import * as pulumi from "@pulumi/pulumi"; /** * `f5bigip.sys.Ocsp` Manages F5 BIG-IP OCSP responder using iControl REST. * * ## Example Usage * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as f5bigip from "@pulumi/f5bigip"; * * const test_ocsp = new f5bigip.sys.Ocsp("test-ocsp", { * name: "/Uncommon/test-ocsp", * proxyServerPool: "/Common/test-poolxyz", * signerKey: "/Common/le-ssl", * signerCert: "/Common/le-ssl", * passphrase: "testabcdef", * }); * ``` * * ## Importing * * An existing OCSP can be imported into this resource by supplying the full path name ex : `/partition/name` * An example is below: * ```sh * $ terraform import bigip_sys_ocsp.test-ocsp /Common/test-ocsp * ``` */ export declare class Ocsp extends pulumi.CustomResource { /** * Get an existing Ocsp resource's state with the given name, ID, and optional extra * properties used to qualify the lookup. * * @param name The _unique_ name of the resulting resource. * @param id The _unique_ provider ID of the resource to lookup. * @param state Any extra arguments used during the lookup. * @param opts Optional settings to control the behavior of the CustomResource. */ static get(name: string, id: pulumi.Input, state?: OcspState, opts?: pulumi.CustomResourceOptions): Ocsp; /** * Returns true if the given object is an instance of Ocsp. This is designed to work even * when multiple copies of the Pulumi SDK have been loaded into the same process. */ static isInstance(obj: any): obj is Ocsp; /** * Specifies the lifetime of an error response in the cache, in seconds. This value must be greater than connection_timeout. The default value is `3600`. */ readonly cacheErrorTimeout: pulumi.Output; /** * Specifies the lifetime of the OCSP response in the cache, in seconds. The default value is `indefinite`. */ readonly cacheTimeout: pulumi.Output; /** * Specifies the time interval that the BIG-IP system allows for clock skew, in seconds. The default value is `300`. */ readonly clockSkew: pulumi.Output; /** * Specifies the maximum number of connections per second allowed for the OCSP certificate validator. The default value is `50`. */ readonly concurrentConnectionsLimit: pulumi.Output; /** * Specifies the time interval that the BIG-IP system waits for before ending the connection to the OCSP responder, in seconds. The default value is `8`. */ readonly connectionTimeout: pulumi.Output; /** * Specifies the internal DNS resolver the BIG-IP system uses to fetch the OCSP response. */ readonly dnsResolver: pulumi.Output; /** * Name of the OCSP Responder. Name should be in pattern `/partition/ocsp_name`. */ readonly name: pulumi.Output; /** * Specifies a passphrase used to sign an OCSP request. */ readonly passphrase: pulumi.Output; /** * Specifies the proxy server pool the BIG-IP system uses to fetch the OCSP response. */ readonly proxyServerPool: pulumi.Output; /** * Specifies the URL of the OCSP responder. */ readonly responderUrl: pulumi.Output; /** * Specifies the route domain for the OCSP responder. */ readonly routeDomain: pulumi.Output; /** * Specifies the hash algorithm used to sign the OCSP request. The default value is `sha256`. */ readonly signHash: pulumi.Output; /** * Specifies the certificate used to sign the OCSP request. */ readonly signerCert: pulumi.Output; /** * Specifies the key used to sign the OCSP request. */ readonly signerKey: pulumi.Output; /** * Specifies the maximum allowed lag time that the BIG-IP system accepts for the 'thisUpdate' time in the OCSP response, in seconds. The default value is `0`. */ readonly statusAge: pulumi.Output; /** * Specifies whether the responder's certificate is checked for an OCSP signing extension. The default value is `enabled`. */ readonly strictRespCertCheck: pulumi.Output; /** * Specifies the certificates used for validating the OCSP response. */ readonly trustedResponders: pulumi.Output; /** * Create a Ocsp resource with the given unique name, arguments, and options. * * @param name The _unique_ name of the resource. * @param args The arguments to use to populate this resource's properties. * @param opts A bag of options that control this resource's behavior. */ constructor(name: string, args: OcspArgs, opts?: pulumi.CustomResourceOptions); } /** * Input properties used for looking up and filtering Ocsp resources. */ export interface OcspState { /** * Specifies the lifetime of an error response in the cache, in seconds. This value must be greater than