DumpySquare
commented
1 year ago Can you please provide examples of these different types of ssl associations?
Closed npmaslow closed 1 year ago
DumpySquare
commented
1 year ago Can you please provide examples of these different types of ssl associations?
DumpySquare
commented
1 year ago is this what you are looking for?
npmaslow
commented
1 year ago Yes - the ssl vserver concept is more directly related to a non-addressable target of a content switch action. Showing the 'add ssl certkey ... ...' and 'bind ssl certkey ... ...' or any existing 'add ssl profile ... ...' and 'bind ssl profile ... ...' is sufficient - all of the ciphers will be replaced by the F5 profile settings, so it's mainly just showing the certkey name bound to any vserver type (lb, cs, vpn, ssl)
DumpySquare
commented
1 year ago the -certKeyName can be referenced at both CS and LB vserver
DumpySquare
commented
1 year ago create the certKey
add ssl certKey
https://docs.netscaler.com/en-us/citrix-adc/13/ssl/ssl-certificates/bind-cert-virtual-server.html (either cs or lb)
bind ssl vs
examples: bind ssl certkey cacert -ocspResponder ocsp_ca -priority 1 bind ssl profile ssl_prof -ssliCACertkey ca_certkey
DumpySquare
commented
1 year ago two example apps in this project cs -> bind ssl vserver groot-cs-vsvr -certkeyName star.groot.cer lb -> bind ssl vserver starlord_offload_lb_vs -certkeyName starlord.galaxy.io_cert
DumpySquare
commented
1 year ago complete with tests (tests/031_sslCerts.unit.tests.ts) for pending v1.1 release
Describe the bug If a virtual server has an SSL profile or certkey appended to it, it does not show up as part of the grouped application with the virtual server.
To Reproduce Steps to reproduce the behavior: Bind an ssl certkey to a virtual server in Netscaler, run the tool on the ns.conf, check the app definition and compare it to the ns definition.
Expected behavior A bind ssl certkey or ssl profile will result in a ssl certificate class or tls_server class respectively as part of the application definition.
Desktop (please complete the following information): Flipper 1.0
Additional Context Citrix Netscaler has two modes of SSL termination - binding SSL certificates and keys directly to the virtual server (older typically legacy configurations) and the more typical SSL profile grouping of certkey and TLS settings bound to the virtual server as a single profile object.