Try SpotterConfiguration for Certificate Revocation List resource.
| "added in version" 2.0.0 of netscaler.adc"
Authors: Sumanth Lingappa (@sumanth-lingappa)
preview | supported by community
Install with ansible-galaxy collection install netscaler.adc:==2.5.1
collections:
- name: netscaler.adc
version: 2.5.1Configuration for Certificate Revocation List resource.
day:
description:
- Day on which to refresh the CRL, or, if the Interval parameter is not set, the number
of days after which to refresh the CRL. If Interval is set to MONTHLY, specify the
date. If Interval is set to WEEKLY, specify the day of the week (for example, Sun=0
and Sat=6). This parameter is not applicable if the Interval is set to DAILY.
type: float
url:
description:
- URL of the CRL distribution point.
type: str
nsip:
description:
- The ip address of the NetScaler ADC appliance where the nitro API calls will be
made.
- The port can be specified with the colon (:). E.g. 192.168.1.1:555.
required: true
type: str
port:
description:
- Port for the LDAP server.
type: int
time:
description:
- Time, in hours (1-24) and minutes (1-60), at which to refresh the CRL.
type: str
scope:
choices:
- Base
- One
description:
- 'Extent of the search operation on the LDAP server. Available settings function
as follows:'
- C(One) - C(One) level below C(Base) DN.
- C(Base) - Exactly the same level as C(Base) DN.
type: str
state:
choices:
- present
- absent
- created
- unset
default: present
description:
- The state of the resource being configured by the module on the NetScaler ADC node.
- When C(present), the resource will be added/updated configured according to the
module's parameters.
- When C(absent), the resource will be deleted from the NetScaler ADC node.
- When C(created), the `create` operation will be applied on the resource.
- When C(unset), the resource will be unset on the NetScaler ADC node.
type: str
basedn:
description:
- Base distinguished name (DN), which is used in an LDAP search to search for a CRL.
Citrix recommends searching for the Base DN instead of the Issuer Name from the
CA certificate, because the Issuer Name field might not exactly match the LDAP directory
structure's DN.
type: str
binary:
choices:
- 'YES'
- 'NO'
description:
- Set the LDAP-based CRL retrieval mode to binary.
type: str
binddn:
description:
- Bind distinguished name (DN) to be used to access the CRL object in the LDAP repository
if access to the LDAP repository is restricted or anonymous access is not allowed.
type: str
cacert:
description:
- CA certificate that has issued the CRL. Required if CRL Auto Refresh is selected.
Install the CA certificate on the appliance before adding the CRL.
type: str
gencrl:
description:
- Name of and, optionally, path to the CRL file to be generated. The list of certificates
that have been revoked is obtained from the index file. /nsconfig/ssl/ is the default
path.
type: str
inform:
choices:
- DER
- PEM
description:
- 'Input format of the CRL file. The two formats supported on the appliance are:'
- C(PEM) - Privacy Enhanced Mail.
- C(DER) - Distinguished Encoding Rule.
type: str
method:
choices:
- HTTP
- LDAP
description:
- Method for CRL refresh. If C(LDAP) is selected, specify the method, CA certificate,
base DN, port, and C(LDAP) server name. If C(HTTP) is selected, specify the CA certificate,
method, URL, and port. Cannot be changed after a CRL is added.
type: str
revoke:
description:
- Name of and, optionally, path to the certificate to be revoked. /nsconfig/ssl/ is
the default path.
type: str
server:
description:
- IP address of the LDAP server from which to fetch the CRLs.
type: str
crlname:
description:
- Name for the Certificate Revocation List (CRL). Must begin with an ASCII alphanumeric
or underscore (_) character, and must contain only ASCII alphanumeric, underscore,
hash (#), period (.), space, colon (:), at (@), equals (=), and hyphen (-) characters.
Cannot be changed after the CRL is created.
- ''
- 'The following requirement applies only to the Citrix ADC CLI:'
- If the name includes one or more spaces, enclose the name in double or single quotation
marks (for example, "my crl" or 'my crl').
type: str
crlpath:
description:
- Path to the CRL file. /var/netscaler/ssl/ is the default path.
type: str
refresh:
choices:
- ENABLED
- DISABLED
description:
- Set CRL auto refresh.
type: str
api_path:
default: nitro/v1/config
description:
- Base NITRO API path.
- Define only in case of an ADM service proxy call
type: str
interval:
choices:
- MONTHLY
- WEEKLY
- DAILY
- NOW
- NONE
description:
- CRL refresh interval. Use the C(NONE) setting to unset this parameter.
type: str
password:
description:
- Password to access the CRL in the LDAP repository if access to the LDAP repository
is restricted or anonymous access is not allowed.
type: str
cakeyfile:
description:
- Name of and, optionally, path to the CA key file. /nsconfig/ssl/ is the default
path
type: str
indexfile:
description:
- Name of and, optionally, path to the file containing the serial numbers of all the
certificates that are revoked. Revoked certificates are appended to the file. /nsconfig/ssl/
is the default path
type: str
cacertfile:
description:
- Name of and, optionally, path to the CA certificate file.
- /nsconfig/ssl/ is the default path.
type: str
nitro_pass:
description:
- The password with which to authenticate to the NetScaler ADC node.
required: false
type: str
nitro_user:
description:
- The username with which to authenticate to the NetScaler ADC node.
required: false
type: str
save_config:
default: false
description:
- If C(true) the module will save the configuration on the NetScaler ADC node if it
makes any changes.
- The module will not save the configuration on the NetScaler ADC node if it made
no changes.
type: bool
nitro_protocol:
choices:
- http
- https
default: https
description:
- Which protocol to use when accessing the nitro API objects.
type: str
validate_certs:
default: true
description:
- If C(false), SSL certificates will not be validated. This should only be used on
personally controlled sites using self-signed certificates.
required: false
type: bool
nitro_auth_token:
description:
- The authentication token provided by a login operation.
type: str
version_added: 2.6.0
version_added_collection: netscaler.adc
changed:
description: Indicates if any change is made by the module
returned: always
sample: true
type: bool
diff:
description: Dictionary of before and after changes
returned: always
sample:
after:
key2: pqr
before:
key1: xyz
prepared: changes done
type: dict
diff_list:
description: List of differences between the actual configured object and the configuration
specified in the module
returned: when changed
sample:
- 'Attribute `key1` differs. Desired: (<class ''str''>) XYZ. Existing: (<class ''str''>)
PQR'
type: list
failed:
description: Indicates if the module failed or not
returned: always
sample: false
type: bool
loglines:
description: list of logged messages by the module
returned: always
sample:
- message 1
- message 2
type: list