connection_timeout. The default value is `3600`. */ cacheErrorTimeout?: pulumi.Input; /** * Specifies the lifetime of the OCSP response in the cache, in seconds. The default value is `indefinite`. */ cacheTimeout?: pulumi.Input; /** * Specifies the time interval that the BIG-IP system allows for clock skew, in seconds. The default value is `300`. */ clockSkew?: pulumi.Input; /** * Specifies the maximum number of connections per second allowed for the OCSP certificate validator. The default value is `50`. */ concurrentConnectionsLimit?: pulumi.Input; /** * Specifies the time interval that the BIG-IP system waits for before ending the connection to the OCSP responder, in seconds. The default value is `8`. */ connectionTimeout?: pulumi.Input; /** * Specifies the internal DNS resolver the BIG-IP system uses to fetch the OCSP response. */ dnsResolver?: pulumi.Input; /** * Name of the OCSP Responder. Name should be in pattern `/partition/ocsp_name`. */ name?: pulumi.Input; /** * Specifies a passphrase used to sign an OCSP request. */ passphrase?: pulumi.Input; /** * Specifies the proxy server pool the BIG-IP system uses to fetch the OCSP response. */ proxyServerPool?: pulumi.Input; /** * Specifies the URL of the OCSP responder. */ responderUrl?: pulumi.Input; /** * Specifies the route domain for the OCSP responder. */ routeDomain?: pulumi.Input; /** * Specifies the hash algorithm used to sign the OCSP request. The default value is `sha256`. */ signHash?: pulumi.Input; /** * Specifies the certificate used to sign the OCSP request. */ signerCert?: pulumi.Input; /** * Specifies the key used to sign the OCSP request. */ signerKey?: pulumi.Input; /** * Specifies the maximum allowed lag time that the BIG-IP system accepts for the 'thisUpdate' time in the OCSP response, in seconds. The default value is `0`. */ statusAge?: pulumi.Input; /** * Specifies whether the responder's certificate is checked for an OCSP signing extension. The default value is `enabled`. */ strictRespCertCheck?: pulumi.Input; /** * Specifies the certificates used for validating the OCSP response. */ trustedResponders?: pulumi.Input; } /** * The set of arguments for constructing a Ocsp resource. */ export interface OcspArgs { /** * Specifies the lifetime of an error response in the cache, in seconds. This value must be greater than connection_timeout. The default value is `3600`. */ cacheErrorTimeout?: pulumi.Input; /** * Specifies the lifetime of the OCSP response in the cache, in seconds. The default value is `indefinite`. */ cacheTimeout?: pulumi.Input; /** * Specifies the time interval that the BIG-IP system allows for clock skew, in seconds. The default value is `300`. */ clockSkew?: pulumi.Input; /** * Specifies the maximum number of connections per second allowed for the OCSP certificate validator. The default value is `50`. */ concurrentConnectionsLimit?: pulumi.Input; /** * Specifies the time interval that the BIG-IP system waits for before ending the connection to the OCSP responder, in seconds. The default value is `8`. */ connectionTimeout?: pulumi.Input; /** * Specifies the internal DNS resolver the BIG-IP system uses to fetch the OCSP response. */ dnsResolver?: pulumi.Input; /** * Name of the OCSP Responder. Name should be in pattern `/partition/ocsp_name`. */ name: pulumi.Input; /** * Specifies a passphrase used to sign an OCSP request. */ passphrase?: pulumi.Input; /** * Specifies the proxy server pool the BIG-IP system uses to fetch the OCSP response. */ proxyServerPool?: pulumi.Input; /** * Specifies the URL of the OCSP responder. */ responderUrl?: pulumi.Input; /** * Specifies the route domain for the OCSP responder. */ routeDomain?: pulumi.Input; /** * Specifies the hash algorithm used to sign the OCSP request. The default value is `sha256`. */ signHash?: pulumi.Input; /** * Specifies the certificate used to sign the OCSP request. */ signerCert?: pulumi.Input; /** * Specifies the key used to sign the OCSP request. */ signerKey?: pulumi.Input; /** * Specifies the maximum allowed lag time that the BIG-IP system accepts for the 'thisUpdate' time in the OCSP response, in seconds. The default value is `0`. */ statusAge?: pulumi.Input; /** * Specifies whether the responder's certificate is checked for an OCSP signing extension. The default value is `enabled`. */ strictRespCertCheck?: pulumi.Input; /** * Specifies the certificates used for validating the OCSP response. */ trustedResponders?: pulumi.Input; }