a10_slb_template_server_ssl¶
Parameters¶
Parameters |
Choices/Defaults |
Comment |
|
|---|---|---|---|
state str/required |
[‘noop’, ‘present’, ‘absent’] |
State of the object to be created. |
|
ansible_host str/required |
Host for AXAPI authentication |
||
ansible_username str/required |
Username for AXAPI authentication |
||
ansible_password str/required |
Password for AXAPI authentication |
||
ansible_port int/required |
Port for AXAPI authentication |
||
a10_device_context_id int |
[‘1-8’] |
Device ID for aVCS configuration |
|
a10_partition str |
Destination/target partition for object/command |
||
name str/required |
Server SSL Template Name |
||
ca_certs list |
Field ca_certs |
||
ca_cert str |
Specify CA certificate |
||
ca_cert_partition_shared bool |
CA Certificate Partition Shared |
||
server_ocsp_srvr str |
Specify authentication server |
||
server_ocsp_sg str |
Specify service-group (Service group name) |
||
crl_certs list |
Field crl_certs |
||
crl str |
Certificate Revocation Lists (Certificate Revocation Lists file name) |
||
crl_partition_shared bool |
Certificate Revocation Lists Partition Shared |
||
cert str |
Certificate Name |
||
cert_shared_str str |
Certificate Name |
||
cipher_without_prio_list list |
Field cipher_without_prio_list |
||
cipher_wo_prio str |
‘SSL3_RSA_DES_192_CBC3_SHA’= SSL3_RSA_DES_192_CBC3_SHA; ‘SSL3_RSA_RC4_128_MD5’= SSL3_RSA_RC4_128_MD5; ‘SSL3_RSA_RC4_128_SHA’= SSL3_RSA_RC4_128_SHA; ‘TLS1_RSA_AES_128_SHA’= TLS1_RSA_AES_128_SHA; ‘TLS1_RSA_AES_256_SHA’= TLS1_RSA_AES_256_SHA; ‘TLS1_RSA_AES_128_SHA256’= TLS1_RSA_AES_128_SHA256; ‘TLS1_RSA_AES_256_SHA256’= TLS1_RSA_AES_256_SHA256; ‘TLS1_DHE_RSA_AES_128_GCM_SHA256’= TLS1_DHE_RSA_AES_128_GCM_SHA256; ‘TLS1_DHE_RSA_AES_128_SHA’= TLS1_DHE_RSA_AES_128_SHA; ‘TLS1_DHE_RSA_AES_128_SHA256’= TLS1_DHE_RSA_AES_128_SHA256; ‘TLS1_DHE_RSA_AES_256_GCM_SHA384’= TLS1_DHE_RSA_AES_256_GCM_SHA384; ‘TLS1_DHE_RSA_AES_256_SHA’= TLS1_DHE_RSA_AES_256_SHA; ‘TLS1_DHE_RSA_AES_256_SHA256’= TLS1_DHE_RSA_AES_256_SHA256; ‘TLS1_ECDHE_ECDSA_AES_128_GCM_SHA256’= TLS1_ECDHE_ECDSA_AES_128_GCM_SHA256; ‘TLS1_ECDHE_ECDSA_AES_128_SHA’= TLS1_ECDHE_ECDSA_AES_128_SHA; ‘TLS1_ECDHE_ECDSA_AES_128_SHA256’= TLS1_ECDHE_ECDSA_AES_128_SHA256; ‘TLS1_ECDHE_ECDSA_AES_256_GCM_SHA384’= TLS1_ECDHE_ECDSA_AES_256_GCM_SHA384; ‘TLS1_ECDHE_ECDSA_AES_256_SHA’= TLS1_ECDHE_ECDSA_AES_256_SHA; ‘TLS1_ECDHE_RSA_AES_128_GCM_SHA256’= TLS1_ECDHE_RSA_AES_128_GCM_SHA256; ‘TLS1_ECDHE_RSA_AES_128_SHA’= TLS1_ECDHE_RSA_AES_128_SHA; ‘TLS1_ECDHE_RSA_AES_128_SHA256’= TLS1_ECDHE_RSA_AES_128_SHA256; ‘TLS1_ECDHE_RSA_AES_256_GCM_SHA384’= TLS1_ECDHE_RSA_AES_256_GCM_SHA384; ‘TLS1_ECDHE_RSA_AES_256_SHA’= TLS1_ECDHE_RSA_AES_256_SHA; ‘TLS1_RSA_AES_128_GCM_SHA256’= TLS1_RSA_AES_128_GCM_SHA256; ‘TLS1_RSA_AES_256_GCM_SHA384’= TLS1_RSA_AES_256_GCM_SHA384; ‘TLS1_ECDHE_RSA_AES_256_SHA384’= TLS1_ECDHE_RSA_AES_256_SHA384; ‘TLS1_ECDHE_ECDSA_AES_256_SHA384’= TLS1_ECDHE_ECDSA_AES_256_SHA384; ‘TLS1_ECDHE_RSA_CHACHA20_POLY1305_SHA256’= TLS1_ECDHE_RSA_CHACHA20_POLY1305_SHA256; ‘TLS1_ECDHE_ECDSA_CHACHA20_POLY1305_SHA256’= TLS1_ECDHE_ECDSA_CHACHA20_POLY1305_SHA256; ‘TLS1_DHE_RSA_CHACHA20_POLY1305_SHA256’= TLS1_DHE_RSA_CHACHA20_POLY1305_SHA256; |
