netscaler / netscaler.adc / 2.5.1 / module / sslcrl Configuration for Certificate Revocation List resource. | "added in version" 2.0.0 of netscaler.adc" Authors: Sumanth Lingappa (@sumanth-lingappa) preview | supported by communitynetscaler.adc.sslcrl (2.5.1) — module
Install with ansible-galaxy collection install netscaler.adc:==2.5.1
collections: - name: netscaler.adc version: 2.5.1
Configuration for Certificate Revocation List resource.
day: description: - Day on which to refresh the CRL, or, if the Interval parameter is not set, the number of days after which to refresh the CRL. If Interval is set to MONTHLY, specify the date. If Interval is set to WEEKLY, specify the day of the week (for example, Sun=0 and Sat=6). This parameter is not applicable if the Interval is set to DAILY. type: float url: description: - URL of the CRL distribution point. type: str nsip: description: - The ip address of the NetScaler ADC appliance where the nitro API calls will be made. - The port can be specified with the colon (:). E.g. 192.168.1.1:555. required: true type: str port: description: - Port for the LDAP server. type: int time: description: - Time, in hours (1-24) and minutes (1-60), at which to refresh the CRL. type: str scope: choices: - Base - One description: - 'Extent of the search operation on the LDAP server. Available settings function as follows:' - C(One) - C(One) level below C(Base) DN. - C(Base) - Exactly the same level as C(Base) DN. type: str state: choices: - present - absent - created - unset default: present description: - The state of the resource being configured by the module on the NetScaler ADC node. - When C(present), the resource will be added/updated configured according to the module's parameters. - When C(absent), the resource will be deleted from the NetScaler ADC node. - When C(created), the `create` operation will be applied on the resource. - When C(unset), the resource will be unset on the NetScaler ADC node. type: str basedn: description: - Base distinguished name (DN), which is used in an LDAP search to search for a CRL. Citrix recommends searching for the Base DN instead of the Issuer Name from the CA certificate, because the Issuer Name field might not exactly match the LDAP directory structure's DN. type: str binary: choices: - 'YES' - 'NO' description: - Set the LDAP-based CRL retrieval mode to binary. type: str binddn: description: - Bind distinguished name (DN) to be used to access the CRL object in the LDAP repository if access to the LDAP repository is restricted or anonymous access is not allowed. type: str cacert: description: - CA certificate that has issued the CRL. Required if CRL Auto Refresh is selected. Install the CA certificate on the appliance before adding the CRL. type: str gencrl: description: - Name of and, optionally, path to the CRL file to be generated. The list of certificates that have been revoked is obtained from the index file. /nsconfig/ssl/ is the default path. type: str inform: choices: - DER - PEM description: - 'Input format of the CRL file. The two formats supported on the appliance are:' - C(PEM) - Privacy Enhanced Mail. - C(DER) - Distinguished Encoding Rule. type: str method: choices: - HTTP - LDAP description: - Method for CRL refresh. If C(LDAP) is selected, specify the method, CA certificate, base DN, port, and C(LDAP) server name. If C(HTTP) is selected, specify the CA certificate, method, URL, and port. Cannot be changed after a CRL is added. type: str revoke: description: - Name of and, optionally, path to the certificate to be revoked. /nsconfig/ssl/ is the default path. type: str server: description: - IP address of the LDAP server from which to fetch the CRLs. type: str crlname: description: - Name for the Certificate Revocation List (CRL). Must begin with an ASCII alphanumeric or underscore (_) character, and must contain only ASCII alphanumeric, underscore, hash (#), period (.), space, colon (:), at (@), equals (=), and hyphen (-) characters. Cannot be changed after the CRL is created. - '' - 'The following requirement applies only to the Citrix ADC CLI:' - If the name includes one or more spaces, enclose the name in double or single quotation marks (for example, "my crl" or 'my crl'). type: str crlpath: description: - Path to the CRL file. /var/netscaler/ssl/ is the default path. type: str refresh: choices: - ENABLED - DISABLED description: - Set CRL auto refresh. type: str api_path: default: nitro/v1/config description: - Base NITRO API path. - Define only in case of an ADM service proxy call type: str interval: choices: - MONTHLY - WEEKLY - DAILY - NOW - NONE description: - CRL refresh interval. Use the C(NONE) setting to unset this parameter. type: str password: description: - Password to access the CRL in the LDAP repository if access to the LDAP repository is restricted or anonymous access is not allowed. type: str cakeyfile: description: - Name of and, optionally, path to the CA key file. /nsconfig/ssl/ is the default path type: str indexfile: description: - Name of and, optionally, path to the file containing the serial numbers of all the certificates that are revoked. Revoked certificates are appended to the file. /nsconfig/ssl/ is the default path type: str cacertfile: description: - Name of and, optionally, path to the CA certificate file. - /nsconfig/ssl/ is the default path. type: str nitro_pass: description: - The password with which to authenticate to the NetScaler ADC node. required: false type: str nitro_user: description: - The username with which to authenticate to the NetScaler ADC node. required: false type: str save_config: default: false description: - If C(true) the module will save the configuration on the NetScaler ADC node if it makes any changes. - The module will not save the configuration on the NetScaler ADC node if it made no changes. type: bool nitro_protocol: choices: - http - https default: https description: - Which protocol to use when accessing the nitro API objects. type: str validate_certs: default: true description: - If C(false), SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates. required: false type: bool nitro_auth_token: description: - The authentication token provided by a login operation. type: str version_added: 2.6.0 version_added_collection: netscaler.adc
changed: description: Indicates if any change is made by the module returned: always sample: true type: bool diff: description: Dictionary of before and after changes returned: always sample: after: key2: pqr before: key1: xyz prepared: changes done type: dict diff_list: description: List of differences between the actual configured object and the configuration specified in the module returned: when changed sample: - 'Attribute `key1` differs. Desired: (<class ''str''>) XYZ. Existing: (<class ''str''>) PQR' type: list failed: description: Indicates if the module failed or not returned: always sample: false type: bool loglines: description: list of logged messages by the module returned: always sample: - message 1 - message 2 type: list