Try SpotterConfiguration for SSL action resource.
| "added in version" 2.0.0 of netscaler.adc"
Authors: Sumanth Lingappa (@sumanth-lingappa)
preview | supported by community
Install with ansible-galaxy collection install netscaler.adc:==2.5.1
collections:
- name: netscaler.adc
version: 2.5.1Configuration for SSL action resource.
name:
description:
- Name for the SSL action. Must begin with an ASCII alphanumeric or underscore (_)
character, and must contain only ASCII alphanumeric, underscore, hash (#), period
(.), space, colon (:), at (@), equals (=), and hyphen (-) characters. Cannot be
changed after the action is created.
- ''
- 'The following requirement applies only to the Citrix ADC CLI:'
- If the name includes one or more spaces, enclose the name in double or single quotation
marks (for example, "my action" or 'my action').
type: str
nsip:
description:
- The ip address of the NetScaler ADC appliance where the nitro API calls will be
made.
- The port can be specified with the colon (:). E.g. 192.168.1.1:555.
required: true
type: str
state:
choices:
- present
- absent
default: present
description:
- The state of the resource being configured by the module on the NetScaler ADC node.
- When C(present), the resource will be added/updated configured according to the
module's parameters.
- When C(absent), the resource will be deleted from the NetScaler ADC node.
type: str
cipher:
choices:
- ENABLED
- DISABLED
description:
- 'Insert the cipher suite that the client and the Citrix ADC negotiated for the SSL
session into the HTTP header of the request being sent to the web server. The appliance
inserts the cipher-suite name, SSL protocol, export or non-export string, and cipher
strength bit, depending on the type of browser connecting to the SSL virtual server
or service (for example, Cipher-Suite: RC4- MD5 SSLv3 Non-Export 128-bit).'
type: str
forward:
description:
- This action takes an argument a vserver name, to this vserver one will be able to
forward all the packets.
type: str
api_path:
default: nitro/v1/config
description:
- Base NITRO API path.
- Define only in case of an ADM service proxy call
type: str
sessionid:
choices:
- ENABLED
- DISABLED
description:
- Insert the SSL session ID into the HTTP header of the request being sent to the
web server. Every SSL connection that the client and the Citrix ADC share has a
unique ID that identifies the specific connection.
type: str
certheader:
description:
- Name of the header into which to insert the client certificate.
type: str
clientauth:
choices:
- DOCLIENTAUTH
- NOCLIENTAUTH
description:
- Perform client certificate authentication.
type: str
clientcert:
choices:
- ENABLED
- DISABLED
description:
- Insert the entire client certificate into the HTTP header of the request being sent
to the web server. The certificate is inserted in ASCII (PEM) format.
type: str
nitro_pass:
description:
- The password with which to authenticate to the NetScaler ADC node.
required: false
type: str
nitro_user:
description:
- The username with which to authenticate to the NetScaler ADC node.
required: false
type: str
owasupport:
choices:
- ENABLED
- DISABLED
description:
- 'If the appliance is in front of an Outlook Web Access (OWA) server, insert a special
header field, FRONT-END-HTTPS: ON, into the HTTP requests going to the OWA server.
This header communicates to the server that the transaction is HTTPS and not HTTP.'
type: str
save_config:
default: false
description:
- If C(true) the module will save the configuration on the NetScaler ADC node if it
makes any changes.
- The module will not save the configuration on the NetScaler ADC node if it made
no changes.
type: bool
cipherheader:
description:
- Name of the header into which to insert the name of the cipher suite.
type: str
cacertgrpname:
description:
- This action will allow to pick CA(s) from the specific CA group, to verify the client
certificate.
type: str
ssllogprofile:
description:
- The name of the ssllogprofile.
type: str
certhashheader:
description:
- Name of the header into which to insert the client certificate signature (hash).
type: str
clientcerthash:
choices:
- ENABLED
- DISABLED
description:
- Insert the certificate's signature into the HTTP header of the request being sent
to the web server. The signature is the value extracted directly from the X.509
certificate signature field. All X.509 certificates contain a signature field.
type: str
nitro_protocol:
choices:
- http
- https
default: https
description:
- Which protocol to use when accessing the nitro API objects.
type: str
validate_certs:
default: true
description:
- If C(false), SSL certificates will not be validated. This should only be used on
personally controlled sites using self-signed certificates.
required: false
type: bool
sessionidheader:
description:
- Name of the header into which to insert the Session ID.
type: str
certissuerheader:
description:
- Name of the header into which to insert the client certificate issuer details.
type: str
certserialheader:
description:
- Name of the header into which to insert the client serial number.
type: str
clientcertissuer:
choices:
- ENABLED
- DISABLED
description:
- Insert the certificate issuer details into the HTTP header of the request being
sent to the web server.
type: str
nitro_auth_token:
description:
- The authentication token provided by a login operation.
type: str
version_added: 2.6.0
version_added_collection: netscaler.adc
certsubjectheader:
description:
- Name of the header into which to insert the client certificate subject.
type: str
clientcertsubject:
choices:
- ENABLED
- DISABLED
description:
- Insert the client certificate subject, also known as the distinguished name (DN),
into the HTTP header of the request being sent to the web server.
type: str
certnotafterheader:
description:
- Name of the header into which to insert the certificate's expiry date.
type: str
clientcertnotafter:
choices:
- ENABLED
- DISABLED
description:
- Insert the date of expiry of the certificate into the HTTP header of the request
being sent to the web server. Every certificate is configured with the date and
time at which the certificate expires.
type: str
certnotbeforeheader:
description:
- Name of the header into which to insert the date and time from which the certificate
is valid.
type: str
clientcertnotbefore:
choices:
- ENABLED
- DISABLED
description:
- Insert the date from which the certificate is valid into the HTTP header of the
request being sent to the web server. Every certificate is configured with the date
and time from which it is valid.
type: str
certfingerprintdigest:
choices:
- SHA1
- SHA224
- SHA256
- SHA384
- SHA512
description:
- Digest algorithm used to compute the fingerprint of the client certificate.
type: str
certfingerprintheader:
description:
- Name of the header into which to insert the client certificate fingerprint.
type: str
clientcertfingerprint:
choices:
- ENABLED
- DISABLED
description:
- Insert the certificate's fingerprint into the HTTP header of the request being sent
to the web server. The fingerprint is derived by computing the specified hash value
(SHA256, for example) of the DER-encoding of the client certificate.
type: str
clientcertserialnumber:
choices:
- ENABLED
- DISABLED
description:
- Insert the entire client serial number into the HTTP header of the request being
sent to the web server.
type: str
clientcertverification:
choices:
- Mandatory
- Optional
description:
- Client certificate verification is mandatory or optional.
type: str
changed:
description: Indicates if any change is made by the module
returned: always
sample: true
type: bool
diff:
description: Dictionary of before and after changes
returned: always
sample:
after:
key2: pqr
before:
key1: xyz
prepared: changes done
type: dict
diff_list:
description: List of differences between the actual configured object and the configuration
specified in the module
returned: when changed
sample:
- 'Attribute `key1` differs. Desired: (<class ''str''>) XYZ. Existing: (<class ''str''>)
PQR'
type: list
failed:
description: Indicates if the module failed or not
returned: always
sample: false
type: bool
loglines:
description: list of logged messages by the module
returned: always
sample:
- message 1
- message 2
type: list