||
dh_type str |
‘1024’= 1024; ‘1024-dsa’= 1024-dsa; ‘2048’= 2048; |
||
ec_list list |
Field ec_list |
||
ec str |
‘secp256r1’= X9_62_prime256v1; ‘secp384r1’= secp384r1; |
||
enable_tls_alert_logging bool |
Enable TLS alert logging |
||
alert_type str |
‘fatal’= Log fatal alerts; |
||
handshake_logging_enable bool |
Enable SSL handshake logging |
||
close_notify bool |
Send close notification when terminate connection |
||
forward_proxy_enable bool |
Enable SSL forward proxy |
||
session_ticket_enable bool |
Enable server side session ticket support |
||
version int |
TLS/SSL version, default is the highest number supported (TLS/SSL version= 30-SSLv3.0, 31-TLSv1.0, 32-TLSv1.1 and 33-TLSv1.2) |
||
dgversion int |
Lower TLS/SSL version can be downgraded |
||
server_certificate_error list |
Field server_certificate_error |
||
error_type str |
‘email’= Notify the error via email; ‘ignore’= Ignore the error, which mean the connection can continue; ‘logging’= Log the error; ‘trap’= Notify the error by SNMP trap; |
||
ssli_logging bool |
SSLi logging level, default is error logging only |
||
sslilogging str |
‘disable’= Disable all logging; ‘all’= enable all logging(error, info); |
||
dh_short_key_action str |
‘none’= no change; ‘prepend’= prepend dh key; ‘regenerate’= regenerate dh key; |
||
key str |
Key Name |
||
passphrase str |
Password Phrase |
||
encrypted str |
Do NOT use this option manually. (This is an A10 reserved keyword.) (The ENCRYPTED password string) |
||
key_shared_str str |
Key Name |
||
key_shared_passphrase str |
Password Phrase |
||
key_shared_encrypted str |
Do NOT use this option manually. (This is an A10 reserved keyword.) (The ENCRYPTED password string) |
||
ocsp_stapling bool |
Enable ocsp-stapling support |
||
use_client_sni bool |
use client SNI |
||
renegotiation_disable bool |
Disable SSL renegotiation |
||
session_cache_size int |
Session Cache Size (Maximum cache size. Default value 0 (Session ID reuse disabled)) |
||
session_cache_timeout int |
Session Cache Timeout (Timeout value, in seconds. Default no timeout.) |
||
cipher_template str |
Cipher Template Name |
||
shared_partition_cipher_template bool |
Reference a cipher template from shared partition |
||
template_cipher_shared str |
Cipher Template Name |
||
enable_ssli_ftp_alg int |
Enable SSLi FTP over TLS support at which port |
||
uuid str |
uuid of the object |
||
user_tag str |
Customized tag |
||