search

F5Networks / f5-declarative-onboarding

F5 BIG-IP Declarative Onboarding
Apache License 2.0
58 stars 22 forks source link

RFE: url reference for Authentication_ldap / sslCaCert property #278

Open amolari opened 2 years ago

amolari commented 2 years ago

Is your feature request related to a problem? Please describe.

Our cloud images are generated from the f5-generator tool (devcentral). They already contain the customer's internal PKI chain to have an immediate trust during the provisioning. I'm asking this RFE to add the reference method url (as it exists in as3) to the property Authentication_ldap / sslCaCert. With that we can then refer to the url "file://" of the existing local/bigip file instead of having a large base64 value in the declaration.

Describe the solution you'd like

          ad_ldap_auth:
            class: Authentication
[...]
            ldap:
              port: 636
              ssl: enabled
[...]
              sslCheckPeer: true
              sslCaCert:
                certificate:
                   url: file:///config/ssl/ssl.crt/customer-CA-chain.crt

Describe alternatives you've considered

base64 reference works as expected. However, the object already exists on the bigip and it would be nice/cleaner to use that one => the declaration will be compacter/readable

Additional context

Add any other context, such as the desired tmsh configuration, about the feature request here.

amolari commented 1 year ago

Hello could that be please prioritized? In the meantime, I have opened support case 00368040 and got the following back: BugID1269377 - AUTOTOOL-3705: DO RFE URL reference for Authentication_ldap/sslCaCert property Thank you