Try SpotterConfiguration for cerificate resource.
| "added in version" 2.0.0 of netscaler.adc"
Authors: Sumanth Lingappa (@sumanth-lingappa)
preview | supported by community
Install with ansible-galaxy collection install netscaler.adc:==2.5.1
collections:
- name: netscaler.adc
version: 2.5.1Configuration for cerificate resource.
- name: Create ssl cert certname.cert
delegate_to: localhost
netscaler.adc.sslcert:
state: created
certfile: certname.cert
reqfile: certname.csr
keyform: PEM
days: 1480
certform: PEM
cacert: root_cert.cert
cacertform: PEM
cakey: root_cert.key
cakeyform: PEM
caserial: root_cert.srl
certtype: SRVR_CERT
days:
description:
- Number of days for which the certificate will be valid, beginning with the time
and day (system time) of creation.
type: float
nsip:
description:
- The ip address of the NetScaler ADC appliance where the nitro API calls will be
made.
- The port can be specified with the colon (:). E.g. 192.168.1.1:555.
required: true
type: str
cakey:
description:
- Private key, associated with the CA certificate that is used to sign the Intermediate-CA
certificate or the end-user client and server certificate. If the CA key file is
password protected, the user is prompted to enter the pass phrase that was used
to encrypt the key.
type: str
state:
choices:
- created
default: present
description:
- The state of the resource being configured by the module on the NetScaler ADC node.
- When C(created), the `create` operation will be applied on the resource.
type: str
cacert:
description:
- Name of the CA certificate file that issues and signs the Intermediate-CA certificate
or the end-user client and server certificates.
type: str
keyfile:
description:
- Name for and, optionally, path to the private key. You can either use an existing
RSA or DSA key that you own or create a new private key on the Citrix ADC. This
file is required only when creating a self-signed Root-CA certificate. The key file
is stored in the /nsconfig/ssl directory by default.
- If the input key specified is an encrypted key, you are prompted to enter the PEM
pass phrase that was used for encrypting the key.
type: str
keyform:
choices:
- DER
- PEM
description:
- Format in which the key is stored on the appliance.
type: str
reqfile:
description:
- Name for and, optionally, path to the certificate-signing request (CSR). /nsconfig/ssl/
is the default path.
type: str
api_path:
default: nitro/v1/config
description:
- Base NITRO API path.
- Define only in case of an ADM service proxy call
type: str
caserial:
description:
- Serial number file maintained for the CA certificate. This file contains the serial
number of the next certificate to be issued or signed by the CA. If the specified
file does not exist, a new file is created, with /nsconfig/ssl/ as the default path.
If you do not specify a proper path for the existing serial file, a new serial file
is created. This might change the certificate serial numbers assigned by the CA
certificate to each of the certificates it signs.
type: str
certfile:
description:
- Name for and, optionally, path to the generated certificate file. /nsconfig/ssl/
is the default path.
type: str
certform:
choices:
- DER
- PEM
description:
- Format in which the certificate is stored on the appliance.
type: str
certtype:
choices:
- ROOT_CERT
- INTM_CERT
- CLNT_CERT
- SRVR_CERT
description:
- 'Type of certificate to generate. Specify one of the following:'
- '* C(ROOT_CERT) - Self-signed Root-CA certificate. You must specify the key file
name. The generated Root-CA certificate can be used for signing end-user client
or server certificates or to create Intermediate-CA certificates.'
- '* C(INTM_CERT) - Intermediate-CA certificate.'
- '* C(CLNT_CERT) - End-user client certificate used for client authentication.'
- '* C(SRVR_CERT) - SSL server certificate used on SSL servers for end-to-end encryption.'
type: str
cakeyform:
choices:
- DER
- PEM
description:
- Format for the CA certificate.
type: str
cacertform:
choices:
- DER
- PEM
description:
- Format of the CA certificate.
type: str
nitro_pass:
description:
- The password with which to authenticate to the NetScaler ADC node.
required: false
type: str
nitro_user:
description:
- The username with which to authenticate to the NetScaler ADC node.
required: false
type: str
save_config:
default: false
description:
- If C(true) the module will save the configuration on the NetScaler ADC node if it
makes any changes.
- The module will not save the configuration on the NetScaler ADC node if it made
no changes.
type: bool
pempassphrase:
description:
- '0'
type: str
nitro_protocol:
choices:
- http
- https
default: https
description:
- Which protocol to use when accessing the nitro API objects.
type: str
subjectaltname:
description:
- 'Subject Alternative Name (SAN) is an extension to X.509 that allows various values
to be associated with a security certificate using a subjectAltName field. These
values are called "Subject Alternative Names" (SAN). Names include:'
- ' 1. Email addresses'
- ' 2. IP addresses'
- ' 3. URIs'
- ' 4. DNS names (This is usually also provided as the Common Name RDN within
the Subject field of the main certificate.)'
- ' 5. directory names (alternative Distinguished Names to that given in the
Subject)'
type: str
validate_certs:
default: true
description:
- If C(false), SSL certificates will not be validated. This should only be used on
personally controlled sites using self-signed certificates.
required: false
type: bool
nitro_auth_token:
description:
- The authentication token provided by a login operation.
type: str
version_added: 2.6.0
version_added_collection: netscaler.adc
sslcertkey_sslocspresponder_binding:
description: Bindings for sslcertkey_sslocspresponder_binding resource
suboptions:
binding_members:
default: []
description: List of binding members
elements: dict
type: list
mode:
choices:
- desired
- bind
- unbind
default: desired
description:
- The mode in which to configure the bindings.
- If mode is set to C(desired), the bindings will be added or removed from the
target NetScaler ADCs as necessary to match the bindings specified in the state.
- If mode is set to C(bind), the specified bindings will be added to the resource.
The existing bindings in the target ADCs will not be modified.
- If mode is set to C(unbind), the specified bindings will be removed from the
resource. The existing bindings in the target ADCs will not be modified.
type: str
type: dict
changed:
description: Indicates if any change is made by the module
returned: always
sample: true
type: bool
diff:
description: Dictionary of before and after changes
returned: always
sample:
after:
key2: pqr
before:
key1: xyz
prepared: changes done
type: dict
diff_list:
description: List of differences between the actual configured object and the configuration
specified in the module
returned: when changed
sample:
- 'Attribute `key1` differs. Desired: (<class ''str''>) XYZ. Existing: (<class ''str''>)
PQR'
type: list
failed:
description: Indicates if the module failed or not
returned: always
sample: false
type: bool
loglines:
description: list of logged messages by the module
returned: always
sample:
- message 1
- message 2
type: list