def BindUnbindServerCert(sess, vserver,certkey,isunbind=False,isservice=False) :
ret = 0
try :
if isservice :
vckey = ServiceCKeyBdg.sslservice_sslcertkey_binding()
vckey.servicename = vserver
vckey.certkeyname = certkey
else :
vckey = VsrvrCKeyBdg()
vckey.vservername = vserver
vckey.certkeyname = certkey
if isunbind :
if isservice :
ServiceCKeyBdg.sslservice_sslcertkey_binding.delete(sess,vckey)
else :
VsrvrCKeyBdg.delete(sess,vckey)
else :
if isservice :
ServiceCKeyBdg.sslservice_sslcertkey_binding.add(sess,vckey)
else :
VsrvrCKeyBdg.add(sess,vckey)
except NITROEXCEPTION.nitro_exception as e :
print 'BindUnbindServerCert Failed: {0}'.format(e.message)
ret = e.errorcode
return ret
def BindUnbindSniCert(sess, vserver,certlist,isunbind=False) :
ret = 0
ckeylist = []
for c in certlist :
vckey = VsrvrCKeyBdg()
vckey.vservername = vserver
vckey.certkeyname = c
vckey.snicert = 'true'
ckeylist.append(vckey)
if len(ckeylist) == 1 :
ckeylist = ckeylist[0]
try :
if isunbind :
VsrvrCKeyBdg.delete(sess,ckeylist)
else :
VsrvrCKeyBdg.add(sess,ckeylist)
except NITROEXCEPTION.nitro_exception as e :
print 'BindUnbindSniCert: {}'.format(e.message)
ret = e.errorcode
except Exception as e :
print 'BindUnbindSniCert: {}'.format(e.message)
ret = e.errorcode
return ret
def bind_certkey(u):
s = sslvserver_sslcertkey_binding()
s.vservername='cs_sni.o.e'
s.certkeyname='sni_%s' %u
s.snicert=True
try:
sslvserver_sslcertkey_binding.add(session,s)
except nitro_exception as e:
print("Exception::errorcode="+str(e.errorcode)+",message="+ e.message)
def BindUnbindOneVsrvrCKey(session,server,certkey,isunbind=0,issni=False,isca=False,ocspcheck=False,crlcheck=False) :
ret = 0
try :
vckey = VsrvrCKeyBdg()
vckey.vservername = server
vckey.certkeyname = certkey
VsrvrCKeyBdg.add(sess,vckey)
except NITROEXCEPTION.nitro_exception as e :
print 'Nitro exception:::: {0}'.format(e.message)
ret = e.errorcode
return ret
def ssl_certkey_bindings_sync():
vservername = module.params['name']
if sslvserver_sslcertkey_binding.count(client, vservername) == 0:
bindings = []
else:
bindings = sslvserver_sslcertkey_binding.get(client, vservername)
log('bindings len is %s' % len(bindings))
# Delete existing bindings
for binding in bindings:
sslvserver_sslcertkey_binding.delete(client, binding)
# Add binding if appropriate
if module.params['ssl_certkey'] is not None:
binding = sslvserver_sslcertkey_binding()
binding.vservername = module.params['name']
binding.certkeyname = module.params['ssl_certkey']
sslvserver_sslcertkey_binding.add(client, binding)
def BindUnbindCACert(sess, vserver,certlist,isunbind=False,isservice=False) :
ret = 0
ckeylist = []
for c in certlist :
if isservice :
vckey = ServiceCKeyBdg.sslservice_sslcertkey_binding()
vckey.servicename = vserver
vckey.certkeyname = c
vckey.ca = 'true'
ckeylist.append(vckey)
else :
vckey = VsrvrCKeyBdg()
vckey.vservername = vserver
vckey.certkeyname = c
vckey.ca = 'true'
ckeylist.append(vckey)
if len(ckeylist) == 1 :
ckeylist = vckey
try :
if isservice :
if isunbind :
ServiceCKeyBdg.sslservice_sslcertkey_binding.delete(sess,ckeylist)
else :
ServiceCKeyBdg.sslservice_sslcertkey_binding.add(sess,ckeylist)
else :
if isunbind :
VsrvrCKeyBdg.delete(sess,ckeylist)
else :
VsrvrCKeyBdg.add(sess,ckeylist)
except NITROEXCEPTION.nitro_exception as e :
print 'BindUnbindCACert: {}'.format(e.message)
ret = e.errorcode
except Exception as e :
print 'BindUnbindCACert: exception {}'.format(e.message)
ret = e.errorcode
return ret
def bindsslvs_cert (self, client) :
try :
lbvs = lbvserver()
lbvs.name = "ssl_vs"
lbvs.servicetype = lbvserver.Servicetype.SSL
lbvs.ipv46 = "1.1.1.1"
lbvs.port = 443
lbvserver.add(client, lbvs)
obj = [sslvserver_sslcertkey_binding() for _ in range(2)]
obj[0].vservername = "ssl_vs"
obj[0].certkeyname = "xx"
obj[1].vservername = "ssl_vs"
obj[1].certkeyname = "yy"
sslvserver_sslcertkey_binding.add(client, obj)
print("bindsslvs_cert - Done")
except nitro_exception as e :
print("Exception::bindsslvs_cert::errorcode="+str(e.errorcode)+",message="+ e.message)
except Exception as e:
print("Exception::bindsslvs_cert::message="+str(e.args))
def ssl_certkey_bindings_sync(client, module):
log('Syncing certkey bindings')
vservername = module.params['name']
if sslvserver_sslcertkey_binding.count(client, vservername) == 0:
bindings = []
else:
bindings = sslvserver_sslcertkey_binding.get(client, vservername)
# Delete existing bindings
for binding in bindings:
log('Deleting existing binding for certkey %s' % binding.certkeyname)
sslvserver_sslcertkey_binding.delete(client, binding)
# Add binding if appropriate
if module.params['ssl_certkey'] is not None:
log('Adding binding for certkey %s' % module.params['ssl_certkey'])
binding = sslvserver_sslcertkey_binding()
binding.vservername = module.params['name']
binding.certkeyname = module.params['ssl_certkey']
sslvserver_sslcertkey_binding.add(client, binding)
def ssl_certkey_bindings_sync(client, module):
log('Syncing certkey bindings')
vservername = module.params['name']
if sslvserver_sslcertkey_binding.count(client, vservername) == 0:
bindings = []
else:
bindings = sslvserver_sslcertkey_binding.get(client, vservername)
# Delete existing bindings
for binding in bindings:
log('Deleting existing binding for certkey %s' % binding.certkeyname)
sslvserver_sslcertkey_binding.delete(client, binding)
# Add binding if appropriate
if module.params['ssl_certkey'] is not None:
log('Adding binding for certkey %s' % module.params['ssl_certkey'])
binding = sslvserver_sslcertkey_binding()
binding.vservername = module.params['name']
binding.certkeyname = module.params['ssl_certkey']
sslvserver_sslcertkey_binding.add(client, binding)