def BindUnbindSniCert(sess, vserver,certlist,isunbind=False) :
ret = 0
ckeylist = []
for c in certlist :
vckey = VsrvrCKeyBdg()
vckey.vservername = vserver
vckey.certkeyname = c
vckey.snicert = 'true'
ckeylist.append(vckey)
if len(ckeylist) == 1 :
ckeylist = ckeylist[0]
try :
if isunbind :
VsrvrCKeyBdg.delete(sess,ckeylist)
else :
VsrvrCKeyBdg.add(sess,ckeylist)
except NITROEXCEPTION.nitro_exception as e :
print 'BindUnbindSniCert: {}'.format(e.message)
ret = e.errorcode
except Exception as e :
print 'BindUnbindSniCert: {}'.format(e.message)
ret = e.errorcode
return ret
def BindUnbindServerCert(sess, vserver,certkey,isunbind=False,isservice=False) :
ret = 0
try :
if isservice :
vckey = ServiceCKeyBdg.sslservice_sslcertkey_binding()
vckey.servicename = vserver
vckey.certkeyname = certkey
else :
vckey = VsrvrCKeyBdg()
vckey.vservername = vserver
vckey.certkeyname = certkey
if isunbind :
if isservice :
ServiceCKeyBdg.sslservice_sslcertkey_binding.delete(sess,vckey)
else :
VsrvrCKeyBdg.delete(sess,vckey)
else :
if isservice :
ServiceCKeyBdg.sslservice_sslcertkey_binding.add(sess,vckey)
else :
VsrvrCKeyBdg.add(sess,vckey)
except NITROEXCEPTION.nitro_exception as e :
print 'BindUnbindServerCert Failed: {0}'.format(e.message)
ret = e.errorcode
return ret
def ssl_certkey_bindings_sync():
vservername = module.params['name']
if sslvserver_sslcertkey_binding.count(client, vservername) == 0:
bindings = []
else:
bindings = sslvserver_sslcertkey_binding.get(client, vservername)
log('bindings len is %s' % len(bindings))
# Delete existing bindings
for binding in bindings:
sslvserver_sslcertkey_binding.delete(client, binding)
# Add binding if appropriate
if module.params['ssl_certkey'] is not None:
binding = sslvserver_sslcertkey_binding()
binding.vservername = module.params['name']
binding.certkeyname = module.params['ssl_certkey']
sslvserver_sslcertkey_binding.add(client, binding)
def BindUnbindCACert(sess, vserver,certlist,isunbind=False,isservice=False) :
ret = 0
ckeylist = []
for c in certlist :
if isservice :
vckey = ServiceCKeyBdg.sslservice_sslcertkey_binding()
vckey.servicename = vserver
vckey.certkeyname = c
vckey.ca = 'true'
ckeylist.append(vckey)
else :
vckey = VsrvrCKeyBdg()
vckey.vservername = vserver
vckey.certkeyname = c
vckey.ca = 'true'
ckeylist.append(vckey)
if len(ckeylist) == 1 :
ckeylist = vckey
try :
if isservice :
if isunbind :
ServiceCKeyBdg.sslservice_sslcertkey_binding.delete(sess,ckeylist)
else :
ServiceCKeyBdg.sslservice_sslcertkey_binding.add(sess,ckeylist)
else :
if isunbind :
VsrvrCKeyBdg.delete(sess,ckeylist)
else :
VsrvrCKeyBdg.add(sess,ckeylist)
except NITROEXCEPTION.nitro_exception as e :
print 'BindUnbindCACert: {}'.format(e.message)
ret = e.errorcode
except Exception as e :
print 'BindUnbindCACert: exception {}'.format(e.message)
ret = e.errorcode
return ret
def ssl_certkey_bindings_sync(client, module):
log('Syncing certkey bindings')
vservername = module.params['name']
if sslvserver_sslcertkey_binding.count(client, vservername) == 0:
bindings = []
else:
bindings = sslvserver_sslcertkey_binding.get(client, vservername)
# Delete existing bindings
for binding in bindings:
log('Deleting existing binding for certkey %s' % binding.certkeyname)
sslvserver_sslcertkey_binding.delete(client, binding)
# Add binding if appropriate
if module.params['ssl_certkey'] is not None:
log('Adding binding for certkey %s' % module.params['ssl_certkey'])
binding = sslvserver_sslcertkey_binding()
binding.vservername = module.params['name']
binding.certkeyname = module.params['ssl_certkey']
sslvserver_sslcertkey_binding.add(client, binding)
def ssl_certkey_bindings_sync(client, module):
log('Syncing certkey bindings')
vservername = module.params['name']
if sslvserver_sslcertkey_binding.count(client, vservername) == 0:
bindings = []
else:
bindings = sslvserver_sslcertkey_binding.get(client, vservername)
# Delete existing bindings
for binding in bindings:
log('Deleting existing binding for certkey %s' % binding.certkeyname)
sslvserver_sslcertkey_binding.delete(client, binding)
# Add binding if appropriate
if module.params['ssl_certkey'] is not None:
log('Adding binding for certkey %s' % module.params['ssl_certkey'])
binding = sslvserver_sslcertkey_binding()
binding.vservername = module.params['name']
binding.certkeyname = module.params['ssl_certkey']
sslvserver_sslcertkey_binding.add(client, binding)
'star.abc.com','star.news.abc.com','star.sports.abc.com']
cacertlist = ['RootServer2048CACert','TwoCA1024','OneCA2048',
'ThreeCA2048']
CL = ['OneCA2048']
oneca = ['OneCA2048']
servercert = 'Server1024_sha1'
##from nssrc.com.citrix.netscaler.nitro.resource.config.ssl.sslvserver_sslcertkey_binding import sslvserver_sslcertkey_binding as VsrvrCKeyBdg
vckey = VsrvrCKeyBdg()
vckey.vservername = 'one'
vckey.certkeyname = 'TwoCA1024'
## vckey.ca = True
## VsrvrCKeyBdg.add(sess,vckey)
vckey.ca = 'True'
VsrvrCKeyBdg.delete(sess,vckey)
## BindUnbindSniCert(sess, 'one', snicertlist,isunbind=True)
## BindUnbindCACert(sess, 'one', cacertlist,isunbind=True)
## BindUnbindServerCert(sess, 'one', servercert,isunbind=True)
## BindUnbindSniCert(sess, 'one', snicertlist,isunbind=False)
## BindUnbindCACert(sess, 'one', cacertlist,isunbind=False)
## BindUnbindServerCert(sess, 'one', servercert,isunbind=False)
## BindUnbindCACert(sess, 'one', CL,isunbind=True)
#sess = Login('10.102.28.201')
#d = GetIPS(sess)