ltmClientSslDropUnknownOcspStatus

F5-BIGIP-LOCAL-MIB · .1.3.6.1.4.1.3375.2.2.6.2.1.2.1.62
MIB view Table view

Object

column Enumeration 
BIGIP action when the OCSP returns unknown status.
The default value is drop, which causes the connection to be dropped.
Conversely, you can specify ignore to cuase the connection to ignore
the unknown status and continue.

Context

MIB
F5-BIGIP-LOCAL-MIB
OID
.1.3.6.1.4.1.3375.2.2.6.2.1.2.1.62
Type
column
Access
readonly
Status
current
Parent
ltmClientSslEntry
Table
ltmClientSslTable
Siblings
62

Syntax

Enumeration

Values & Constraints

Enumerated Values
0false
1true

Related Objects

Sibling Objects
ObjectTypeSyntaxOID
ltmClientSslName
The name of a client-side SSL profile.
columnF5-BIGIP-COMMON-MIBLongDisplayString.1.3.6.1.4.1.3375.2.2.6.2.1.2.1.1
ltmClientSslClientcertca
The CA certificate file name.
columnF5-BIGIP-COMMON-MIBLongDisplayString.1.3.6.1.4.1.3375.2.2.6.2.1.2.1.10
ltmClientSslCiphers
The set of ciphers available for client-side SSL negotiation.
columnF5-BIGIP-COMMON-MIBLongDisplayString.1.3.6.1.4.1.3375.2.2.6.2.1.2.1.11
ltmClientSslPassphrase deprecated
Deprecated! No longer supported. The key passphrase (if any).
columnF5-BIGIP-COMMON-MIBLongDisplayString.1.3.6.1.4.1.3375.2.2.6.2.1.2.1.12
ltmClientSslOptions
The SSL options. SSLOPT_MICROSOFT_SESS_ID_BUG = 1 SSLOPT_NETSCAPE_CHALLENGE_BUG = 2 SSLOPT_NETSCAPE_REUSE_CIPHER_CHANGE_BUG = 8 SSLOPT_SSLREF2_REUSE_CE…
columnRFC1155-SMIGauge.1.3.6.1.4.1.3375.2.2.6.2.1.2.1.13
ltmClientSslModsslmethods
The ModSSL method emulation.
columnEnumeration.1.3.6.1.4.1.3375.2.2.6.2.1.2.1.14
ltmClientSslCacheSize
The SSL session cache size.
columnRFC1155-SMIGauge.1.3.6.1.4.1.3375.2.2.6.2.1.2.1.15
ltmClientSslCacheTimeout
The SSL session cache timeout.
columnRFC1155-SMIGauge.1.3.6.1.4.1.3375.2.2.6.2.1.2.1.16
ltmClientSslRenegotiatePeriod
Time-based trigger.
columnRFC1155-SMIGauge.1.3.6.1.4.1.3375.2.2.6.2.1.2.1.17
ltmClientSslRenegotiateSize
Throughput-based trigger MB.
columnRFC1155-SMIGauge.1.3.6.1.4.1.3375.2.2.6.2.1.2.1.18
ltmClientSslRenegotiateMaxRecordDelay
The timeout of renegotiation.
columnRFC1155-SMIGauge.1.3.6.1.4.1.3375.2.2.6.2.1.2.1.19
ltmClientSslConfigSource
The state that specifies whether this is a base/pre-configured profile or user defined profile.
columnEnumeration.1.3.6.1.4.1.3375.2.2.6.2.1.2.1.2
ltmClientSslHandshakeTimeout
The handshake timeout in seconds.
columnRFC1155-SMIGauge.1.3.6.1.4.1.3375.2.2.6.2.1.2.1.20
ltmClientSslAlertTimeout
The alert timeout in seconds.
columnRFC1155-SMIGauge.1.3.6.1.4.1.3375.2.2.6.2.1.2.1.21
ltmClientSslPeerCertMode
The mode of peer certification.
columnEnumeration.1.3.6.1.4.1.3375.2.2.6.2.1.2.1.22
ltmClientSslAuthenticateOnce
The feature to request client cert once or with each SSL session renegotiation.
columnEnumeration.1.3.6.1.4.1.3375.2.2.6.2.1.2.1.23
ltmClientSslAuthenticateDepth
The maximum traversal depth for client certificate chain.
columnRFC1155-SMIGauge.1.3.6.1.4.1.3375.2.2.6.2.1.2.1.24
ltmClientSslUncleanShutdown
The state of shutdown for this SSL, whether it is unclean shutdown (not sending a close notification alert when closing connection.).
columnEnumeration.1.3.6.1.4.1.3375.2.2.6.2.1.2.1.25
ltmClientSslStrictResume
