- Specifies the proxy server pool the BIG-IP system uses to fetch the OCSP response.
- responderUrl String
- Specifies the URL of the OCSP responder.
- routeDomain String
- Specifies the route domain for the OCSP responder.
- signHash String
- Specifies the hash algorithm used to sign the OCSP request. The default value is sha256.
- signerCert String
- Specifies the certificate used to sign the OCSP request.
- signerKey String
- Specifies the key used to sign the OCSP request.
- statusAge Integer
- Specifies the maximum allowed lag time that the BIG-IP system accepts for the 'thisUpdate' time in the OCSP response, in seconds. The default value is 0.
- strictResp StringCert Check 
- Specifies whether the responder's certificate is checked for an OCSP signing extension. The default value is enabled.
- trustedResponders String
- Specifies the certificates used for validating the OCSP response.
- name string
- Name of the OCSP Responder. Name should be in pattern /partition/ocsp_name.
- cacheError numberTimeout 
- Specifies the lifetime of an error response in the cache, in seconds. This value must be greater than connection_timeout. The default value is 3600.
- cacheTimeout string
- Specifies the lifetime of the OCSP response in the cache, in seconds. The default value is indefinite.
- clockSkew number
- Specifies the time interval that the BIG-IP system allows for clock skew, in seconds. The default value is 300.
- concurrentConnections numberLimit 
- Specifies the maximum number of connections per second allowed for the OCSP certificate validator. The default value is 50.
- connectionTimeout number
- Specifies the time interval that the BIG-IP system waits for before ending the connection to the OCSP responder, in seconds. The default value is 8.
- dnsResolver string
- Specifies the internal DNS resolver the BIG-IP system uses to fetch the OCSP response.
- passphrase string
- Specifies a passphrase used to sign an OCSP request.
- proxyServer stringPool 
- Specifies the proxy server pool the BIG-IP system uses to fetch the OCSP response.
- responderUrl string
- Specifies the URL of the OCSP responder.
- routeDomain string
- Specifies the route domain for the OCSP responder.
- signHash string
- Specifies the hash algorithm used to sign the OCSP request. The default value is sha256.
- signerCert string
- Specifies the certificate used to sign the OCSP request.
- signerKey string
- Specifies the key used to sign the OCSP request.
- statusAge number
- Specifies the maximum allowed lag time that the BIG-IP system accepts for the 'thisUpdate' time in the OCSP response, in seconds. The default value is 0.
- strictResp stringCert Check 
- Specifies whether the responder's certificate is checked for an OCSP signing extension. The default value is enabled.
- trustedResponders string
- Specifies the certificates used for validating the OCSP response.
- name str
- Name of the OCSP Responder. Name should be in pattern /partition/ocsp_name.
- cache_error_ inttimeout 
- Specifies the lifetime of an error response in the cache, in seconds. This value must be greater than connection_timeout. The default value is 3600.
- cache_timeout str
- Specifies the lifetime of the OCSP response in the cache, in seconds. The default value is indefinite.
- clock_skew int
- Specifies the time interval that the BIG-IP system allows for clock skew, in seconds. The default value is 300.
- concurrent_connections_ intlimit 
- Specifies the maximum number of connections per second allowed for the OCSP certificate validator. The default value is 50.
- connection_timeout int
- Specifies the time interval that the BIG-IP system waits for before ending the connection to the OCSP responder, in seconds. The default value is 8.
- dns_resolver str
- Specifies the internal DNS resolver the BIG-IP system uses to fetch the OCSP response.
- passphrase str
- Specifies a passphrase used to sign an OCSP request.
- proxy_server_ strpool 
- Specifies the proxy server pool the BIG-IP system uses to fetch the OCSP response.
- responder_url str
- Specifies the URL of the OCSP responder.
- route_domain str
- Specifies the route domain for the OCSP responder.
- sign_hash str
- Specifies the hash algorithm used to sign the OCSP request. The default value is sha256.
- signer_cert str
- Specifies the certificate used to sign the OCSP request.
- signer_key str
- Specifies the key used to sign the OCSP request.
- status_age int
- Specifies the maximum allowed lag time that the BIG-IP system accepts for the 'thisUpdate' time in the OCSP response, in seconds. The default value is 0.
- strict_resp_ strcert_ check 
- Specifies whether the responder's certificate is checked for an OCSP signing extension. The default value is enabled.
- trusted_responders str
- Specifies the certificates used for validating the OCSP response.
- name String
- Name of the OCSP Responder. Name should be in pattern /partition/ocsp_name.
- cacheError NumberTimeout 
- Specifies the lifetime of an error response in the cache, in seconds. This value must be greater than connection_timeout. The default value is 3600.
