Enumerations
enum	OPEN_SSLT_PROTOCOL_t { OPEN_SSLT_PROTOCOL_SSL30 = 0, OPEN_SSLT_PROTOCOL_TLS10, OPEN_SSLT_PROTOCOL_TLS11, OPEN_SSLT_PROTOCOL_TLS12, OPEN_SSLT_PROTOCOL_TLS13 }

Functions
open_error_t	openapiSsltAdminModeGet (openapiClientHandle_t client_handle, OPEN_CONTROL_t pMode)
	Gets admin mode of SSL Tunnel server. More...

open_error_t	openapiSsltAdminModeSet (openapiClientHandle_t *client_handle, OPEN_CONTROL_t mode)
	Sets admin Mode of the SSL Tunnel server. More...

open_error_t	openapiSsltCertificateActiveGet (openapiClientHandle_t client_handle, uint32_t pCertNum)
	Gets the active certificate for the SSL tunnel. More...

open_error_t	openapiSsltCertificateActiveSet (openapiClientHandle_t *client_handle, uint32_t certNum)
	Set the active certificate for the SSL tunnel. More...

open_error_t	openapiSsltCertificateAndServerKeyExists (openapiClientHandle_t *client_handle, uint32_t certNum)
	Determine if self-signed server and rootcert certificates exist. More...

open_error_t	openapiSsltCertificateExists (openapiClientHandle_t *client_handle, uint32_t certNum)
	Determine if self-signed server certificate exists. More...

open_error_t	openapiSsltCertificateExpiryStatusGet (openapiClientHandle_t client_handle, uint32_t CertNum, OPEN_BOOL_t pIsExpired)
	Gets status of SSL certificate expiry. More...

open_error_t	openapiSsltCertificateGenerate (openapiClientHandle_t client_handle, uint32_t certNum, uint32_t keyLength, open_buffdesc pCommonName, open_buffdesc pOrgName, open_buffdesc pOrgUnit, open_buffdesc pLocation, open_buffdesc pState, open_buffdesc pCountry, open_buffdesc pEmail, uint32_t days)
	Generate a self-signed server certificate for SSL tunnel. More...

open_error_t	openapiSsltCertificateOperActiveGet (openapiClientHandle_t client_handle, uint32_t pCertNum)
	Gets operational active SSL certificate. More...

open_error_t	openapiSsltCertRemove (openapiClientHandle_t *client_handle, uint32_t certNum)
	Remove SSLT certificate. More...

open_error_t	openapiSsltCheckHTTPSEnabledAndOperational (openapiClientHandle_t client_handle, uint32_t certNum, OPEN_BOOL_t pIsHttpModeEnabled)
	Check if HTTPS mode is enabled and the certificate is active. More...

open_error_t	openapiSsltNumSessionsGet (openapiClientHandle_t client_handle, uint32_t pSession)
	Gets maximum number of SSLT sessions supported. More...

open_error_t	openapiSsltNumSessionsSet (openapiClientHandle_t *client_handle, uint32_t maxSession)
	Sets maximum allowable SSLT sessions. More...

open_error_t	openapiSsltOperModeGet (openapiClientHandle_t client_handle, OPEN_CONTROL_t pMode)
	Gets operation mode of SSL Tunnel server. More...

open_error_t	openapiSsltProtocolLevelGet (openapiClientHandle_t client_handle, OPEN_SSLT_PROTOCOL_t protocolId, OPEN_CONTROL_t pMode)
	Gets SSL Protocol mode status in use by the SSL Tunnel code. More...

open_error_t	openapiSsltProtocolLevelSet (openapiClientHandle_t *client_handle, OPEN_SSLT_PROTOCOL_t protocolId, OPEN_CONTROL_t mode)
	Sets SSL Protocol Level to be used by SSL Tunnel codes. More...

open_error_t	openapiSsltSecurePortGet (openapiClientHandle_t client_handle, uint32_t pPort)
	Gets secure port number that the SSLT connection is using. More...

