Class: Ansible::Ruby::Modules::Bigip_profile_client_ssl

Inherits:

Base

• Object
• Ansible::Ruby::Models::Base
• Base
• Ansible::Ruby::Modules::Bigip_profile_client_ssl

Defined in:

lib/ansible/ruby/modules/generated/network/f5/bigip_profile_client_ssl.rb

Overview

Manages client SSL profiles on a BIG-IP.

Instance Method Summary

• #allow_non_ssl ⇒ Symbol^?

  Enables or disables acceptance of non-SSL connections.,When creating a new profile, the setting is provided by the parent profile.

• #cert_key_chain ⇒ Array<Hash>, ...

  One or more certificates and keys to associate with the SSL profile.

• #ciphers ⇒ String^?

  Specifies the list of ciphers that the system supports.

• #name ⇒ String

  Specifies the name of the profile.

• #options ⇒ :"netscape-reuse-cipher-change-bug", ...

  Options that the system uses for SSL processing in the form of a list.

• #parent ⇒ String^?

  The parent template of this monitor template.

• #partition ⇒ String^?

  Device partition to manage resources on.

• #secure_renegotiation ⇒ :require, ...

  Specifies the method of secure renegotiations for SSL connections.

• #state ⇒ :present, ...

  When C(present), ensures that the profile exists.,When C(absent), ensures the profile is removed.

Methods inherited from Base

#ansible_name, #to_h

Methods inherited from Ansible::Ruby::Models::Base

attr_option, attr_options, attribute, #initialize, remove_existing_validations, #to_h, validates

Constructor Details

This class inherits a constructor from Ansible::Ruby::Models::Base

Instance Method Details

#allow_non_ssl ⇒ Symbol^?

Returns Enables or disables acceptance of non-SSL connections.,When creating a new profile, the setting is provided by the parent profile.

Returns:

• (Symbol, nil) —

  Enables or disables acceptance of non-SSL connections.,When creating a new profile, the setting is provided by the parent profile.

# File 'lib/ansible/ruby/modules/generated/network/f5/bigip_profile_client_ssl.rb', line 40

attribute :allow_non_ssl

#cert_key_chain ⇒ Array<Hash>, ...

Returns One or more certificates and keys to associate with the SSL profile. This option is always a list. The keys in the list dictate the details of the client/key/chain combination. Note that BIG-IPs can only have one of each type of each certificate/key type. This means that you can only have one RSA, one DSA, and one ECDSA per profile. If you attempt to assign two RSA, DSA, or ECDSA certificate/key combo, the device will reject this.,This list is a complex list that specifies a number of keys.

Returns:

• (Array<Hash>, Hash, nil) —

  One or more certificates and keys to associate with the SSL profile. This option is always a list. The keys in the list dictate the details of the client/key/chain combination. Note that BIG-IPs can only have one of each type of each certificate/key type. This means that you can only have one RSA, one DSA, and one ECDSA per profile. If you attempt to assign two RSA, DSA, or ECDSA certificate/key combo, the device will reject this.,This list is a complex list that specifies a number of keys.

# File 'lib/ansible/ruby/modules/generated/network/f5/bigip_profile_client_ssl.rb', line 24

attribute :cert_key_chain

#ciphers ⇒ String^?

Returns Specifies the list of ciphers that the system supports. When creating a new profile, the default cipher list is provided by the parent profile.

Returns:

• (String, nil) —

  Specifies the list of ciphers that the system supports. When creating a new profile, the default cipher list is provided by the parent profile.

# File 'lib/ansible/ruby/modules/generated/network/f5/bigip_profile_client_ssl.rb', line 20

attribute :ciphers

#name ⇒ String

Returns Specifies the name of the profile.

Returns:

• (String) —

  Specifies the name of the profile.

# File 'lib/ansible/ruby/modules/generated/network/f5/bigip_profile_client_ssl.rb', line 12

attribute :name

#options ⇒ :"netscape-reuse-cipher-change-bug", ...

Returns Options that the system uses for SSL processing in the form of a list. When creating a new profile, the list is provided by the parent profile.,When a C(”) or C(none) value is provided all options for SSL processing are disabled.

Returns:

• (:"netscape-reuse-cipher-change-bug", :"microsoft-big-sslv3-buffer", :"msie-sslv2-rsa-padding", :"ssleay-080-client-dh-bug", :"tls-d5-bug", :"tls-block-padding-bug", :"dont-insert-empty-fragments", :"no-ssl", :"no-dtls", :"no-session-resumption-on-renegotiation", :"no-tlsv1.1", :"no-tlsv1.2", :"single-dh-use", :"ephemeral-rsa", :"cipher-server-preference", :"tls-rollback-bug", :"no-sslv2", :"no-sslv3", :"no-tls", :"no-tlsv1", :"pkcs1-check-1", :"pkcs1-check-2", :"netscape-ca-dn-bug", :"netscape-demo-cipher-change-bug", nil) —

  Options that the system uses for SSL processing in the form of a list. When creating a new profile, the list is provided by the parent profile.,When a C(”) or C(none) value is provided all options for SSL processing are disabled.

# File 'lib/ansible/ruby/modules/generated/network/f5/bigip_profile_client_ssl.rb', line 32

attribute :options

#parent ⇒ String^?

Returns The parent template of this monitor template. Once this value has been set, it cannot be changed. By default, this value is the C(clientssl) parent on the C(Common) partition.

Returns:

• (String, nil) —

  The parent template of this monitor template. Once this value has been set, it cannot be changed. By default, this value is the C(clientssl) parent on the C(Common) partition.

# File 'lib/ansible/ruby/modules/generated/network/f5/bigip_profile_client_ssl.rb', line 16

attribute :parent

#partition ⇒ String^?

Returns Device partition to manage resources on.

Returns:

• (String, nil) —

  Device partition to manage resources on.

# File 'lib/ansible/ruby/modules/generated/network/f5/bigip_profile_client_ssl.rb', line 28

attribute :partition

#secure_renegotiation ⇒ :require, ...

Returns Specifies the method of secure renegotiations for SSL connections. When creating a new profile, the setting is provided by the parent profile.,When C(request) is set the ssystem request secure renegotation of SSL connections.,C(require) is a default setting and when set the system permits initial SSL handshakes from clients but terminates renegotiations from unpatched clients.,The C(require-strict) setting the system requires strict renegotiation of SSL connections. In this mode the system refuses connections to insecure servers, and terminates existing SSL connections to insecure servers.

Returns:

• (:require, :"require-strict", :request, nil) —

  Specifies the method of secure renegotiations for SSL connections. When creating a new profile, the setting is provided by the parent profile.,When C(request) is set the ssystem request secure renegotation of SSL connections.,C(require) is a default setting and when set the system permits initial SSL handshakes from clients but terminates renegotiations from unpatched clients.,The C(require-strict) setting the system requires strict renegotiation of SSL connections. In this mode the system refuses connections to insecure servers, and terminates existing SSL connections to insecure servers.

# File 'lib/ansible/ruby/modules/generated/network/f5/bigip_profile_client_ssl.rb', line 36

attribute :secure_renegotiation

#state ⇒ :present, ...

Returns When C(present), ensures that the profile exists.,When C(absent), ensures the profile is removed.

Returns:

• (:present, :absent, nil) —

  When C(present), ensures that the profile exists.,When C(absent), ensures the profile is removed.

# File 'lib/ansible/ruby/modules/generated/network/f5/bigip_profile_client_ssl.rb', line 44

attribute :state