Try SpotterConfiguration for certificate key resource.
| "added in version" 2.0.0 of netscaler.adc"
Authors: Sumanth Lingappa (@sumanth-lingappa)
preview | supported by community
Install with ansible-galaxy collection install netscaler.adc:==2.5.1
collections:
- name: netscaler.adc
version: 2.5.1Configuration for certificate key resource.
- name: Create and link server ssl certkey
delegate_to: localhost
netscaler.adc.sslcertkey:
state: present
certkey: test-certkey
cert: test-cert.cert
key: test-cert.key
linkcertkeyname: root-certkey # This will link the root certkey to the server certkey
key:
description:
- Name of and, optionally, path to the private-key file that is used to form the certificate-key
pair. The certificate file should be present on the appliance's hard-disk drive
or solid-state drive. Storing a certificate in any location other than the default
might cause inconsistency in a high availability setup. /nsconfig/ssl/ is the default
path.
type: str
cert:
description:
- Name of and, optionally, path to the X509 certificate file that is used to form
the certificate-key pair. The certificate file should be present on the appliance's
hard-disk drive or solid-state drive. Storing a certificate in any location other
than the default might cause inconsistency in a high availability setup. /nsconfig/ssl/
is the default path.
type: str
nsip:
description:
- The ip address of the NetScaler ADC appliance where the nitro API calls will be
made.
- The port can be specified with the colon (:). E.g. 192.168.1.1:555.
required: true
type: str
state:
choices:
- present
- absent
- unset
default: present
description:
- The state of the resource being configured by the module on the NetScaler ADC node.
- When C(present), the resource will be added/updated configured according to the
module's parameters.
- When C(absent), the resource will be deleted from the NetScaler ADC node.
- When C(unset), the resource will be unset on the NetScaler ADC node.
type: str
bundle:
choices:
- 'YES'
- 'NO'
description:
- Parse the certificate chain as a single file after linking the server certificate
to its issuer's certificate within the file.
type: str
hsmkey:
description:
- Name of the HSM key that was created in the External Hardware Security Module (HSM)
of a FIPS appliance.
type: str
inform:
choices:
- DER
- PEM
- PFX
description:
- 'Input format of the certificate and the private-key files. The three formats supported
by the appliance are:'
- C(PEM) - Privacy Enhanced Mail
- C(DER) - Distinguished Encoding Rule
- C(PFX) - Personal Information Exchange
type: str
certkey:
description:
- Name for the certificate and private-key pair. Must begin with an ASCII alphanumeric
or underscore (_) character, and must contain only ASCII alphanumeric, underscore,
hash (#), period (.), space, colon (:), at (@), equals (=), and hyphen (-) characters.
Cannot be changed after the certificate-key pair is created.
- ''
- 'The following requirement applies only to the Citrix ADC CLI:'
- If the name includes one or more spaces, enclose the name in double or single quotation
marks (for example, "my cert" or 'my cert').
type: str
fipskey:
description:
- Name of the FIPS key that was created inside the Hardware Security Module (HSM)
of a FIPS appliance, or a key that was imported into the HSM.
type: str
api_path:
default: nitro/v1/config
description:
- Base NITRO API path.
- Define only in case of an ADM service proxy call
type: str
password:
description:
- Passphrase that was used to encrypt the private-key. Use this option to load encrypted
private-keys in PEM format.
type: bool
passplain:
description:
- Pass phrase used to encrypt the private-key. Required when adding an encrypted private-key
in PEM format.
type: str
nitro_pass:
description:
- The password with which to authenticate to the NetScaler ADC node.
required: false
type: str
nitro_user:
description:
- The username with which to authenticate to the NetScaler ADC node.
required: false
type: str
save_config:
default: false
description:
- If C(true) the module will save the configuration on the NetScaler ADC node if it
makes any changes.
- The module will not save the configuration on the NetScaler ADC node if it made
no changes.
type: bool
expirymonitor:
choices:
- ENABLED
- DISABLED
description:
- Issue an alert when the certificate is about to expire.
type: str
nodomaincheck:
description:
- Override the check for matching domain names during a certificate update operation.
type: bool
nitro_protocol:
choices:
- http
- https
default: https
description:
- Which protocol to use when accessing the nitro API objects.
type: str
validate_certs:
default: true
description:
- If C(false), SSL certificates will not be validated. This should only be used on
personally controlled sites using self-signed certificates.
required: false
type: bool
linkcertkeyname:
description:
- Name of the Certificate Authority certificate-key pair to which to link a certificate-key
pair.
type: str
deletefromdevice:
description:
- Delete cert/key file from file system.
type: bool
nitro_auth_token:
description:
- The authentication token provided by a login operation.
type: str
version_added: 2.6.0
version_added_collection: netscaler.adc
ocspstaplingcache:
description:
- Clear cached ocspStapling response in certkey.
type: bool
notificationperiod:
description:
- Time, in number of days, before certificate expiration, at which to generate an
alert that the certificate is about to expire.
type: float
sslcertkey_sslocspresponder_binding:
description: Bindings for sslcertkey_sslocspresponder_binding resource
suboptions:
binding_members:
default: []
description: List of binding members
elements: dict
type: list
mode:
choices:
- desired
- bind
- unbind
default: desired
description:
- The mode in which to configure the bindings.
- If mode is set to C(desired), the bindings will be added or removed from the
target NetScaler ADCs as necessary to match the bindings specified in the state.
- If mode is set to C(bind), the specified bindings will be added to the resource.
The existing bindings in the target ADCs will not be modified.
- If mode is set to C(unbind), the specified bindings will be removed from the
resource. The existing bindings in the target ADCs will not be modified.
type: str
type: dict
changed:
description: Indicates if any change is made by the module
returned: always
sample: true
type: bool
diff:
description: Dictionary of before and after changes
returned: always
sample:
after:
key2: pqr
before:
key1: xyz
prepared: changes done
type: dict
diff_list:
description: List of differences between the actual configured object and the configuration
specified in the module
returned: when changed
sample:
- 'Attribute `key1` differs. Desired: (<class ''str''>) XYZ. Existing: (<class ''str''>)
PQR'
type: list
failed:
description: Indicates if the module failed or not
returned: always
sample: false
type: bool
loglines:
description: list of logged messages by the module
returned: always
sample:
- message 1
- message 2
type: list