open_error_t	openapiSsltSecurePortSet (openapiClientHandle_t *client_handle, uint32_t port)
	Sets secure port number to listen on for SSLT connections. More...

open_error_t	openapiSsltSessionHardTimeOutGet (openapiClientHandle_t client_handle, uint32_t pTimeout)
	Gets SSLT session hard timeout information (in hours). More...

open_error_t	openapiSsltSessionHardTimeOutSet (openapiClientHandle_t *client_handle, uint32_t timeout)
	Sets SSLT session hard timeout (in hours). More...

open_error_t	openapiSsltSessionSoftTimeOutGet (openapiClientHandle_t client_handle, uint32_t pTimeout)
	Gets SSLT session soft timeout information. More...

open_error_t	openapiSsltSessionSoftTimeOutSet (openapiClientHandle_t *client_handle, uint32_t timeout)
	Sets Soft Timeout (in minutes) for SSLT sessions. More...

Detailed Description

Function Documentation

open_error_t openapiSsltAdminModeGet	(	openapiClientHandle_t *	client_handle,
		OPEN_CONTROL_t *	pMode
	)

Gets admin mode of SSL Tunnel server.

Parameters

[in]	client_handle	client handle from registration API
[out]	pMode	Mode [Enable/Disable]

Return values

OPEN_E_NONE	On success.
OPEN_E_FAIL	On failure.
OPEN_E_PARAM	Invalid argument.

Note: This API fetches SSL Admin Mode.

OpEN API Version: 1.25

Examples:: sslt_example.c.

open_error_t openapiSsltAdminModeSet	(	openapiClientHandle_t *	client_handle,
		OPEN_CONTROL_t	mode
	)

Sets admin Mode of the SSL Tunnel server.

Parameters

[in]	client_handle	client handle from registration API
[in]	mode	Mode [Enable/Disable]

Return values

OPEN_E_NONE	On success.
OPEN_E_FAIL	On failure.
OPEN_E_PARAM	Invalid argument.

Note: This API sets SSL Admin Mode. And remove all existing HTTPS sessions if required; Calling this API will change the running configuration of the switch.

OpEN API Version: 1.25

Examples:: sslt_example.c.

open_error_t openapiSsltCertificateActiveGet	(	openapiClientHandle_t *	client_handle,
		uint32_t *	pCertNum
	)

Gets the active certificate for the SSL tunnel.

Parameters

[in]	client_handle	client handle from registration API
[out]	pCertNum	certificate number (1 or 2)

Return values

OPEN_E_NONE	On success.
OPEN_E_FAIL	On failure.
OPEN_E_PARAM	Invalid argument.

Note: This API fetches active SSL tunnel certificate number.

OpEN API Version: 1.25

Examples:: sslt_example.c.

open_error_t openapiSsltCertificateActiveSet	(	openapiClientHandle_t *	client_handle,
		uint32_t	certNum
	)

Set the active certificate for the SSL tunnel.

Parameters

[in]	client_handle	client handle from registration API
[in]	certNum	certificate number (1 or 2)

Return values

OPEN_E_NONE	On success.
OPEN_E_FAIL	On failure.
OPEN_E_PARAM	Invalid argument.

Note: This API Sets the active certificate for the SSL tunnel.

OpEN API Version: 1.25

Examples:: sslt_example.c.

open_error_t openapiSsltCertificateAndServerKeyExists	(	openapiClientHandle_t *	client_handle,
		uint32_t	certNum
	)

Determine if self-signed server and rootcert certificates exist.

Parameters

[in]	client_handle	client handle from registration API
[in]	certNum	certificate number (1 or 2)

Return values

OPEN_E_NOT_FOUND	if cert not found/present.
OPEN_E_NONE	On success.
OPEN_E_FAIL	On failure.
OPEN_E_PARAM	Invalid argument.

Note: This API determine server and rootcert certificate existence.

OpEN API Version: 1.25

Examples:: sslt_example.c.

open_error_t openapiSsltCertificateExists	(	openapiClientHandle_t *	client_handle,
		uint32_t	certNum
	)

Determine if self-signed server certificate exists.

