netscaler_ssl_certkey - Manage ssl cerificate keys.
New in version 2.4.0.
Synopsis
- Manage ssl cerificate keys.
Requirements (on host that executes module)
- nitro python sdk
Options
parameter | required | default | choices | comments |
---|---|---|---|---|
cert | no | Name of and, optionally, path to the X509 certificate file that is used to form the certificate-key pair. The certificate file should be present on the appliance's hard-disk drive or solid-state drive. Storing a certificate in any location other than the default might cause inconsistency in a high availability setup. /nsconfig/ssl/ is the default path. Minimum length = 1 | ||
certkey | no | Name for the certificate and private-key pair. Must begin with an ASCII alphanumeric or underscore _ character, and must contain only ASCII alphanumeric, underscore _ , hash # , period . , space , colon : , at @ , equals = , and hyphen - characters. Cannot be changed after the certificate-key pair is created.The following requirement applies only to the NetScaler CLI: If the name includes one or more spaces, enclose the name in double or single quotation marks (for example, "my cert" or 'my cert'). Minimum length = 1 | ||
expirymonitor | no |
| Issue an alert when the certificate is about to expire. | |
inform | no |
| Input format of the certificate and the private-key files. The three formats supported by the appliance are: PEM - Privacy Enhanced Mail DER - Distinguished Encoding Rule PFX - Personal Information Exchange. | |
key | no | Name of and, optionally, path to the private-key file that is used to form the certificate-key pair. The certificate file should be present on the appliance's hard-disk drive or solid-state drive. Storing a certificate in any location other than the default might cause inconsistency in a high availability setup. /nsconfig/ssl/ is the default path. Minimum length = 1 | ||
nitro_pass | yes | The password with which to authenticate to the netscaler node. | ||
nitro_protocol | no | http |
| Which protocol to use when accessing the nitro API objects. |
nitro_timeout | no | 310 | Time in seconds until a timeout error is thrown when establishing a new session with Netscaler | |
nitro_user | yes | The username with which to authenticate to the netscaler node. | ||
notificationperiod | no | Time, in number of days, before certificate expiration, at which to generate an alert that the certificate is about to expire. Minimum value = 10
Maximum value = 100
| ||
nsip | yes | The ip address of the netscaler appliance where the nitro API calls will be made. The port can be specified with the colon (:). E.g. 192.168.1.1:555. | ||
passplain | no | Pass phrase used to encrypt the private-key. Required when adding an encrypted private-key in PEM format. Minimum length = 1 | ||
password | no | Passphrase that was used to encrypt the private-key. Use this option to load encrypted private-keys in PEM format. | ||
save_config | no | True |
| If true the module will save the configuration on the netscaler node if it makes any changes. The module will not save the configuration on the netscaler node if it made no changes. |
state | no | present |
| The state of the resource being configured by the module on the netscaler node. When present the resource will be created if needed and configured according to the module's parameters. When absent the resource will be deleted from the netscaler node. |
validate_certs | no | yes | If no , SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates. |
Examples
- name: Setup ssl certkey delegate_to: localhost netscaler_ssl_certkey: nitro_user: nsroot nitro_pass: nsroot nsip: 172.18.0.2 certkey: certirificate_1 cert: server.crt key: server.key expirymonitor: enabled notificationperiod: 30 inform: PEM password: False passplain: somesecret
Return Values
Common return values are documented here Return Values, the following are the fields unique to this module:
name | description | returned | type | sample |
---|---|---|---|---|
diff | List of differences between the actual configured object and the configuration specified in the module | failure | dictionary | { 'targetlbvserver': 'difference. ours: (str) server1 other: (str) server2' } |
loglines | list of logged messages by the module | always | list | ['message 1', 'message 2'] |
msg | Message detailing the failure reason | failure | string | Action does not exist |
Status
This module is flagged as preview which means that it is not guaranteed to have a backwards compatible interface.
For help in developing on modules, should you be so inclined, please read Community Information & Contributing, Testing Ansible and Developing Modules.
© 2012–2018 Michael DeHaan
© 2018–2019 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.4/netscaler_ssl_certkey_module.html