Warning: This is the dev version. The latest stable version is
VyOS provide an HTTP API. You can use it to execute op-mode commands,
update VyOS, set or delete config.
Please take a look at the VyOS API page for an detailed how-to.
set service https allow-client address <address>
Only allow certain IP addresses or prefixes to access the https
set service https certificates ca-certificate <name>
Use CA certificate from PKI subsystem
set service https certificates certificate <name>
Use certificate from PKI subsystem
set service https certificates dh-params <name>
Use DH parameters from PKI subsystem.
Must be at least 2048 bits in length.
set service https listen-address <address>
Webserver should only listen on specified IP address
set service https port <number>
Webserver should listen on specified port.
set service https enable-http-redirect
Enable automatic redirect from http to https.
set service https tls-version <1.2 | 1.3>
Select TLS version used.
This defaults to both 1.2 and 1.3.
set service https vrf <name>
Start Webserver in given VRF.
set service https api keys id <name> key <apikey>
Set a named api key. Every key has the same, full permissions
on the system.
set service https api debug
To enable debug messages. Available via
show log or
set service https api strict
Enforce strict path checking
Set an API-KEY is the minimal configuration to get a working API Endpoint.
set service https api keys id MY-HTTPS-API-ID key MY-HTTPS-API-PLAINTEXT-KEY
Read the Docs
v: 1.4.x sagitta