Parameters

[in]	client_handle	client handle from registration API
[in]	certNum	certificate number (1 or 2)

Return values

OPEN_E_NOT_FOUND	if cert not found/present.
OPEN_E_NONE	On success.
OPEN_E_FAIL	On failure.
OPEN_E_PARAM	Invalid argument.

Note: This API determine server certificate existence.

OpEN API Version: 1.25

Examples:: sslt_example.c.

open_error_t openapiSsltCertificateExpiryStatusGet	(	openapiClientHandle_t *	client_handle,
		uint32_t	CertNum,
		OPEN_BOOL_t *	pIsExpired
	)

Gets status of SSL certificate expiry.

Parameters

[in]	client_handle	client handle from registration API
[in]	CertNum	certificate number (1 or 2)
[out]	pIsExpired	TRUE - Certificate is not valid, FALSE - Certificate is valid

Return values

OPEN_E_NONE	On success.
OPEN_E_FAIL	On failure.
OPEN_E_PARAM	Invalid argument.

Note: This API fetches status of SSL certificate expiry.

OpEN API Version: 1.25

Examples:: sslt_example.c.

open_error_t openapiSsltCertificateGenerate	(	openapiClientHandle_t *	client_handle,
		uint32_t	certNum,
		uint32_t	keyLength,
		open_buffdesc *	pCommonName,
		open_buffdesc *	pOrgName,
		open_buffdesc *	pOrgUnit,
		open_buffdesc *	pLocation,
		open_buffdesc *	pState,
		open_buffdesc *	pCountry,
		open_buffdesc *	pEmail,
		uint32_t	days
	)

Generate a self-signed server certificate for SSL tunnel.

Parameters

[in]	client_handle	client handle from registration API
[in]	certNum	certificate number
[in]	keyLength	RSA key length, 0 will use existing key.
[in]	pCommonName	subject DN common name field.
[in]	pOrgName	subject DN organization name field.
[in]	pOrgUnit	subject DN organization unit field.
[in]	pLocation	subject DN location field.
[in]	pState	subject DN state field.
[in]	pCountry	subject DN country field.
[in]	pEmail	subject DN email field.
[in]	days	days certificate will be valid.

Return values

OPEN_E_NONE	On success.
OPEN_E_FAIL	On failure.
OPEN_E_PARAM	Invalid argument.

Note: If certificate does not exist, a keyLength must be specified; to generate an RSA key pair on the device.; If keyLength == 0, certificate will use existing RSA key pair.; If specified, keyLength must be >= L7_SSLT_KEY_LENGTH_MIN and; <= L7_SSLT_KEY_LENGTH_MAX.; If DN fields are not specified, defaults will be applied.; DN field lengths must be >= L7_SSLT_SUBJECT_DN_FIELD_MIN and; <= L7_SSLT_SUBJECT_DN_FIELD_MAX.; country length must be L7_SSLT_SUBJECT_COUNTRY_SIZE.; If days == 0, default valid days will be applied.

OpEN API Version: 1.25

Examples:: sslt_example.c.

open_error_t openapiSsltCertificateOperActiveGet	(	openapiClientHandle_t *	client_handle,
		uint32_t *	pCertNum
	)

Gets operational active SSL certificate.

Parameters

[in]	client_handle	client handle from registration API
[out]	pCertNum	certificate number (1 or 2)

Return values

OPEN_E_NONE	On success.
OPEN_E_FAIL	On failure.
OPEN_E_PARAM	Invalid argument.

Note: This API fetches SSL tunnel operational active certificate number.

OpEN API Version: 1.25

Examples:: sslt_example.c.

open_error_t openapiSsltCertRemove	(	openapiClientHandle_t *	client_handle,
		uint32_t	certNum
	)

Remove SSLT certificate.