- cacheTimeout String
- Specifies the lifetime of the OCSP response in the cache, in seconds. The default value is indefinite.
- clockSkew Number
- Specifies the time interval that the BIG-IP system allows for clock skew, in seconds. The default value is 300.
- concurrentConnections NumberLimit 
- Specifies the maximum number of connections per second allowed for the OCSP certificate validator. The default value is 50.
- connectionTimeout Number
- Specifies the time interval that the BIG-IP system waits for before ending the connection to the OCSP responder, in seconds. The default value is 8.
- dnsResolver String
- Specifies the internal DNS resolver the BIG-IP system uses to fetch the OCSP response.
- passphrase String
- Specifies a passphrase used to sign an OCSP request.
- proxyServer StringPool 
- Specifies the proxy server pool the BIG-IP system uses to fetch the OCSP response.
- responderUrl String
- Specifies the URL of the OCSP responder.
- routeDomain String
- Specifies the route domain for the OCSP responder.
- signHash String
- Specifies the hash algorithm used to sign the OCSP request. The default value is sha256.
- signerCert String
- Specifies the certificate used to sign the OCSP request.
- signerKey String
- Specifies the key used to sign the OCSP request.
- statusAge Number
- Specifies the maximum allowed lag time that the BIG-IP system accepts for the 'thisUpdate' time in the OCSP response, in seconds. The default value is 0.
- strictResp StringCert Check 
- Specifies whether the responder's certificate is checked for an OCSP signing extension. The default value is enabled.
- trustedResponders String
- Specifies the certificates used for validating the OCSP response.
Outputs
All input properties are implicitly available as output properties. Additionally, the Ocsp resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
- id string
- The provider-assigned unique ID for this managed resource.
- id str
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
Look up Existing Ocsp Resource
Get an existing Ocsp resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: OcspState, opts?: CustomResourceOptions): Ocsp@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        cache_error_timeout: Optional[int] = None,
        cache_timeout: Optional[str] = None,
        clock_skew: Optional[int] = None,
        concurrent_connections_limit: Optional[int] = None,
        connection_timeout: Optional[int] = None,
        dns_resolver: Optional[str] = None,
        name: Optional[str] = None,
        passphrase: Optional[str] = None,
        proxy_server_pool: Optional[str] = None,
        responder_url: Optional[str] = None,
        route_domain: Optional[str] = None,
        sign_hash: Optional[str] = None,
        signer_cert: Optional[str] = None,
        signer_key: Optional[str] = None,
        status_age: Optional[int] = None,
        strict_resp_cert_check: Optional[str] = None,
        trusted_responders: Optional[str] = None) -> Ocspfunc GetOcsp(ctx *Context, name string, id IDInput, state *OcspState, opts ...ResourceOption) (*Ocsp, error)public static Ocsp Get(string name, Input<string> id, OcspState? state, CustomResourceOptions? opts = null)public static Ocsp get(String name, Output<String> id, OcspState state, CustomResourceOptions options)resources:  _:    type: f5bigip:sys:Ocsp    get:      id: ${id}- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- CacheError intTimeout 
- Specifies the lifetime of an error response in the cache, in seconds. This value must be greater than connection_timeout. The default value is 3600.
- CacheTimeout string
- Specifies the lifetime of the OCSP response in the cache, in seconds. The default value is indefinite.
- ClockSkew int
- Specifies the time interval that the BIG-IP system allows for clock skew, in seconds. The default value is 300.
- ConcurrentConnections intLimit 
- Specifies the maximum number of connections per second allowed for the OCSP certificate validator. The default value is 50.
- ConnectionTimeout int
- Specifies the time interval that the BIG-IP system waits for before ending the connection to the OCSP responder, in seconds. The default value is 8.
- DnsResolver string
- Specifies the internal DNS resolver the BIG-IP system uses to fetch the OCSP response.
- Name string
- Name of the OCSP Responder. Name should be in pattern /partition/ocsp_name.
- Passphrase string
- Specifies a passphrase used to sign an OCSP request.
- ProxyServer stringPool 
- Specifies the proxy server pool the BIG-IP system uses to fetch the OCSP response.
- ResponderUrl string
- Specifies the URL of the OCSP responder.
- RouteDomain string
- Specifies the route domain for the OCSP responder.
- SignHash string
- Specifies the hash algorithm used to sign the OCSP request. The default value is sha256.
- SignerCert string
- Specifies the certificate used to sign the OCSP request.
- SignerKey string
- Specifies the key used to sign the OCSP request.
- StatusAge int
- Specifies the maximum allowed lag time that the BIG-IP system accepts for the 'thisUpdate' time in the OCSP response, in seconds. The default value is 0.
- StrictResp stringCert Check 
- Specifies whether the responder's certificate is checked for an OCSP signing extension. The default value is enabled.
