Public/adc-functions-conf-ssl.ps1
|
function Invoke-ADCAddSslaction { <# .SYNOPSIS Add SSL configuration Object. .DESCRIPTION Configuration for SSL action resource. .PARAMETER Name Name for the SSL action. Must begin with an ASCII alphanumeric or underscore (_) character, and must contain only ASCII alphanumeric, underscore, hash (#), period (.), space, colon (:), at (@), equals (=), and hyphen (-) characters. Cannot be changed after the action is created. .PARAMETER Clientauth Perform client certificate authentication. Possible values = DOCLIENTAUTH, NOCLIENTAUTH .PARAMETER Clientcertverification Client certificate verification is mandatory or optional. Possible values = Mandatory, Optional .PARAMETER Ssllogprofile The name of the ssllogprofile. .PARAMETER Clientcert Insert the entire client certificate into the HTTP header of the request being sent to the web server. The certificate is inserted in ASCII (PEM) format. Possible values = ENABLED, DISABLED .PARAMETER Certheader Name of the header into which to insert the client certificate. .PARAMETER Clientcertserialnumber Insert the entire client serial number into the HTTP header of the request being sent to the web server. Possible values = ENABLED, DISABLED .PARAMETER Certserialheader Name of the header into which to insert the client serial number. .PARAMETER Clientcertsubject Insert the client certificate subject, also known as the distinguished name (DN), into the HTTP header of the request being sent to the web server. Possible values = ENABLED, DISABLED .PARAMETER Certsubjectheader Name of the header into which to insert the client certificate subject. .PARAMETER Clientcerthash Insert the certificate's signature into the HTTP header of the request being sent to the web server. The signature is the value extracted directly from the X.509 certificate signature field. All X.509 certificates contain a signature field. Possible values = ENABLED, DISABLED .PARAMETER Certhashheader Name of the header into which to insert the client certificate signature (hash). .PARAMETER Clientcertfingerprint Insert the certificate's fingerprint into the HTTP header of the request being sent to the web server. The fingerprint is derived by computing the specified hash value (SHA256, for example) of the DER-encoding of the client certificate. Possible values = ENABLED, DISABLED .PARAMETER Certfingerprintheader Name of the header into which to insert the client certificate fingerprint. .PARAMETER Certfingerprintdigest Digest algorithm used to compute the fingerprint of the client certificate. Possible values = SHA1, SHA224, SHA256, SHA384, SHA512 .PARAMETER Clientcertissuer Insert the certificate issuer details into the HTTP header of the request being sent to the web server. Possible values = ENABLED, DISABLED .PARAMETER Certissuerheader Name of the header into which to insert the client certificate issuer details. .PARAMETER Sessionid Insert the SSL session ID into the HTTP header of the request being sent to the web server. Every SSL connection that the client and the Citrix ADC share has a unique ID that identifies the specific connection. Possible values = ENABLED, DISABLED .PARAMETER Sessionidheader Name of the header into which to insert the Session ID. .PARAMETER Cipher Insert the cipher suite that the client and the Citrix ADC negotiated for the SSL session into the HTTP header of the request being sent to the web server. The appliance inserts the cipher-suite name, SSL protocol, export or non-export string, and cipher strength bit, depending on the type of browser connecting to the SSL virtual server or service (for example, Cipher-Suite: RC4- MD5 SSLv3 Non-Export 128-bit). Possible values = ENABLED, DISABLED .PARAMETER Cipherheader Name of the header into which to insert the name of the cipher suite. .PARAMETER Clientcertnotbefore Insert the date from which the certificate is valid into the HTTP header of the request being sent to the web server. Every certificate is configured with the date and time from which it is valid. Possible values = ENABLED, DISABLED .PARAMETER Certnotbeforeheader Name of the header into which to insert the date and time from which the certificate is valid. .PARAMETER Clientcertnotafter Insert the date of expiry of the certificate into the HTTP header of the request being sent to the web server. Every