Parameters

[in]	client_handle	client handle from registration API
[in]	certNum	certificate number (1 or 2)

Return values

OPEN_E_DEPENDENCY_NOT_MET	If HTTPS is operationally enabled.
OPEN_E_INTERNAL	If input certificate is user selected certificate.
OPEN_E_NONE	On success.
OPEN_E_FAIL	On failure.
OPEN_E_PARAM	Invalid argument.

Note: This API removes SSLT certificate.

OpEN API Version: 1.25

Examples:: sslt_example.c.

open_error_t openapiSsltCheckHTTPSEnabledAndOperational	(	openapiClientHandle_t *	client_handle,
		uint32_t	certNum,
		OPEN_BOOL_t *	pIsHttpModeEnabled
	)

Check if HTTPS mode is enabled and the certificate is active.

Parameters

[in]	client_handle	client handle from registration API
[in]	certNum	certificate number (1 or 2)
[out]	pIsHttpModeEnabled	certificate number (1 or 2)

Return values

OPEN_E_NONE	On success.
OPEN_E_FAIL	On failure.
OPEN_E_PARAM	Invalid argument.

Note: This API check if HTTPS mode is enabled and the certificate is active.

OpEN API Version: 1.25

Examples:: sslt_example.c.

open_error_t openapiSsltNumSessionsGet	(	openapiClientHandle_t *	client_handle,
		uint32_t *	pSession
	)

Gets maximum number of SSLT sessions supported.

Parameters

[in]	client_handle	client handle from registration API
[out]	pSession	maximum allowable number of web sessions configured

Return values

OPEN_E_NONE	On success.
OPEN_E_FAIL	On failure.
OPEN_E_PARAM	Invalid argument.

Note: This API fetches maximum number of SSLT sessions configured

OpEN API Version: 1.25

Examples:: sslt_example.c.

open_error_t openapiSsltNumSessionsSet	(	openapiClientHandle_t *	client_handle,
		uint32_t	maxSession
	)

Sets maximum allowable SSLT sessions.

Parameters

[in]	client_handle	client handle from registration API
[in]	maxSession	maximum allowable number of SSLT sessions

Return values

OPEN_E_NONE	On success.
OPEN_E_FAIL	On failure.
OPEN_E_PARAM	Invalid argument.

Note: This API sets maximum number of SSLT sessions; Calling this API will change the running configuration of the switch.

OpEN API Version: 1.25

Examples:: sslt_example.c.

open_error_t openapiSsltOperModeGet	(	openapiClientHandle_t *	client_handle,
		OPEN_CONTROL_t *	pMode
	)

Gets operation mode of SSL Tunnel server.

Parameters

[in]	client_handle	client handle from registration API
[out]	pMode	Mode [Enable/Disable]

Return values

OPEN_E_NONE	On success.
OPEN_E_FAIL	On failure.
OPEN_E_PARAM	Invalid argument.

Note: This API fetches SSL oper Mode.

OpEN API Version: 1.25

Examples:: sslt_example.c.

open_error_t openapiSsltProtocolLevelGet	(	openapiClientHandle_t *	client_handle,
		OPEN_SSLT_PROTOCOL_t	protocolId,
		OPEN_CONTROL_t *	pMode
	)

Gets SSL Protocol mode status in use by the SSL Tunnel code.

Parameters

[in]	client_handle	client handle from registration API
[in]	protocolId	ID of SSLT supported protocol
[out]	pMode	Mode [Enable/Disable]

Return values

OPEN_E_NONE	On success.
OPEN_E_FAIL	On failure.
OPEN_E_PARAM	Invalid argument.

Note: This API fetches SSL Protocol mode information used for SSLT connection

OpEN API Version: 1.25

Examples:: sslt_example.c.

open_error_t openapiSsltProtocolLevelSet	(	openapiClientHandle_t *	client_handle,
		OPEN_SSLT_PROTOCOL_t	protocolId,
		OPEN_CONTROL_t	mode
	)

Sets SSL Protocol Level to be used by SSL Tunnel codes.

