GET /cryptoSettings

Use the GET method to retrieve information about current cryptographic settings.

Authentication

Authentication with user name and password is required.

Request URL

GET https://<management_server_IP>/cryptoSettings

Query parameters

None

Response codes

Code Description
200 OK. The request completed successfully.
500 Internal server error. A descriptive error message is returned in the body.

Response body

Attributes Type Description
response Array of objects Information about each cryptography setting
  cipherSuite String
Attention: This attribute will be deprecated in a future release.

Minimum cipher suite version to use for server connections. This can be one of the following values.

  • legacy. SSL 3.0, TLS 1.0, or TLS 1.2 cipher suites can be used. Specify tls1.0 for the minTlsVersionClient and minTlsVersionServer attributes instead.
  • tls1.2. TLS 1.2 cipher suite is required for both servers and clients. Specify tls1.2 for the minTlsVersionClient and minTlsVersionServer attributes instead.
  • tls1.2-flexcat. TLS 1.2 compliance with exceptions for deploying operating systems from the XClarity Administrator. Specify tls1.2 for the minTlsVersionClient, minTlsVersionServer, minTlsVersionOsDeploy attributes instead.
  minTlsVersionClient String Minimum TLS protocol version to use for client connections to other servers (such as the LDAP client). This can be one of the following values.
  • tls1.0. TLS v1.0 and later is used.

  • tls1.2. TLS v1.2 and later is used.

    This option enforces TLS v1.2 or later cryptography protocols on both XClarity Administrator and all managed devices. If you choose NIST SP 800-131A for the cryptographic mode, this option is set automatically.

  minTlsVersionOsDeploy String Minimum TLS protocol version to for the Lenovo XClarity Administrator operating-system deployment server. This can be one of the following values.
  • tls1.0 TLS v1.0 and later is used. You can deploy operating systems to servers through XClarity Administrator, even if the OS-image installer does not support the restricted settings that NIST SP 800-131A requires.

  • tls1.2. TLS v1.2 and later is used.

    Only operating systems with an installation process that supports TLS 1.2 and strong cryptographic algorithms can be deployed through XClarity Administrator.

  minTlsVersionServer String Minimum TLS protocol version to use for server connections (such as the web server). This can be one of the following values.
  • tls1.0. TLS v1.0 and later is used.

  • tls1.2. TLS v1.2 and later is used.

    This option enforces TLS 1.2 cryptography protocols on both XClarity Administrator and all managed devices. If you choose NIST SP 800-131A for the cryptographic mode, this option is set automatically.

  nistMode String Cryptographic mode of Lenovo XClarity Administrator and all managed chassis. This can be one of the following values.
  • nistcomp. NIST compatibility mode.
  • nist800-131a. NIST800-131A strict compatibility mode. When this option is selected, you must also select tls1.2 for the minTlsVersionClient and minTlsVersionServer attributes.
  • nist800-131a-flexcat. NIST800-131A compliance with exceptions for deploying operating systems from the XClarity Administrator.
    Attention: This value will be deprecated in a future release. Select tls1.2 for the minTlsVersionOsDeploy attributes instead.
result String Results of the request. This can be one of the following values.
  • success. The request completed successfully.
  • failure. The request failed. A descriptive error message was returned.
messages Array of objects Information about one or more messages
  explanation String Additional information to clarify the reason for the message
  id String Message identifier of a returned message
  recovery Array of objects Recovery information
    text String User actions that can be taken to recover from the event
    URL String Link to the help system for more information, if available
  text String Message text associated with the message identifier

Response example

{
   "response": {
      "cipherSuite": "tls1.2"
      "minTlsVersionClient": "tls1.2",
      "minTlsVersionOsDeploy": "tls1.2",
      "minTlsVersionServer": "tls1.2",
      "nistMode": "nist800-131a"
   },
   "result": "success",
   "messages": [{
      "explanation": "",
      "id": "FQXHMSE0001I",
      "recovery": {
         "text": "Information only; no action is required.",
         "URL": ""
      },
      "text": "The request completed successfully."
   }]
}