PUT /cryptoSettings

Use this method to modify the current cryptographic settings on Lenovo XClarity Administrator.

To modify the current cryptographic setting for managed devices, use PUT /nodes/cryptoSettings.

Authentication

Authentication with username and password is required.

Request URL

PUT https://{management_server_IP}/cryptoSettings

Query parameters

None

Request body

Attributes	Required / Optional	Type	Description
applyToMgmtServer	Optional	Boolean	Indicates whether to apply the specified settings to the XClarity Administrator management server. This can be one of the following values. true. (default) Applies specified settings to the management server. false. Does not apply settings to the management server.
cipherSuite	Optional	String	Attention This attribute will be deprecated in a future release. Minimum cipher suite version to use for server connections. This can be one of the following values. tls1.2. TLS v1.2 or v1.3 cipher suite is required for both servers and clients. Specify `tls1.2` for the minTlsVersionClient and minTlsVersionServer attributes instead. tls1.2-flexcat. TLS v1.2 compliance with exceptions for deploying operating systems from the XClarity Administrator. Specify `tls1.2` for the minTlsVersionClient, minTlsVersionServer, minTlsVersionOsDeploy attributes instead.
minTlsVersionClient	Optional	String	Minimum TLS protocol version to use for client connections to other servers (such as the LDAP client). This can be one of the following values. TLS1.2. Enforces TLS v1.2 cryptography protocols. TLS1.3. Enforces TLS v1.3 cryptography protocols.
minTlsVersionOsDeploy	Optional	String	Minimum TLS protocol version to for the XClarity Administrator operating-system deployment server. This can be one of the following values. TLS1.2. Enforces TLS v1.2 cryptography protocols. TLS1.3. Enforces TLS v1.3 cryptography protocols.
minTlsVersionServer	Optional	String	Minimum TLS protocol version to use for server connections (such as the web server). This can be one of the following values. TLS1.2. Enforces TLS v1.2 cryptography protocols. TLS1.3. Enforces TLS v1.3 cryptography protocols.
nistMode	Optional	String	Cryptographic mode of the Lenovo XClarity Administrator and all managed chassis. This can be one of the following values. nistcomp. NIST compatibility mode. nist800-131a. NIST800-131A strict compatibility mode. When this option is selected, you must also select `tls1.2` for the minTlsVersionClient and minTlsVersionServer attributes.
returnJobInfo	Optional	Boolean	Indicates whether job information is to be returned as a result of changing the cryptographic settings. This can be one of the following values. true. Returns job information in the response body and header if a job is created. false. Does not return job information. This is the default setting.

The following example applies the specified TLS and NIST settings to the management server and all managed devices.

{
   "applyToManagedDevices": true,
   "applyToMgmtServer": true,
   "minTlsVersionClient": "tls1.2",
   "minTlsVersionOsDeploy": "tls1.2",
   "minTlsVersionServer": "tls1.2",
   "nistMode": "nist800-131a",
   "returnJobInfo": true
}

Response codes

Code	Description	Comments
200	OK	The request completed successfully.
201	Created	One or more new resources were successfully created.
400	Bad Request	A query parameter or request attribute is missing or not valid, or the operation is not supported. A descriptive error message is returned in the response body.
500	Internal Server Error	An internal error occurred. A descriptive error message is returned in the response body.

Response body

Attributes			Type	Description
result			String	Results of the request. This can be one of the following values. success. The request completed successfully. failure. The request failed. A descriptive error message was returned.
messages			Array of objects	Information about one or more messages
	explanation		String	Additional information to clarify the reason for the message
	id		String	Message identifier of a returned message
	recovery		Array of objects	Recovery information
		text	String	User actions that can be taken to recover from the event
		URL	String	Link to the help system for more information, if available
	text		String	Message text associated with the message identifier

The following example is returned when "returnJobInfo": true was specified and a job was created and successful.

{
    "result": "success",
    "messages": [{
        "explanation": "",
        "id": "FQXHMSE0001I",
        "recovery": {
            "text": "Information only; no action is required.",
            "URL": ""
        },
        "text": "The request completed successfully."
    }]
}

The following example is returned when returnJobInfo="false" was specified and a job was created but failed.

{
    "result": "failure",
    "messages": [{
        "explanation": "The provided minimum SSL/TLS protocol level does not match one 
                        of the expected string values. The requested operation was not 
                        performed.",
        "id": "FQXHMSE0501J",
        "recovery": {
            "text": "Correct the value and try the operation again.",
            "URL": ""
        },
        "text": "The provided minimum SSL/TLS protocol level is not valid."
    }]
}

Give documentation feedback

PUT /cryptoSettings

Authentication​

Request URL​

Query parameters​

Request body​

Response codes​

Response body​