Parameters

[in]	client_handle	client handle from registration API
[in]	protocolId	ID of SSLT supported protocol
[in]	mode	Mode [Enable/Disable]

Return values

OPEN_E_NONE	On success.
OPEN_E_FAIL	On failure.
OPEN_E_PARAM	Invalid argument.

Note: This API sets SSL Protocol Level to be used by SSL Tunnel connections; Calling this API will change the running configuration of the switch.

OpEN API Version: 1.25

Examples:: sslt_example.c.

open_error_t openapiSsltSecurePortGet	(	openapiClientHandle_t *	client_handle,
		uint32_t *	pPort
	)

Gets secure port number that the SSLT connection is using.

Parameters

[in]	client_handle	client handle from registration API
[out]	pPort	port number

Return values

OPEN_E_NONE	On success.
OPEN_E_FAIL	On failure.
OPEN_E_PARAM	Invalid argument.

Note: This API fetches secure port information used for SSLT connection

OpEN API Version: 1.25

Examples:: sslt_example.c.

open_error_t openapiSsltSecurePortSet	(	openapiClientHandle_t *	client_handle,
		uint32_t	port
	)

Sets secure port number to listen on for SSLT connections.

Parameters

[in]	client_handle	client handle from registration API
[in]	port	port-number

Return values

OPEN_E_NONE	On success.
OPEN_E_FAIL	On failure.
OPEN_E_PARAM	Invalid argument.

Note: This API sets secure port number to listen on for SSLT connections; Calling this API will change the running configuration of the switch.

OpEN API Version: 1.25

Examples:: sslt_example.c.

open_error_t openapiSsltSessionHardTimeOutGet	(	openapiClientHandle_t *	client_handle,
		uint32_t *	pTimeout
	)

Gets SSLT session hard timeout information (in hours).

Parameters

[in]	client_handle	client handle from registration API
[out]	pTimeout	HTTP session hard timeout

Return values

OPEN_E_NONE	On success.
OPEN_E_FAIL	On failure.
OPEN_E_PARAM	Invalid argument.

Note: This API fetches information of SSLT session hard timeout

OpEN API Version: 1.25

Examples:: sslt_example.c.

open_error_t openapiSsltSessionHardTimeOutSet	(	openapiClientHandle_t *	client_handle,
		uint32_t	timeout
	)

Sets SSLT session hard timeout (in hours).

Parameters

[in]	client_handle	client handle from registration API
[in]	timeout	SSLT session hard timeout

Return values

OPEN_E_NONE	On success.
OPEN_E_FAIL	On failure.
OPEN_E_PARAM	Invalid argument.

Note: This API sets SSLT session hard timeout; Calling this API will change the running configuration of the switch.

OpEN API Version: 1.25

Examples:: sslt_example.c.

open_error_t openapiSsltSessionSoftTimeOutGet	(	openapiClientHandle_t *	client_handle,
		uint32_t *	pTimeout
	)

Gets SSLT session soft timeout information.

(in minutes)

Parameters

[in]	client_handle	client handle from registration API
[out]	pTimeout	SSLT session soft timeout

Return values

OPEN_E_NONE	On success.
OPEN_E_FAIL	On failure.
OPEN_E_PARAM	Invalid argument.

Note: This API fetches information of SSLT session soft timeout

OpEN API Version: 1.25

Examples:: sslt_example.c.

open_error_t openapiSsltSessionSoftTimeOutSet	(	openapiClientHandle_t *	client_handle,
		uint32_t	timeout
	)

Sets Soft Timeout (in minutes) for SSLT sessions.

Parameters

[in]	client_handle	client handle from registration API
[in]	timeout	SSLT session soft timeout

Return values

OPEN_E_NONE	On success.
OPEN_E_FAIL	On failure.
OPEN_E_PARAM	Invalid argument.

Note: This API sets SSLT sessions soft timeout; Calling this API will change the running configuration of the switch.

OpEN API Version: 1.25

Examples:: sslt_example.c.

Enumerations

Functions

Detailed Description

Function Documentation