- TrustedResponders string
- Specifies the certificates used for validating the OCSP response.
- CacheError intTimeout 
- Specifies the lifetime of an error response in the cache, in seconds. This value must be greater than connection_timeout. The default value is 3600.
- CacheTimeout string
- Specifies the lifetime of the OCSP response in the cache, in seconds. The default value is indefinite.
- ClockSkew int
- Specifies the time interval that the BIG-IP system allows for clock skew, in seconds. The default value is 300.
- ConcurrentConnections intLimit 
- Specifies the maximum number of connections per second allowed for the OCSP certificate validator. The default value is 50.
- ConnectionTimeout int
- Specifies the time interval that the BIG-IP system waits for before ending the connection to the OCSP responder, in seconds. The default value is 8.
- DnsResolver string
- Specifies the internal DNS resolver the BIG-IP system uses to fetch the OCSP response.
- Name string
- Name of the OCSP Responder. Name should be in pattern /partition/ocsp_name.
- Passphrase string
- Specifies a passphrase used to sign an OCSP request.
- ProxyServer stringPool 
- Specifies the proxy server pool the BIG-IP system uses to fetch the OCSP response.
- ResponderUrl string
- Specifies the URL of the OCSP responder.
- RouteDomain string
- Specifies the route domain for the OCSP responder.
- SignHash string
- Specifies the hash algorithm used to sign the OCSP request. The default value is sha256.
- SignerCert string
- Specifies the certificate used to sign the OCSP request.
- SignerKey string
- Specifies the key used to sign the OCSP request.
- StatusAge int
- Specifies the maximum allowed lag time that the BIG-IP system accepts for the 'thisUpdate' time in the OCSP response, in seconds. The default value is 0.
- StrictResp stringCert Check 
- Specifies whether the responder's certificate is checked for an OCSP signing extension. The default value is enabled.
- TrustedResponders string
- Specifies the certificates used for validating the OCSP response.
- cacheError IntegerTimeout 
- Specifies the lifetime of an error response in the cache, in seconds. This value must be greater than connection_timeout. The default value is 3600.
- cacheTimeout String
- Specifies the lifetime of the OCSP response in the cache, in seconds. The default value is indefinite.
- clockSkew Integer
- Specifies the time interval that the BIG-IP system allows for clock skew, in seconds. The default value is 300.
- concurrentConnections IntegerLimit 
- Specifies the maximum number of connections per second allowed for the OCSP certificate validator. The default value is 50.
- connectionTimeout Integer
- Specifies the time interval that the BIG-IP system waits for before ending the connection to the OCSP responder, in seconds. The default value is 8.
- dnsResolver String
- Specifies the internal DNS resolver the BIG-IP system uses to fetch the OCSP response.
- name String
- Name of the OCSP Responder. Name should be in pattern /partition/ocsp_name.
- passphrase String
- Specifies a passphrase used to sign an OCSP request.
- proxyServer StringPool 
- Specifies the proxy server pool the BIG-IP system uses to fetch the OCSP response.
- responderUrl String
- Specifies the URL of the OCSP responder.
- routeDomain String
- Specifies the route domain for the OCSP responder.
- signHash String
- Specifies the hash algorithm used to sign the OCSP request. The default value is sha256.
- signerCert String
- Specifies the certificate used to sign the OCSP request.
- signerKey String
- Specifies the key used to sign the OCSP request.
- statusAge Integer
- Specifies the maximum allowed lag time that the BIG-IP system accepts for the 'thisUpdate' time in the OCSP response, in seconds. The default value is 0.
- strictResp StringCert Check 
- Specifies whether the responder's certificate is checked for an OCSP signing extension. The default value is enabled.
- trustedResponders String
- Specifies the certificates used for validating the OCSP response.
- cacheError numberTimeout 
- Specifies the lifetime of an error response in the cache, in seconds. This value must be greater than connection_timeout. The default value is 3600.
- cacheTimeout string
- Specifies the lifetime of the OCSP response in the cache, in seconds. The default value is indefinite.
- clockSkew number
- Specifies the time interval that the BIG-IP system allows for clock skew, in seconds. The default value is 300.
- concurrentConnections numberLimit 
- Specifies the maximum number of connections per second allowed for the OCSP certificate validator. The default value is 50.
- connectionTimeout number
- Specifies the time interval that the BIG-IP system waits for before ending the connection to the OCSP responder, in seconds. The default value is 8.
- dnsResolver string
- Specifies the internal DNS resolver the BIG-IP system uses to fetch the OCSP response.
- name string
- Name of the OCSP Responder. Name should be in pattern /partition/ocsp_name.
- passphrase string
- Specifies a passphrase used to sign an OCSP request.
