fadcos_local_cert_group – local cert group configuration in Fortinet’s FortiADC

New in version 1.0.0.

Synopsis

  • Configure FortiADC local cert group

Requirements

The below requirements are needed on the host that executes this module.

  • ansible>=2.8

FortiADC Version Compatibility


v7.0.0 v7.0.1 v7.0.2 v7.1.0 v7.1.4 v7.2.2 v7.4.0
fortiadc_local_cert_group yes yes yes yes yes yes yes

Parameters

  • action - Type of action to perform on the objecttype: str required: true
  • name - Local certificate group name.type: str required: true
  • member_id - Local certificate group member ID.type: str required: true
  • OCSP_stapling - Select an OCSP Stapling configuration. The local certificate in the OCSP Stapling configuration must match the local certificate in the local certificate group member.type: str required: false
  • default - Enable if you want to make this local certificate the default for the group.type: str required: false default: disable
  • extra_local_cert - FortiADC supports dual SSL certificates, one for an RSA-based SSL certificate and the other for an ECDSA-based SSL certificate. This option allows you to add an additional local certificate along with an additional OCSP stapling and intermediate CA group to a local certificate group configuration.type: str required: false
  • intermediate_cag - Select an intermediate CA group to add to the local group.type: str required: false
  • local_cert - Select a local certificate to add to the group.type: str required: false default: Factory
  • vdom - VDOM name if enabled.type: str required: true(if VDOM is enabled)

Examples

- name:
  hosts: all
  connection: httpapi
  gather_facts: false
  tasks:
        - name: Manage Local Certificate Group
          fadcos_local_cert_group:
                action: add_group
                name: ansible_test_G2
        - name: Manage Local Certificate Group Members
          fadcos_local_cert_group:
                action: add_member
                name: ansible_test_G2

Return Values

Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:

  • 200 - OK: Request returns successful.
  • 400 - Bad Request: Request cannot be processed by the API.
  • 401 - Not Authorized: Request without successful login session.
  • 403 - Forbidden: Request is missing CSRF token or administrator is missing access profile permissions.
  • 404 - Resource Not Found: Unable to find the specified resource.
  • 405 - Method Not Allowed: Specified HTTP method is not allowed for this resource.
  • 413 - Request Entity Too Large: Request cannot be processed due to large entity.
  • 424 - Failed Dependency: Fail dependency can be duplicate resource, missing required parameter, missing required attribute, or invalid attribute value.
  • 429 - Access temporarily blocked: Maximum failed authentications reached. The offended source is temporarily blocked for certain amount of time.
  • 500 - Internal Server Error: Internal error when processing the request.

For errorcode please check FortiADC API errorcode at : https://fndn.fortinet.net/index.php?/fortiapi/981-fortiadc/

Status

  • This module is not guaranteed to have a backwards compatible interface.

Authors

  • Jie Li
  • Aravindh Sri

Hint

If you notice any issues in this documentation, you can create a pull request to improve it at: https://github.com/fortinet-ansible-dev/ansible-galaxy-fortiadc-sphinxdoc/pulls