![]() |
REST API
14
REST API for Luna Network HSMs
|
Changes the configuration of the web server providing the REST API.
Users with the following role privileges can perform this command:
Cipherlist is the cipher suite the REST API service is to accept for applications requesting connection to the web server. Cipherlist is a sub-set of the ciphers known to the REST API service.
Use: Not Required
JSON Schema:
Object type: string minLength: 1 maxLength: 1024 pattern: [a-zA-Z0-9-:_]
REST API accepts colon separated cipher list.
By default, REST API uses both TLS1.2 and TLS1.3. TLS version can be changed by providing ciphers. REST API supports following TLS version:
TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:DHE-RSA-AES256-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA256:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256
ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:DHE-RSA-AES256-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA256:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256
TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256
netDevice is the interface to which the REST API service is bound. Valid interfaces for SA7 are: eth0, eth1, eth2, eth3, all, all_ipv4, bond0 and bond1. ("all" includes all ipv6 and ipv4 addresses.) Valid interfaces for SA6 are: eth0, eth1, all, bond0. ("all" includes all ipv4 addresses.)
Use: Not Required
JSON Schema:
Object type: string minLength: 1 maxLength: 8 pattern: [a-z0-9_]
port is the logical end-point number reserved for the REST API service. The port must be within the range: 80 to 65535.
Use: Not Required
JSON Schema:
Object type: integer minLength: 80 maxLength: 65535
threads is the number of simultaneous connections the REST API service supports. A small number of threads implies restricted administrative access to the appliance.
Use: Not Required
JSON Schema:
Object type: integer minLength: 4 maxLength: 64
corsOrigins is the list that determines the Access-Control-Allow-Origin header of responses.
Use: Not Required
JSON Schema:
Object type: array corsOrigins: Object type: string
maxFileSize is the allowed maximum size of files uploaded by client. Changing maxFileSize may reset the webserver and affect timeout values of all existing or future sessions and connections. The unit of maxFileSize is kilo byte. The range is between 0 and 10000000.
Use: Not Required
JSON Schema:
Object type: integer minLength: 1 maxLength: 10000000
sessionTimeout is the allowed maximum time for which the session will remain alive. Changing sessionTimeout may reset the webserver and affect timeout values of all existing or future sessions and connections.
Use: Not Required
JSON Schema:
Object type: integer minLength: 600 maxLength: 1200
Success
If cipher list is not valid
Cors origin has not been provided
If cors origin is not valid
If net device is not valid
If port is not valid
If unexpected error has occurred
PATCH https://1.2.3.4:8443/api/lunasa/webServer { "netDevice" : "eth1", "port" : 8443, "corsOrigins" :["*"], "maxFileSize" : 1000000, "sessionTimeout" : 900 }
PATCH https://1.2.3.4:8443/api/lunasa/webServer { "cipherList" : "TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:DHE-RSA-AES256-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA256:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256" }
PATCH https://1.2.3.4:8443/api/lunasa/webServer { "cipherList" : "ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:DHE-RSA-AES256-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA256:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256" }
PATCH https://1.2.3.4:8443/api/lunasa/webServer { "cipherList" : "TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256" }
{ }