TLS Inspection Configuration

List all TLS configuration deployments

get/ssl/deployments
SecurityTrend Micro Cloud One API Key
Responses
200

Response based on AWS or Azure provider

400

Bad Request

403

Forbidden

404

Not Found

500

Internal Server Error

Response samples
application/json

Available TLS deployments

{
  • "deployments": [
    ]
}

Deploy a TLS configuration on an appliance

post/ssl/deployments

TLS inspection requires a minimum TippingPoint Operating System (TOS) version of 2021.8.0.11159

For details on locating your device identifier, refer to Appliance management.

To determine whether your TLS configuration was successfully deployed to your appliance, you can poll the status. Learn more.

SecurityTrend Micro Cloud One API Key
Request
Request Body schema: application/json
One of:

A request to deploy TLS configuration to an appliance. The request must include at least one certificate ARN, and either a reference to access matching certificate keys via HSM, or provide private keys in PEM format (and password if encrypted).

The certificate ARNs should be from one of the following sources:

  • ACM,
  • S3 bucket.

Access to the private keys:

  • HSM secrets ARN or
  • included in the request in PEM format

Ensure that your appliance has access to all resources required for a TLS deployment in your AWS environment.

applianceId
required
integer <int64>

The appliance identifier where the TLS configuration will be deployed

certificateArn
string
Deprecated

ACM or S3 ARN from where the server's public certificate will be retrieved. see "certificates" which supports both single and multi-certificate deployments

Array of objects (CertificateInfo)

Server's public certificates and optional private key assets

hsmSecretsArn
string

Secrets ARN to provide HSM connection information

kmsArn
required
string

ARN of key management service that has the key for encrypting customer data on the appliance

pemKey
string
Deprecated

Server's private key (can be encrypted) in PEM format. see "certificates" which supports both single and multi-certificate deployments

pemKeyPassword
string
Deprecated

Server's private key password if key is encrypted. see "certificates" which supports both single and multi-certificate deployments

serverIp
required
string

IPv4 address or subnet (CIDR A.B.C.D/8-32) of the server that will be proxied for TLS decryption

Responses
200

Response based on AWS or Azure provider

400

Bad Request

403

Forbidden

404

Not Found

500

Internal Server Error

Request samples
application/json

TLS configuration referencing an uploaded PEM key and ACM in an AWS environment

{
  • "applianceId": "10",
  • "serverIp": "192.0.2.1",
  • "certificates": [
    ],
  • "kmsArn": "arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab"
}
Response samples
application/json

TLS configuration referencing an uploaded PEM key and ACM in an AWS environment

{
  • "id": "42",
  • "status": "queued, started, done, error",
  • "applianceId": "10",
  • "serverIp": "192.0.2.1",
  • "certificateArns": [
    ],
  • "kmsArn": "arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab",
  • "inspectionStatus": null
}

Query the status of a TLS configuration deployment by ID

get/ssl/deployments/{id}

Use this operation to query the status of TLS configuration deployment. After you deploy your TLS configuration, the response to your API contains an ID of the request. Use this ID value as the path parameter in your status query request. The response returns one of the following values for the deployment status:

queued The TLS configuration deployment request has been queued.
started The TLS configuration deployment request is being processed.
done The TLS configuration deployment request was successfully deployed to your appliance.
error The TLS configuration deployment request could not complete. Refer to the message property in the response for an explanation.

SecurityTrend Micro Cloud One API Key
Request
path Parameters
id
required
integer <int64>

deployment identifier

Responses
200

Response based on AWS or Azure provider

400

Bad Request

403

Forbidden

404

Not Found

500

Internal Server Error

Response samples
application/json

TLS configuration referencing an uploaded PEM key and ACM in an AWS environment

{
  • "id": "42",
  • "status": "queued, started, done, error",
  • "applianceId": "10",
  • "serverIp": "192.0.2.1",
  • "certificateArns": [
    ],
  • "kmsArn": "arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab",
  • "inspectionStatus": null
}

Delete a TLS configuration deployment from an appliance.

delete/ssl/deployments/{id}

Use this operation to remove a TLS configuration from your appliance. Use the deployment identifier as the path parameter in this request.

SecurityTrend Micro Cloud One API Key
Request
path Parameters
id
required
integer <int64>

deployment identifier

Responses
204

No Content

400

Bad Request

403

Forbidden

404

Not Found

500

Internal Server Error