- proxyServer stringPool 
- Specifies the proxy server pool the BIG-IP system uses to fetch the OCSP response.
- responderUrl string
- Specifies the URL of the OCSP responder.
- routeDomain string
- Specifies the route domain for the OCSP responder.
- signHash string
- Specifies the hash algorithm used to sign the OCSP request. The default value is sha256.
- signerCert string
- Specifies the certificate used to sign the OCSP request.
- signerKey string
- Specifies the key used to sign the OCSP request.
- statusAge number
- Specifies the maximum allowed lag time that the BIG-IP system accepts for the 'thisUpdate' time in the OCSP response, in seconds. The default value is 0.
- strictResp stringCert Check 
- Specifies whether the responder's certificate is checked for an OCSP signing extension. The default value is enabled.
- trustedResponders string
- Specifies the certificates used for validating the OCSP response.
- cache_error_ inttimeout 
- Specifies the lifetime of an error response in the cache, in seconds. This value must be greater than connection_timeout. The default value is 3600.
- cache_timeout str
- Specifies the lifetime of the OCSP response in the cache, in seconds. The default value is indefinite.
- clock_skew int
- Specifies the time interval that the BIG-IP system allows for clock skew, in seconds. The default value is 300.
- concurrent_connections_ intlimit 
- Specifies the maximum number of connections per second allowed for the OCSP certificate validator. The default value is 50.
- connection_timeout int
- Specifies the time interval that the BIG-IP system waits for before ending the connection to the OCSP responder, in seconds. The default value is 8.
- dns_resolver str
- Specifies the internal DNS resolver the BIG-IP system uses to fetch the OCSP response.
- name str
- Name of the OCSP Responder. Name should be in pattern /partition/ocsp_name.
- passphrase str
- Specifies a passphrase used to sign an OCSP request.
- proxy_server_ strpool 
- Specifies the proxy server pool the BIG-IP system uses to fetch the OCSP response.
- responder_url str
- Specifies the URL of the OCSP responder.
- route_domain str
- Specifies the route domain for the OCSP responder.
- sign_hash str
- Specifies the hash algorithm used to sign the OCSP request. The default value is sha256.
- signer_cert str
- Specifies the certificate used to sign the OCSP request.
- signer_key str
- Specifies the key used to sign the OCSP request.
- status_age int
- Specifies the maximum allowed lag time that the BIG-IP system accepts for the 'thisUpdate' time in the OCSP response, in seconds. The default value is 0.
- strict_resp_ strcert_ check 
- Specifies whether the responder's certificate is checked for an OCSP signing extension. The default value is enabled.
- trusted_responders str
- Specifies the certificates used for validating the OCSP response.
- cacheError NumberTimeout 
- Specifies the lifetime of an error response in the cache, in seconds. This value must be greater than connection_timeout. The default value is 3600.
- cacheTimeout String
- Specifies the lifetime of the OCSP response in the cache, in seconds. The default value is indefinite.
- clockSkew Number
- Specifies the time interval that the BIG-IP system allows for clock skew, in seconds. The default value is 300.
- concurrentConnections NumberLimit 
- Specifies the maximum number of connections per second allowed for the OCSP certificate validator. The default value is 50.
- connectionTimeout Number
- Specifies the time interval that the BIG-IP system waits for before ending the connection to the OCSP responder, in seconds. The default value is 8.
- dnsResolver String
- Specifies the internal DNS resolver the BIG-IP system uses to fetch the OCSP response.
- name String
- Name of the OCSP Responder. Name should be in pattern /partition/ocsp_name.
- passphrase String
- Specifies a passphrase used to sign an OCSP request.
- proxyServer StringPool 
- Specifies the proxy server pool the BIG-IP system uses to fetch the OCSP response.
- responderUrl String
- Specifies the URL of the OCSP responder.
- routeDomain String
- Specifies the route domain for the OCSP responder.
- signHash String
- Specifies the hash algorithm used to sign the OCSP request. The default value is sha256.
- signerCert String
- Specifies the certificate used to sign the OCSP request.
- signerKey String
- Specifies the key used to sign the OCSP request.
- statusAge Number
- Specifies the maximum allowed lag time that the BIG-IP system accepts for the 'thisUpdate' time in the OCSP response, in seconds. The default value is 0.
- strictResp StringCert Check 
- Specifies whether the responder's certificate is checked for an OCSP signing extension. The default value is enabled.
- trustedResponders String
- Specifies the certificates used for validating the OCSP response.
Import
ing
An existing OCSP can be imported into this resource by supplying the full path name ex : /partition/name
An example is below:
$ terraform import bigip_sys_ocsp.test-ocsp /Common/test-ocsp
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- f5 BIG-IP pulumi/pulumi-f5bigip
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the bigipTerraform Provider.