Whether to enforce strict SSL session resumption per RFC2246
columnEnumeration.1.3.6.1.4.1.3375.2.2.6.2.1.2.1.26
ltmClientSslAllowNonssl
Whether to allow non-SSL connections to pass through as cleartext.
columnEnumeration.1.3.6.1.4.1.3375.2.2.6.2.1.2.1.27
ltmClientSslSessionTicket
Whether to enforce session ticket per RFC5077.
columnEnumeration.1.3.6.1.4.1.3375.2.2.6.2.1.2.1.28
ltmClientSslFwdpEnabled
Whether to enable SSL Forward Proxy.
columnEnumeration.1.3.6.1.4.1.3375.2.2.6.2.1.2.1.29
ltmClientSslDefaultName
The name of the profile from which the specified profile derives its attribute default values.
columnF5-BIGIP-COMMON-MIBLongDisplayString.1.3.6.1.4.1.3375.2.2.6.2.1.2.1.3
ltmClientSslFwdpCaKey
The CA key object name for Forward Proxy.
columnF5-BIGIP-COMMON-MIBLongDisplayString.1.3.6.1.4.1.3375.2.2.6.2.1.2.1.30
ltmClientSslFwdpCaCert
The CA certificate object name for Forward Proxy.
columnF5-BIGIP-COMMON-MIBLongDisplayString.1.3.6.1.4.1.3375.2.2.6.2.1.2.1.31
ltmClientSslFwdpCaPassphrase deprecated
Deprecated! No longer supported. The CA key passphrase for Forward Proxy (if any).
columnF5-BIGIP-COMMON-MIBLongDisplayString.1.3.6.1.4.1.3375.2.2.6.2.1.2.1.32
ltmClientSslFwdpCertLifespan
The lifespan of the generated certificates for Forward Proxy.
columnRFC1155-SMIGauge.1.3.6.1.4.1.3375.2.2.6.2.1.2.1.33
ltmClientSslFwdpCertExtensionIncludes
The certificate extensions to include in generated certificates for Forward Proxy. SSL_FWDP_CERT_EXT_BASIC_CONSTRAINTS = 2 SSL_FWDP_CERT_EXT_EXTENDED_KEY_USAGE …
columnRFC1155-SMIGauge.1.3.6.1.4.1.3375.2.2.6.2.1.2.1.34
ltmClientSslFwdpLookupByIpaddrPort
Whether to enable SSL Forward Proxy certificate caching by IPAddr-Port.
columnEnumeration.1.3.6.1.4.1.3375.2.2.6.2.1.2.1.35
ltmClientSslGenericAlert
Whether to use generic alert number in Alert message.
columnEnumeration.1.3.6.1.4.1.3375.2.2.6.2.1.2.1.36
ltmClientSslSslSignHash
The ssl sign hash algorithm.
columnEnumeration.1.3.6.1.4.1.3375.2.2.6.2.1.2.1.37
ltmClientSslFwdpBypassEnabled
Whether to enable SSL Forward Proxy Bypass.
columnEnumeration.1.3.6.1.4.1.3375.2.2.6.2.1.2.1.38
ltmClientSslFwdpBypassDipBList
The Forward Proxy Bypass Destination IP Blacklist (if any).
columnF5-BIGIP-COMMON-MIBLongDisplayString.1.3.6.1.4.1.3375.2.2.6.2.1.2.1.39
ltmClientSslMode
The mode of this profile.
columnEnumeration.1.3.6.1.4.1.3375.2.2.6.2.1.2.1.4
ltmClientSslFwdpBypassDipWList
The Forward Proxy Bypass Destination IP Whitelist (if any).
columnF5-BIGIP-COMMON-MIBLongDisplayString.1.3.6.1.4.1.3375.2.2.6.2.1.2.1.40
ltmClientSslFwdpBypassSipBList
The Forward Proxy Bypass Source IP Blacklist (if any).
columnF5-BIGIP-COMMON-MIBLongDisplayString.1.3.6.1.4.1.3375.2.2.6.2.1.2.1.41
ltmClientSslFwdpBypassSipWList
The Forward Proxy Bypass Source IP Whitelist (if any).
columnF5-BIGIP-COMMON-MIBLongDisplayString.1.3.6.1.4.1.3375.2.2.6.2.1.2.1.42
ltmClientSslFwdpBypassHnBList
The Forward Proxy Bypass Hostname Blacklist (if any).
columnF5-BIGIP-COMMON-MIBLongDisplayString.1.3.6.1.4.1.3375.2.2.6.2.1.2.1.43
ltmClientSslFwdpBypassHnWList
The Forward Proxy Bypass Hostname Whitelist (if any).
columnF5-BIGIP-COMMON-MIBLongDisplayString.1.3.6.1.4.1.3375.2.2.6.2.1.2.1.44
ltmClientSslProxySsl
Whether to enable Proxy SSL.
columnEnumeration.1.3.6.1.4.1.3375.2.2.6.2.1.2.1.45
