Hi,
This is a second post with regards to updating a WAF rule via CLI. The original post was answered for MR-4. And probably not monitored.
I had a quick chat with Samil from support to verifify if this is een know issue.
That is not the case and he suggested to reopen the post. Though I am not to OP I can not, hence this post.
Currently running SFOS 17.5.8 MR-8 in home edition and want to use lets encrypt certificates.
Got everything in place except the last step. Assigning the new certificate to a HTTPBased security policy.
1. Retrieved the response of a HTTPBased SecurityPolicy
2. Modified the certificate name
3. Posted the modified security policy
Resulting in response
<Response APIVersion="1702.1" IPS_CAT_VER="1">
<Login>
<status>Authentication Successful</status>
</Login>
<SecurityPolicy transactionid="">
<Status code="501">Configuration parameters validation failed.</Status>
<InvalidParams />
</SecurityPolicy>
</Response>
SFVUNL_HV01_SFOS 17.5.8 MR-8# cat /log/apiparser.log
INFO Oct 21 20:42:34 [27013]: Start Login Handler,Component : Login
ERROR Oct 21 20:42:34 [27013]: Key:ISCrEntity is not found in RequestMap File for Login.
INFO Oct 21 20:42:34 [27013]: Mapping file for Login component is /_conf/csc/IOMappingFiles//1702.1/Login/Login.xml
ERROR Oct 21 20:42:34 [27013]: Flag setting for this opcode is 18.
INFO Oct 21 20:42:35 [27013]: Opcode response: status:200
INFO Oct 21 20:42:35 [27013]: Authentication Successful
INFO Oct 21 20:42:35 [27013]: Start Set Handler,Component : SecurityPolicy
ERROR Oct 21 20:42:35 [27013]: Key:ISCrEntity is not found in RequestMap File for SecurityPolicy.
ERROR Oct 21 20:42:35 [27013]: Parser Error: xmlvalue for jsonkey="tempsourceid", xmlelement="/SecurityPolicy/SourceNetworks/Network" cannot be found in request file.
ERROR Oct 21 20:42:35 [27013]: Parser Error: xmlvalue for jsonkey="tempexceptionid", xmlelement="/SecurityPolicy/ExceptionNetworks/Network" cannot be found in request file.
ERROR Oct 21 20:42:35 [27013]: json object not found with key="tempsourceid" to handle logicaloperator.
ERROR Oct 21 20:42:35 [27013]: Parser Error: xmlvalue for jsonkey="sourceid", xmlelement="/SecurityPolicy/SourceNetworks/Network" cannot be found in request file.
ERROR Oct 21 20:42:35 [27013]: json object not found with key="tempexceptionid" to handle logicaloperator.
ERROR Oct 21 20:42:35 [27013]: Parser Error: xmlvalue for jsonkey="exceptionid", xmlelement="/SecurityPolicy/ExceptionNetworks/Network" cannot be found in request file.
ERROR Oct 21 20:42:35 [27013]: Flag setting for this opcode is 16.
INFO Oct 21 20:42:36 [27013]: Opcode response: status:500
INFO Oct 21 20:42:36 [27013]: End SET Handler, Status : Success, Component : SecurityPolicy, Transaction : , Operation : update.
MESSAGE Oct 21 20:42:36 [27013]: ENTITY 'SecurityPolicy' IMPORT Success
INFO Oct 21 20:42:36 [27013]: Command:/scripts/apiparser_generate_tar.sh /sdisk/api-1571683354644446.txt /sdisk/API-1571683354644446 /sdisk/APIXMLOutput/1571683354484.xml /sdisk/API-1571683354644446.tar /sdisk/API-1571683354644446.log 0 status:3
INFO Oct 21 20:42:36 [27013]: No need to create Tar file. Response file is /sdisk/APIXMLOutput/1571683354484.xml
SourceNetworks and ExeptionNetworks are not part of the HTTPBased policy type. Is this a bug?
I can if needed post the complete request.
This thread was automatically locked due to age.
