netscaler / netscaler.adc / 2.5.1 / module / sslcertkey Configuration for certificate key resource. | "added in version" 2.0.0 of netscaler.adc" Authors: Sumanth Lingappa (@sumanth-lingappa) preview | supported by communitynetscaler.adc.sslcertkey (2.5.1) — module
Install with ansible-galaxy collection install netscaler.adc:==2.5.1
collections: - name: netscaler.adc version: 2.5.1
Configuration for certificate key resource.
- name: Create and link server ssl certkey delegate_to: localhost netscaler.adc.sslcertkey: state: present certkey: test-certkey cert: test-cert.cert key: test-cert.key linkcertkeyname: root-certkey # This will link the root certkey to the server certkey
key: description: - Name of and, optionally, path to the private-key file that is used to form the certificate-key pair. The certificate file should be present on the appliance's hard-disk drive or solid-state drive. Storing a certificate in any location other than the default might cause inconsistency in a high availability setup. /nsconfig/ssl/ is the default path. type: str cert: description: - Name of and, optionally, path to the X509 certificate file that is used to form the certificate-key pair. The certificate file should be present on the appliance's hard-disk drive or solid-state drive. Storing a certificate in any location other than the default might cause inconsistency in a high availability setup. /nsconfig/ssl/ is the default path. type: str nsip: description: - The ip address of the NetScaler ADC appliance where the nitro API calls will be made. - The port can be specified with the colon (:). E.g. 192.168.1.1:555. required: true type: str state: choices: - present - absent - unset default: present description: - The state of the resource being configured by the module on the NetScaler ADC node. - When C(present), the resource will be added/updated configured according to the module's parameters. - When C(absent), the resource will be deleted from the NetScaler ADC node. - When C(unset), the resource will be unset on the NetScaler ADC node. type: str bundle: choices: - 'YES' - 'NO' description: - Parse the certificate chain as a single file after linking the server certificate to its issuer's certificate within the file. type: str hsmkey: description: - Name of the HSM key that was created in the External Hardware Security Module (HSM) of a FIPS appliance. type: str inform: choices: - DER - PEM - PFX description: - 'Input format of the certificate and the private-key files. The three formats supported by the appliance are:' - C(PEM) - Privacy Enhanced Mail - C(DER) - Distinguished Encoding Rule - C(PFX) - Personal Information Exchange type: str certkey: description: - Name for the certificate and private-key pair. Must begin with an ASCII alphanumeric or underscore (_) character, and must contain only ASCII alphanumeric, underscore, hash (#), period (.), space, colon (:), at (@), equals (=), and hyphen (-) characters. Cannot be changed after the certificate-key pair is created. - '' - 'The following requirement applies only to the Citrix ADC CLI:' - If the name includes one or more spaces, enclose the name in double or single quotation marks (for example, "my cert" or 'my cert'). type: str fipskey: description: - Name of the FIPS key that was created inside the Hardware Security Module (HSM) of a FIPS appliance, or a key that was imported into the HSM. type: str api_path: default: nitro/v1/config description: - Base NITRO API path. - Define only in case of an ADM service proxy call type: str password: description: - Passphrase that was used to encrypt the private-key. Use this option to load encrypted private-keys in PEM format. type: bool passplain: description: - Pass phrase used to encrypt the private-key. Required when adding an encrypted private-key in PEM format. type: str nitro_pass: description: - The password with which to authenticate to the NetScaler ADC node. required: false type: str nitro_user: description: - The username with which to authenticate to the NetScaler ADC node. required: false type: str save_config: default: false description: - If C(true) the module will save the configuration on the NetScaler ADC node if it makes any changes. - The module will not save the configuration on the NetScaler ADC node if it made no changes. type: bool expirymonitor: choices: - ENABLED - DISABLED description: - Issue an alert when the certificate is about to expire. type: str nodomaincheck: description: - Override the check for matching domain names during a certificate update operation. type: bool nitro_protocol: choices: - http - https default: https description: - Which protocol to use when accessing the nitro API objects. type: str validate_certs: default: true description: - If C(false), SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates. required: false type: bool linkcertkeyname: description: - Name of the Certificate Authority certificate-key pair to which to link a certificate-key pair. type: str deletefromdevice: description: - Delete cert/key file from file system. type: bool nitro_auth_token: description: - The authentication token provided by a login operation. type: str version_added: 2.6.0 version_added_collection: netscaler.adc ocspstaplingcache: description: - Clear cached ocspStapling response in certkey. type: bool notificationperiod: description: - Time, in number of days, before certificate expiration, at which to generate an alert that the certificate is about to expire. type: float sslcertkey_sslocspresponder_binding: description: Bindings for sslcertkey_sslocspresponder_binding resource suboptions: binding_members: default: [] description: List of binding members elements: dict type: list mode: choices: - desired - bind - unbind default: desired description: - The mode in which to configure the bindings. - If mode is set to C(desired), the bindings will be added or removed from the target NetScaler ADCs as necessary to match the bindings specified in the state. - If mode is set to C(bind), the specified bindings will be added to the resource. The existing bindings in the target ADCs will not be modified. - If mode is set to C(unbind), the specified bindings will be removed from the resource. The existing bindings in the target ADCs will not be modified. type: str type: dict
changed: description: Indicates if any change is made by the module returned: always sample: true type: bool diff: description: Dictionary of before and after changes returned: always sample: after: key2: pqr before: key1: xyz prepared: changes done type: dict diff_list: description: List of differences between the actual configured object and the configuration specified in the module returned: when changed sample: - 'Attribute `key1` differs. Desired: (<class ''str''>) XYZ. Existing: (<class ''str''>) PQR' type: list failed: description: Indicates if the module failed or not returned: always sample: false type: bool loglines: description: list of logged messages by the module returned: always sample: - message 1 - message 2 type: list