Binding SSL profiles to vServers

[slauger]

Find the correct NITRO API command.

Current workaround:

- name: Bind SSL profile to CS vServer
  shell: "ssh {{ netscaler_ip }} 'set ssl vserver vs_cs_ssl_sharefile -sslProfile ssl_profile_frontend_sni'"

[nravid]

Thanks for the workaround!

Has Citrix been made aware of this shortfall?

[slauger]

Hi @nravid,

i recently checked the NITRO documentation for the new 12.1 release and still couldn't find a api method for this. I can not imagine that there is no api method for this. Most likely this is just a documentation bug or I'm missing something. Did you run into the same problem?

By the way, using the raw Module works fine when connection to a NetScaler appliance. This is a much better solution than running "ssh" trough the shell module on the ansible control host.

- name: Bind SSL profile to CS vServer
  raw: "set ssl vserver vs_cs_ssl_sharefile -sslProfile ssl_profile_frontend_sni"

[nravid]

I'd like to think that the method is just missing from the documentation, but it is also missing from the NetScaler NITRO GUI client (at least in v12.0-54.20).

I am performing these calls from PowerShell, so I need to translate the raw call through ssh, If I find an easier way, I will post here.

[nravid]

Have you tried the sslvserver PUT method with the following payload:

{"sslvserver":{ "vservername":, "sslprofile": }}

Confirmed that this works on a CS vServer as well as an LB vServer.

[slauger]

Hi @nravid,

thanks a lot, that one did the job!

 - name: Bind SSL profile to CS vServer
  netscaler_raw:
    url: "{{ netscaler_url }}"
    username: "{{ netscaler_username }}"
    password: "{{ netscaler_password }}"
    method: "put"
    objecttype: "sslvserver"
    data:
      sslprofile_sslvserver_binding:
        - sslprofile: "{{ netscaler_sharefile_sslprofile }}"
          vservername: vs_cs_ssl_sharefile
  when: netscaler_sharefile_sslprofile is defined

That was the last ssh based step in my ansible playbook. Great. :)