ltmClientSslProxySslPassthrough
Whether to enable Proxy SSL passthrough.
columnEnumeration.1.3.6.1.4.1.3375.2.2.6.2.1.2.1.46
ltmClientSslPeerNoRenegotiateTimeout
The peer no-renegotiate timeout in seconds.
columnRFC1155-SMIGauge.1.3.6.1.4.1.3375.2.2.6.2.1.2.1.47
ltmClientSslMaxRenegotiationsPerMin
Maximum SSL renegotiations per minute.
columnRFC1155-SMIGauge.1.3.6.1.4.1.3375.2.2.6.2.1.2.1.48
ltmClientSslSessionMirroring
Whether to mirror ssl sessions to HA peer.
columnEnumeration.1.3.6.1.4.1.3375.2.2.6.2.1.2.1.49
ltmClientSslKey deprecated
Deprecated! Please refer ltmClientSslCertKeyChain. The key file name.
columnF5-BIGIP-COMMON-MIBLongDisplayString.1.3.6.1.4.1.3375.2.2.6.2.1.2.1.5
ltmClientSslMaxAggregateRenegotiationsPerMin
Maximum SSL aggregate renegotiations per minute.
columnRFC1155-SMIGauge.1.3.6.1.4.1.3375.2.2.6.2.1.2.1.50
ltmClientSslSessionTicketTimeout
The session ticket timeout.
columnRFC1155-SMIGauge.1.3.6.1.4.1.3375.2.2.6.2.1.2.1.51
ltmClientSslAllowExpiredCrl
Whether to ignore a CRLs expiration.
columnEnumeration.1.3.6.1.4.1.3375.2.2.6.2.1.2.1.52
ltmClientSslMaxActiveHandshake
Maximum number of allowed SSL active handshakes.
columnRFC1155-SMIGauge.1.3.6.1.4.1.3375.2.2.6.2.1.2.1.53
ltmClientSslAllowDynamicRecordSizing
Allow dynamic record sizing.
columnEnumeration.1.3.6.1.4.1.3375.2.2.6.2.1.2.1.54
ltmClientSslMaximumRecordSize
Maximum SSL application record size.
columnRFC1155-SMIGauge.1.3.6.1.4.1.3375.2.2.6.2.1.2.1.55
ltmClientSslBypassHsAlertEnabled
Whether to enable forward-proxy bypass on handshake alert
columnEnumeration.1.3.6.1.4.1.3375.2.2.6.2.1.2.1.56
ltmClientSslBypassClientCertFailEnabled
Whether to enable forward-proxy bypass on failed client cert
columnEnumeration.1.3.6.1.4.1.3375.2.2.6.2.1.2.1.57
ltmClientSslOcspStapling
Whether to enable OCSP stapling.
columnEnumeration.1.3.6.1.4.1.3375.2.2.6.2.1.2.1.58
ltmClientSslNotifyCertStatusToVs
Whether to propagate certificate status to virtual server status.
columnEnumeration.1.3.6.1.4.1.3375.2.2.6.2.1.2.1.59
ltmClientSslCert deprecated
Deprecated! Please refer ltmClientSslCertKeyChain. The certificate file name.
columnF5-BIGIP-COMMON-MIBLongDisplayString.1.3.6.1.4.1.3375.2.2.6.2.1.2.1.6
ltmClientSslC3dEnabled
Whether to enable SSL Client Certificate Constrained Delegation.
columnEnumeration.1.3.6.1.4.1.3375.2.2.6.2.1.2.1.60
ltmClientSslCentityOcspObjName
OCSP object name that the BIGIP SSL should use to connect to the OCSP responder and check the client certificate status.
columnF5-BIGIP-COMMON-MIBLongDisplayString.1.3.6.1.4.1.3375.2.2.6.2.1.2.1.61
ltmClientSslData0rttMode
Specifies if TLSv1.3 should accept 0-RTT with early data, with or without anti-replay. To protect against packet replay, F5 recommends that you enable anti-replay. If disabled, TL…
columnEnumeration.1.3.6.1.4.1.3375.2.2.6.2.1.2.1.63
ltmClientSslChain deprecated
Deprecated! Please refer ltmClientSslCertKeyChain. The certificate chain file name.
columnF5-BIGIP-COMMON-MIBLongDisplayString.1.3.6.1.4.1.3375.2.2.6.2.1.2.1.7
ltmClientSslCafile
The CA certificate file name.
columnF5-BIGIP-COMMON-MIBLongDisplayString.1.3.6.1.4.1.3375.2.2.6.2.1.2.1.8
ltmClientSslCrlfile
The CRL file name.
columnF5-BIGIP-COMMON-MIBLongDisplayString.1.3.6.1.4.1.3375.2.2.6.2.1.2.1.9