netscaler / netscaler.adc / 2.5.1 / module / sslaction Configuration for SSL action resource. | "added in version" 2.0.0 of netscaler.adc" Authors: Sumanth Lingappa (@sumanth-lingappa) preview | supported by communitynetscaler.adc.sslaction (2.5.1) — module
Install with ansible-galaxy collection install netscaler.adc:==2.5.1
collections: - name: netscaler.adc version: 2.5.1
Configuration for SSL action resource.
name: description: - Name for the SSL action. Must begin with an ASCII alphanumeric or underscore (_) character, and must contain only ASCII alphanumeric, underscore, hash (#), period (.), space, colon (:), at (@), equals (=), and hyphen (-) characters. Cannot be changed after the action is created. - '' - 'The following requirement applies only to the Citrix ADC CLI:' - If the name includes one or more spaces, enclose the name in double or single quotation marks (for example, "my action" or 'my action'). type: str nsip: description: - The ip address of the NetScaler ADC appliance where the nitro API calls will be made. - The port can be specified with the colon (:). E.g. 192.168.1.1:555. required: true type: str state: choices: - present - absent default: present description: - The state of the resource being configured by the module on the NetScaler ADC node. - When C(present), the resource will be added/updated configured according to the module's parameters. - When C(absent), the resource will be deleted from the NetScaler ADC node. type: str cipher: choices: - ENABLED - DISABLED description: - 'Insert the cipher suite that the client and the Citrix ADC negotiated for the SSL session into the HTTP header of the request being sent to the web server. The appliance inserts the cipher-suite name, SSL protocol, export or non-export string, and cipher strength bit, depending on the type of browser connecting to the SSL virtual server or service (for example, Cipher-Suite: RC4- MD5 SSLv3 Non-Export 128-bit).' type: str forward: description: - This action takes an argument a vserver name, to this vserver one will be able to forward all the packets. type: str api_path: default: nitro/v1/config description: - Base NITRO API path. - Define only in case of an ADM service proxy call type: str sessionid: choices: - ENABLED - DISABLED description: - Insert the SSL session ID into the HTTP header of the request being sent to the web server. Every SSL connection that the client and the Citrix ADC share has a unique ID that identifies the specific connection. type: str certheader: description: - Name of the header into which to insert the client certificate. type: str clientauth: choices: - DOCLIENTAUTH - NOCLIENTAUTH description: - Perform client certificate authentication. type: str clientcert: choices: - ENABLED - DISABLED description: - Insert the entire client certificate into the HTTP header of the request being sent to the web server. The certificate is inserted in ASCII (PEM) format. type: str nitro_pass: description: - The password with which to authenticate to the NetScaler ADC node. required: false type: str nitro_user: description: - The username with which to authenticate to the NetScaler ADC node. required: false type: str owasupport: choices: - ENABLED - DISABLED description: - 'If the appliance is in front of an Outlook Web Access (OWA) server, insert a special header field, FRONT-END-HTTPS: ON, into the HTTP requests going to the OWA server. This header communicates to the server that the transaction is HTTPS and not HTTP.' type: str save_config: default: false description: - If C(true) the module will save the configuration on the NetScaler ADC node if it makes any changes. - The module will not save the configuration on the NetScaler ADC node if it made no changes. type: bool cipherheader: description: - Name of the header into which to insert the name of the cipher suite. type: str cacertgrpname: description: - This action will allow to pick CA(s) from the specific CA group, to verify the client certificate. type: str ssllogprofile: description: - The name of the ssllogprofile. type: str certhashheader: description: - Name of the header into which to insert the client certificate signature (hash). type: str clientcerthash: choices: - ENABLED - DISABLED description: - Insert the certificate's signature into the HTTP header of the request being sent to the web server. The signature is the value extracted directly from the X.509 certificate signature field. All X.509 certificates contain a signature field. type: str nitro_protocol: choices: - http - https default: https description: - Which protocol to use when accessing the nitro API objects. type: str validate_certs: default: true description: - If C(false), SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates. required: false type: bool sessionidheader: description: - Name of the header into which to insert the Session ID. type: str certissuerheader: description: - Name of the header into which to insert the client certificate issuer details. type: str certserialheader: description: - Name of the header into which to insert the client serial number. type: str clientcertissuer: choices: - ENABLED - DISABLED description: - Insert the certificate issuer details into the HTTP header of the request being sent to the web server. type: str nitro_auth_token: description: - The authentication token provided by a login operation. type: str version_added: 2.6.0 version_added_collection: netscaler.adc certsubjectheader: description: - Name of the header into which to insert the client certificate subject. type: str clientcertsubject: choices: - ENABLED - DISABLED description: - Insert the client certificate subject, also known as the distinguished name (DN), into the HTTP header of the request being sent to the web server. type: str certnotafterheader: description: - Name of the header into which to insert the certificate's expiry date. type: str clientcertnotafter: choices: - ENABLED - DISABLED description: - Insert the date of expiry of the certificate into the HTTP header of the request being sent to the web server. Every certificate is configured with the date and time at which the certificate expires. type: str certnotbeforeheader: description: - Name of the header into which to insert the date and time from which the certificate is valid. type: str clientcertnotbefore: choices: - ENABLED - DISABLED description: - Insert the date from which the certificate is valid into the HTTP header of the request being sent to the web server. Every certificate is configured with the date and time from which it is valid. type: str certfingerprintdigest: choices: - SHA1 - SHA224 - SHA256 - SHA384 - SHA512 description: - Digest algorithm used to compute the fingerprint of the client certificate. type: str certfingerprintheader: description: - Name of the header into which to insert the client certificate fingerprint. type: str clientcertfingerprint: choices: - ENABLED - DISABLED description: - Insert the certificate's fingerprint into the HTTP header of the request being sent to the web server. The fingerprint is derived by computing the specified hash value (SHA256, for example) of the DER-encoding of the client certificate. type: str clientcertserialnumber: choices: - ENABLED - DISABLED description: - Insert the entire client serial number into the HTTP header of the request being sent to the web server. type: str clientcertverification: choices: - Mandatory - Optional description: - Client certificate verification is mandatory or optional. type: str
changed: description: Indicates if any change is made by the module returned: always sample: true type: bool diff: description: Dictionary of before and after changes returned: always sample: after: key2: pqr before: key1: xyz prepared: changes done type: dict diff_list: description: List of differences between the actual configured object and the configuration specified in the module returned: when changed sample: - 'Attribute `key1` differs. Desired: (<class ''str''>) XYZ. Existing: (<class ''str''>) PQR' type: list failed: description: Indicates if the module failed or not returned: always sample: false type: bool loglines: description: list of logged messages by the module returned: always sample: - message 1 - message 2 type: list