netscaler / netscaler.adc / 2.5.1 / module / sslocspresponder Configuration for OCSP responser resource. | "added in version" 2.0.0 of netscaler.adc" Authors: Sumanth Lingappa (@sumanth-lingappa) preview | supported by communitynetscaler.adc.sslocspresponder (2.5.1) — module
Install with ansible-galaxy collection install netscaler.adc:==2.5.1
collections: - name: netscaler.adc version: 2.5.1
Configuration for OCSP responser resource.
url: description: - URL of the OCSP responder. type: str name: description: - Name for the OCSP responder. Cannot begin with a hash (#) or space character and must contain only ASCII alphanumeric, underscore (_), hash (#), period (.), space, colon (:), at (@), equals (=), and hyphen (-) characters. Cannot be changed after the responder is created. - '' - 'The following requirement applies only to the Citrix ADC CLI:' - If the name includes one or more spaces, enclose the name in double or single quotation marks (for example, "my responder" or 'my responder'). type: str nsip: description: - The ip address of the NetScaler ADC appliance where the nitro API calls will be made. - The port can be specified with the colon (:). E.g. 192.168.1.1:555. required: true type: str cache: choices: - ENABLED - DISABLED description: - Enable caching of responses. Caching of responses received from the OCSP responder enables faster responses to the clients and reduces the load on the OCSP responder. type: str state: choices: - present - absent - unset default: present description: - The state of the resource being configured by the module on the NetScaler ADC node. - When C(present), the resource will be added/updated configured according to the module's parameters. - When C(absent), the resource will be deleted from the NetScaler ADC node. - When C(unset), the resource will be unset on the NetScaler ADC node. type: str api_path: default: nitro/v1/config description: - Base NITRO API path. - Define only in case of an ADM service proxy call type: str usenonce: choices: - 'YES' - 'NO' description: - Enable the OCSP nonce extension, which is designed to prevent replay attacks. type: str httpmethod: choices: - GET - POST description: - HTTP method used to send ocsp request. C(POST) is the default httpmethod. If request length is > 255, C(POST) wil be used even if C(GET) is set as httpMethod type: str nitro_pass: description: - The password with which to authenticate to the NetScaler ADC node. required: false type: str nitro_user: description: - The username with which to authenticate to the NetScaler ADC node. required: false type: str resptimeout: description: - Time, in milliseconds, to wait for an OCSP response. When this time elapses, an error message appears or the transaction is forwarded, depending on the settings on the virtual server. Includes Batching Delay time. type: float save_config: default: false description: - If C(true) the module will save the configuration on the NetScaler ADC node if it makes any changes. - The module will not save the configuration on the NetScaler ADC node if it made no changes. type: bool signingcert: description: - Certificate-key pair that is used to sign OCSP requests. If this parameter is not set, the requests are not signed. type: str cachetimeout: description: - Timeout for caching the OCSP response. After the timeout, the Citrix ADC sends a fresh request to the OCSP responder for the certificate status. If a timeout is not specified, the timeout provided in the OCSP response applies. type: float batchingdelay: description: - Maximum time, in milliseconds, to wait to accumulate OCSP requests to batch. Does not apply if the Batching Depth is 1. type: float batchingdepth: description: - Number of client certificates to batch together into one OCSP request. Batching avoids overloading the OCSP responder. A value of 1 signifies that each request is queried independently. For a value greater than 1, specify a timeout (batching delay) to avoid inordinately delaying the processing of a single certificate. type: float respondercert: description: - '0' type: str nitro_protocol: choices: - http - https default: https description: - Which protocol to use when accessing the nitro API objects. type: str trustresponder: description: - A certificate to use to validate OCSP responses. Alternatively, if -trustResponder is specified, no verification will be done on the reponse. If both are omitted, only the response times (producedAt, lastUpdate, nextUpdate) will be verified. type: bool validate_certs: default: true description: - If C(false), SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates. required: false type: bool insertclientcert: choices: - 'YES' - 'NO' description: - Include the complete client certificate in the OCSP request. type: str nitro_auth_token: description: - The authentication token provided by a login operation. type: str version_added: 2.6.0 version_added_collection: netscaler.adc producedattimeskew: description: - Time, in seconds, for which the Citrix ADC waits before considering the response as invalid. The response is considered invalid if the Produced At time stamp in the OCSP response exceeds or precedes the current Citrix ADC clock time by the amount of time specified. type: float ocspurlresolvetimeout: description: - Time, in milliseconds, to wait for an OCSP URL Resolution. When this time elapses, an error message appears or the transaction is forwarded, depending on the settings on the virtual server. type: float
changed: description: Indicates if any change is made by the module returned: always sample: true type: bool diff: description: Dictionary of before and after changes returned: always sample: after: key2: pqr before: key1: xyz prepared: changes done type: dict diff_list: description: List of differences between the actual configured object and the configuration specified in the module returned: when changed sample: - 'Attribute `key1` differs. Desired: (<class ''str''>) XYZ. Existing: (<class ''str''>) PQR' type: list failed: description: Indicates if the module failed or not returned: always sample: false type: bool loglines: description: list of logged messages by the module returned: always sample: - message 1 - message 2 type: list