Closed roskens closed 6 years ago
OK, I'll look into it.
Can you tell me the version of your BIG-IP please?
Thanks for reporting.
@roskens I've just pushed a fix. Can you give it a try and let me know if it works as expected?
Take note that the options parameter is now named 'tm_options'. Also, the options should contain dashes, not underscores.
- name: "Create TLS standard clientssl profile"
f5bigip_ltm_profile_client_ssl:
f5_hostname: "{{ environment[0].F5_SERVER }}"
f5_port: "{{ environment[0].F5_SERVER_PORT }}"
f5_username: "{{ environment[0].F5_USER }}"
f5_password: "{{ environment[0].F5_PASSWORD }}"
defaults_from: "/Common/clientssl"
name: "clientssl-tls-standard"
partition: "{{ partition }}"
ciphers: "NATIVE:!MD5:!EXPORT:!DES:!DHE:!EDH:!RC4:!ADH:!SSLv2:!SSLv3:@SPEED"
tm_options:
- dont-insert-empty-fragments
- single-dh-use
- no-sslv2
- no-sslv3
- no-tlsv1
- no-tlsv1-1
Thanks! Its working.
The last one is no-tlsv1.1 too.
Ok, I'll change the documentation.
Thanks again for reporting.
Can't create a client-ssl profile with multiple options.
This gives an error: