Open cwise24 opened 9 months ago
bigip_sslo_config_ssl
ansible [core 2.15.2] config file = /home/cwise/Project/sslo_ansible/ansible.cfg configured module search path = ['/home/cwise/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules'] ansible python module location = /home/cwise/.local/lib/python3.10/site-packages/ansible ansible collection location = /home/cwise/Project/sslo_ansible/collections executable location = /home/cwise/.local/bin/ansible python version = 3.10.12 (main, Jun 11 2023, 05:26:28) [GCC 11.4.0] (/usr/bin/python3) jinja version = 3.1.2 libyaml = True
SSLO- 7.6.17 [admin@ip-10-255-20-9:Active:Standalone] ~ # tmsh show sys version Sys::Version Main Package Product BIG-IP Version 15.1.8.2 Build 0.0.17 Edition Point Release 2 Date Thu Mar 16 03:44:11 PDT 2023
tasks: - name: Create demo SSLO SSL setting tags: step1 bigip_sslo_config_ssl: name: "{{ sslo_ssl }}" bypass_handshake_failure: yes client_settings: proxy_type: reverse cert: "/Common/{{ ssl_name }}" key: "/Common/{{ ssl_key }}"
WSL Ubuntu 22.04
BIG IP SSLO config has wrong defaults:
When sending proxy_type: reverse should result in ignore value. In verbose output it shows correct:
proxy_type: reverse
changed: [sslo-2] => { "bypass_handshake_failure": true, "changed": true, "client_settings": { "cert": "/Common/default.crt", "key": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER", "proxy_type": "reverse" }, "invocation": { "module_args": { "bypass_client_cert_failure": null, "bypass_handshake_failure": true, "client_settings": { "alpn": null, "ca_cert": null, "ca_chain": null, "ca_key": null, "cert": "/Common/default.crt", "chain": null, "cipher_group": null, "cipher_string": null, "cipher_type": null, "client_ssl_options": null, "key": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER", "log_publisher": null, "proxy_type": "reverse" }, "dump_json": false, "name": "demo2_ssl", "server_settings": null, "sni": null, "state": "present", "timeout": 300 } }, "server_settings": { "block_expired": "ignore", "block_untrusted": "ignore" } }
Hi,
Thanks for reporting. Added to the backlog and internal tracking ID for this request is: INFRAANO-1373.
COMPONENT NAME
bigip_sslo_config_ssl
Environment
ANSIBLE VERSION
BIGIP VERSION
CONFIGURATION
OS / ENVIRONMENT
WSL Ubuntu 22.04
SUMMARY
BIG IP SSLO config has wrong defaults:
When sending
proxy_type: reverse
should result in ignore value. In verbose output it shows correct:STEPS TO REPRODUCE
EXPECTED RESULTS
ACTUAL RESULTS