def BindUnbindSniCert(sess, vserver,certlist,isunbind=False) : ret = 0 ckeylist = [] for c in certlist : vckey = VsrvrCKeyBdg() vckey.vservername = vserver vckey.certkeyname = c vckey.snicert = 'true' ckeylist.append(vckey) if len(ckeylist) == 1 : ckeylist = ckeylist[0] try : if isunbind : VsrvrCKeyBdg.delete(sess,ckeylist) else : VsrvrCKeyBdg.add(sess,ckeylist) except NITROEXCEPTION.nitro_exception as e : print 'BindUnbindSniCert: {}'.format(e.message) ret = e.errorcode except Exception as e : print 'BindUnbindSniCert: {}'.format(e.message) ret = e.errorcode return ret
def BindUnbindServerCert(sess, vserver,certkey,isunbind=False,isservice=False) : ret = 0 try : if isservice : vckey = ServiceCKeyBdg.sslservice_sslcertkey_binding() vckey.servicename = vserver vckey.certkeyname = certkey else : vckey = VsrvrCKeyBdg() vckey.vservername = vserver vckey.certkeyname = certkey if isunbind : if isservice : ServiceCKeyBdg.sslservice_sslcertkey_binding.delete(sess,vckey) else : VsrvrCKeyBdg.delete(sess,vckey) else : if isservice : ServiceCKeyBdg.sslservice_sslcertkey_binding.add(sess,vckey) else : VsrvrCKeyBdg.add(sess,vckey) except NITROEXCEPTION.nitro_exception as e : print 'BindUnbindServerCert Failed: {0}'.format(e.message) ret = e.errorcode return ret
def ssl_certkey_bindings_sync(): vservername = module.params['name'] if sslvserver_sslcertkey_binding.count(client, vservername) == 0: bindings = [] else: bindings = sslvserver_sslcertkey_binding.get(client, vservername) log('bindings len is %s' % len(bindings)) # Delete existing bindings for binding in bindings: sslvserver_sslcertkey_binding.delete(client, binding) # Add binding if appropriate if module.params['ssl_certkey'] is not None: binding = sslvserver_sslcertkey_binding() binding.vservername = module.params['name'] binding.certkeyname = module.params['ssl_certkey'] sslvserver_sslcertkey_binding.add(client, binding)
def BindUnbindCACert(sess, vserver,certlist,isunbind=False,isservice=False) : ret = 0 ckeylist = [] for c in certlist : if isservice : vckey = ServiceCKeyBdg.sslservice_sslcertkey_binding() vckey.servicename = vserver vckey.certkeyname = c vckey.ca = 'true' ckeylist.append(vckey) else : vckey = VsrvrCKeyBdg() vckey.vservername = vserver vckey.certkeyname = c vckey.ca = 'true' ckeylist.append(vckey) if len(ckeylist) == 1 : ckeylist = vckey try : if isservice : if isunbind : ServiceCKeyBdg.sslservice_sslcertkey_binding.delete(sess,ckeylist) else : ServiceCKeyBdg.sslservice_sslcertkey_binding.add(sess,ckeylist) else : if isunbind : VsrvrCKeyBdg.delete(sess,ckeylist) else : VsrvrCKeyBdg.add(sess,ckeylist) except NITROEXCEPTION.nitro_exception as e : print 'BindUnbindCACert: {}'.format(e.message) ret = e.errorcode except Exception as e : print 'BindUnbindCACert: exception {}'.format(e.message) ret = e.errorcode return ret
def ssl_certkey_bindings_sync(client, module): log('Syncing certkey bindings') vservername = module.params['name'] if sslvserver_sslcertkey_binding.count(client, vservername) == 0: bindings = [] else: bindings = sslvserver_sslcertkey_binding.get(client, vservername) # Delete existing bindings for binding in bindings: log('Deleting existing binding for certkey %s' % binding.certkeyname) sslvserver_sslcertkey_binding.delete(client, binding) # Add binding if appropriate if module.params['ssl_certkey'] is not None: log('Adding binding for certkey %s' % module.params['ssl_certkey']) binding = sslvserver_sslcertkey_binding() binding.vservername = module.params['name'] binding.certkeyname = module.params['ssl_certkey'] sslvserver_sslcertkey_binding.add(client, binding)
'star.abc.com','star.news.abc.com','star.sports.abc.com'] cacertlist = ['RootServer2048CACert','TwoCA1024','OneCA2048', 'ThreeCA2048'] CL = ['OneCA2048'] oneca = ['OneCA2048'] servercert = 'Server1024_sha1' ##from nssrc.com.citrix.netscaler.nitro.resource.config.ssl.sslvserver_sslcertkey_binding import sslvserver_sslcertkey_binding as VsrvrCKeyBdg vckey = VsrvrCKeyBdg() vckey.vservername = 'one' vckey.certkeyname = 'TwoCA1024' ## vckey.ca = True ## VsrvrCKeyBdg.add(sess,vckey) vckey.ca = 'True' VsrvrCKeyBdg.delete(sess,vckey) ## BindUnbindSniCert(sess, 'one', snicertlist,isunbind=True) ## BindUnbindCACert(sess, 'one', cacertlist,isunbind=True) ## BindUnbindServerCert(sess, 'one', servercert,isunbind=True) ## BindUnbindSniCert(sess, 'one', snicertlist,isunbind=False) ## BindUnbindCACert(sess, 'one', cacertlist,isunbind=False) ## BindUnbindServerCert(sess, 'one', servercert,isunbind=False) ## BindUnbindCACert(sess, 'one', CL,isunbind=True) #sess = Login('10.102.28.201') #d = GetIPS(sess)