Changes to default SSL inspection configuration (380736)

SSL inspection is mandatory in the CLI and GUI and is enabled by default.

GUI Changes

• Updated edit dialogues for IPv4/IPv6 Policy and Explicit Proxy Policy l SSL/SSH inspection data displayed in muted palette l disabled the toggle button for this option l set the default profile as “certificate-inspection”
• Updated list pages for IPv4/IPv6 Policy and Explicit Proxy Policy l Add validation for “ssl-ssh-profile” when configuring UTM profiles
• Updated SSL/SSH Inspection list page l disabled delete menu on GUI for default ssl profiles l changed “Edit” menu to “View” menu for default ssl profiles l added implicit class (grayed) the default ssl profile entries
• Updated SSL/SSH Inspection edit dialog l disabled all the inputs for default ssl profiles except download/view trusted certificate links l changed button to “Return” for default ssl profiles to return the list page
• Updated Profile Group edit dialog l removed checkbox for “ssl-ssh-profile” option, make it always required.

CLI changes

1. ssl-ssh-profile default value is certificate-inspection when applicable in table firewall.profile-group, firewall.policy, firewall.policy6, explicit-proxy-policy
2. make default profiles “certificate-inspection”, “deep-ssl-inspection’ read only in table firewall.ssl-ssh-profile