certificate is configured with the date and time at which the certificate expires. Possible values = ENABLED, DISABLED .PARAMETER Certnotafterheader Name of the header into which to insert the certificate's expiry date. .PARAMETER Owasupport If the appliance is in front of an Outlook Web Access (OWA) server, insert a special header field, FRONT-END-HTTPS: ON, into the HTTP requests going to the OWA server. This header communicates to the server that the transaction is HTTPS and not HTTP. Possible values = ENABLED, DISABLED .PARAMETER Forward This action takes an argument a vserver name, to this vserver one will be able to forward all the packets. .PARAMETER Cacertgrpname This action will allow to pick CA(s) from the specific CA group, to verify the client certificate. .PARAMETER PassThru Return details about the created sslaction item. .EXAMPLE PS C:\>Invoke-ADCAddSslaction -name <string> An example how to add sslaction configuration Object(s). .NOTES File Name : Invoke-ADCAddSslaction Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslaction/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(Mandatory)] [ValidateScript({ $_.Length -gt 1 })] [ValidatePattern('^(([a-zA-Z0-9]|[_])+([a-zA-Z0-9]|[_])+)$')] [string]$Name, [ValidateSet('DOCLIENTAUTH', 'NOCLIENTAUTH')] [string]$Clientauth, [ValidateSet('Mandatory', 'Optional')] [string]$Clientcertverification = 'Mandatory', [ValidateLength(1, 127)] [string]$Ssllogprofile, [ValidateSet('ENABLED', 'DISABLED')] [string]$Clientcert, [string]$Certheader, [ValidateSet('ENABLED', 'DISABLED')] [string]$Clientcertserialnumber, [string]$Certserialheader, [ValidateSet('ENABLED', 'DISABLED')] [string]$Clientcertsubject, [string]$Certsubjectheader, [ValidateSet('ENABLED', 'DISABLED')] [string]$Clientcerthash, [string]$Certhashheader, [ValidateSet('ENABLED', 'DISABLED')] [string]$Clientcertfingerprint, [string]$Certfingerprintheader, [ValidateSet('SHA1', 'SHA224', 'SHA256', 'SHA384', 'SHA512')] [string]$Certfingerprintdigest, [ValidateSet('ENABLED', 'DISABLED')] [string]$Clientcertissuer, [string]$Certissuerheader, [ValidateSet('ENABLED', 'DISABLED')] [string]$Sessionid, [string]$Sessionidheader, [ValidateSet('ENABLED', 'DISABLED')] [string]$Cipher, [string]$Cipherheader, [ValidateSet('ENABLED', 'DISABLED')] [string]$Clientcertnotbefore, [string]$Certnotbeforeheader, [ValidateSet('ENABLED', 'DISABLED')] [string]$Clientcertnotafter, [string]$Certnotafterheader, [ValidateSet('ENABLED', 'DISABLED')] [string]$Owasupport, [ValidateLength(1, 127)] [string]$Forward, [ValidateLength(1, 31)] [string]$Cacertgrpname, [Switch]$PassThru ) begin { Write-Verbose "Invoke-ADCAddSslaction: Starting" } process { try { $payload = @{ name = $name } if ( $PSBoundParameters.ContainsKey('clientauth') ) { $payload.Add('clientauth', $clientauth) } if ( $PSBoundParameters.ContainsKey('clientcertverification') ) { $payload.Add('clientcertverification', $clientcertverification) } if ( $PSBoundParameters.ContainsKey('ssllogprofile') ) { $payload.Add('ssllogprofile', $ssllogprofile) } if ( $PSBoundParameters.ContainsKey('clientcert') ) { $payload.Add('clientcert', $clientcert) } if ( $PSBoundParameters.ContainsKey('certheader') ) { $payload.Add('certheader', $certheader) } if ( $PSBoundParameters.ContainsKey('clientcertserialnumber') ) { $payload.Add('clientcertserialnumber', $clientcertserialnumber) } if ( $PSBoundParameters.ContainsKey('certserialheader') ) { $payload.Add('certserialheader', $certserialheader) } if ( $PSBoundParameters.ContainsKey('clientcertsubject') ) { $payload.Add('clientcertsubject', $clientcertsubject) } if ( $PSBoundParameters.ContainsKey('certsubjectheader') ) { $payload.Add('certsubjectheader', $certsubjectheader) } if ( $PSBoundParameters.ContainsKey('clientcerthash') ) { $payload.Add('clientcerthash', $clientcerthash) } if ( $PSBoundParameters.ContainsKey('certhashheader') ) { $payload.Add('certhashheader', $certhashheader) } if ( $PSBoundParameters.ContainsKey('clientcertfingerprint') ) { $payload.Add('clientcertfingerprint', $clientcertfingerprint) } if ( $PSBoundParameters.ContainsKey('certfingerprintheader') ) { $payload.Add('certfingerprintheader', $certfingerprintheader) } if ( $PSBoundParameters.ContainsKey('certfingerprintdigest') ) { $payload.Add('certfingerprintdigest', $certfingerprintdigest) } if ( $PSBoundParameters.ContainsKey('clientcertissuer') ) { $payload.Add('clientcertissuer', $clientcertissuer) } if ( $PSBoundParameters.ContainsKey('certissuerheader') ) { $payload.Add('certissuerheader', $certissuerheader) } if ( $PSBoundParameters.ContainsKey('sessionid') ) { $payload.Add('sessionid', $sessionid) } if ( $PSBoundParameters.ContainsKey('sessionidheader') ) { $payload.Add('sessionidheader', $sessionidheader) } if ( $PSBoundParameters.ContainsKey('cipher') ) { $payload.Add('cipher', $cipher) } if ( $PSBoundParameters.ContainsKey('cipherheader') ) { $payload.Add('cipherheader', $cipherheader) } if ( $PSBoundParameters.ContainsKey('clientcertnotbefore') ) { $payload.Add('clientcertnotbefore', $clientcertnotbefore) } if ( $PSBoundParameters.ContainsKey('certnotbeforeheader') ) { $payload.Add('certnotbeforeheader', $certnotbeforeheader) } if ( $PSBoundParameters.ContainsKey('clientcertnotafter') ) { $payload.Add('clientcertnotafter', $clientcertnotafter) } if ( $PSBoundParameters.ContainsKey('certnotafterheader') ) { $payload.Add('certnotafterheader', $certnotafterheader) } if ( $PSBoundParameters.ContainsKey('owasupport') ) { $payload.Add('owasupport', $owasupport) } if ( $PSBoundParameters.ContainsKey('forward') ) { $payload.Add('forward', $forward) } if ( $PSBoundParameters.ContainsKey('cacertgrpname') ) { $payload.Add('cacertgrpname', $cacertgrpname) } if ( $PSCmdlet.ShouldProcess("sslaction", "Add SSL configuration Object") ) { $result = Invoke-ADCNitroApi -ADCSession $ADCSession -Method POST -NitroPath nitro/v1/config -Type sslaction -Payload $payload -GetWarning #HTTP Status Code on Success: 201 Created #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error if ( $PSBoundParameters.ContainsKey('PassThru') ) { Write-Output (Invoke-ADCGetSslaction -Filter $payload) } else { Write-Output $result } } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCAddSslaction: Finished" } } function Invoke-ADCDeleteSslaction { <# .SYNOPSIS Delete SSL configuration Object. .DESCRIPTION Configuration for SSL action resource. .PARAMETER Name Name for the SSL action. Must begin with an ASCII alphanumeric or underscore (_) character, and must contain only ASCII alphanumeric, underscore, hash (#), period (.), space, colon (:), at (@), equals (=), and hyphen (-) characters. Cannot be changed after the action is created. .EXAMPLE PS C:\>Invoke-ADCDeleteSslaction -Name <string> An example how to delete sslaction configuration Object(s). .NOTES File Name : Invoke-ADCDeleteSslaction Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslaction/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(Mandatory)] [string]$Name ) begin { Write-Verbose "Invoke-ADCDeleteSslaction: Starting" } process { try { $arguments = @{ } if ( $PSCmdlet.ShouldProcess("$name", "Delete SSL configuration Object") ) { $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method DELETE -Type sslaction -NitroPath nitro/v1/config -Resource $name -Arguments $arguments #HTTP Status Code on Success: 200 OK #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error Write-Output $response } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCDeleteSslaction: Finished" } } function Invoke-ADCGetSslaction { <# .SYNOPSIS Get SSL configuration object(s). .DESCRIPTION Configuration for SSL action resource. .PARAMETER Name Name for the SSL action. Must begin with an ASCII alphanumeric or underscore (_) character, and must contain only ASCII alphanumeric, underscore, hash (#), period (.), space, colon (:), at (@), equals (=), and hyphen (-) characters. Cannot be changed after the action is created. .PARAMETER GetAll Retrieve all sslaction object(s). .PARAMETER Count If specified, the count of the sslaction object(s) will be returned. .PARAMETER Filter Specify a filter. -Filter @{ 'name'='<value>' } .PARAMETER ViewSummary When specified, only a summary of information is returned. .EXAMPLE PS C:\>Invoke-ADCGetSslaction Get data. .EXAMPLE PS C:\>Invoke-ADCGetSslaction -GetAll Get all sslaction data. .EXAMPLE PS C:\>Invoke-ADCGetSslaction -Count Get the number of sslaction objects. .EXAMPLE PS C:\>Invoke-ADCGetSslaction -name <string> Get sslaction object by specifying for example the name. .EXAMPLE PS C:\>Invoke-ADCGetSslaction -Filter @{ 'name'='<value>' } Get sslaction data with a filter. .NOTES File Name : Invoke-ADCGetSslaction Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslaction/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(DefaultParameterSetName = "GetAll")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(ParameterSetName = 'GetByResource')] [ValidateScript({ $_.Length -gt 1 })] [ValidatePattern('^(([a-zA-Z0-9]|[_])+([a-zA-Z0-9]|[_])+)$')] [string]$Name, [Parameter(ParameterSetName = 'Count', Mandatory)] [Switch]$Count, [hashtable]$Filter = @{ }, [Parameter(ParameterSetName = 'GetAll')] [Switch]$GetAll, [Parameter(ParameterSetName = 'GetAll')] [Parameter(ParameterSetName = 'Get')] [Switch]$ViewSummary ) begin { Write-Verbose "Invoke-ADCGetSslaction: Beginning" } process { try { if ( $PsCmdlet.ParameterSetName -eq 'GetAll' ) { $query = @{ } Write-Verbose "Retrieving all sslaction objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslaction -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'Count' ) { if ( $PSBoundParameters.ContainsKey('Count') ) { $query = @{ 'count' = 'yes' } } Write-Verbose "Retrieving total count for sslaction objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslaction -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByArgument' ) { Write-Verbose "Retrieving sslaction objects by arguments" $arguments = @{ } $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslaction -NitroPath nitro/v1/config -Arguments $arguments -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByResource' ) { Write-Verbose "Retrieving sslaction configuration for property 'name'" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslaction -NitroPath nitro/v1/config -Resource $name -Summary:$ViewSummary -Filter $Filter -GetWarning } else { Write-Verbose "Retrieving sslaction configuration objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslaction -NitroPath nitro/v1/config -Summary:$ViewSummary -Query $query -Filter $Filter -GetWarning } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" $response = $null } Write-Output $response } end { Write-Verbose "Invoke-ADCGetSslaction: Ended" } } function Invoke-ADCAddSslcacertgroup { <# .SYNOPSIS Add SSL configuration Object. .DESCRIPTION Configuration for Group of CA certificate-key pairs resource. .PARAMETER Cacertgroupname Name given to the CA certificate group. The name will be used to add the CA certificates to the group. Must begin with an ASCII alphanumeric or underscore (_) character, and must contain only ASCII alphanumeric, underscore, hash (#), period (.), space, colon (:), at (@), equals (=), and hyphen (-) characters. .PARAMETER PassThru Return details about the created sslcacertgroup item. .EXAMPLE PS C:\>Invoke-ADCAddSslcacertgroup -cacertgroupname <string> An example how to add sslcacertgroup configuration Object(s). .NOTES File Name : Invoke-ADCAddSslcacertgroup Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslcacertgroup/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(Mandatory)] [ValidatePattern('^(([a-zA-Z0-9]|[_])+([a-zA-Z0-9]|[_])+)$')] [ValidateLength(1, 31)] [string]$Cacertgroupname, [Switch]$PassThru ) begin { Write-Verbose "Invoke-ADCAddSslcacertgroup: Starting" } process { try { $payload = @{ cacertgroupname = $cacertgroupname } if ( $PSCmdlet.ShouldProcess("sslcacertgroup", "Add SSL configuration Object") ) { $result = Invoke-ADCNitroApi -ADCSession $ADCSession -Method POST -NitroPath nitro/v1/config -Type sslcacertgroup -Payload $payload -GetWarning #HTTP Status Code on Success: 201 Created #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error if ( $PSBoundParameters.ContainsKey('PassThru') ) { Write-Output (Invoke-ADCGetSslcacertgroup -Filter $payload) } else { Write-Output $result } } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCAddSslcacertgroup: Finished" } } function Invoke-ADCDeleteSslcacertgroup { <# .SYNOPSIS Delete SSL configuration Object. .DESCRIPTION Configuration for Group of CA certificate-key pairs resource. .PARAMETER Cacertgroupname Name given to the CA certificate group. The name will be used to add the CA certificates to the group. Must begin with an ASCII alphanumeric or underscore (_) character, and must contain only ASCII alphanumeric, underscore, hash (#), period (.), space, colon (:), at (@), equals (=), and hyphen (-) characters. .EXAMPLE PS C:\>Invoke-ADCDeleteSslcacertgroup -Cacertgroupname <string> An example how to delete sslcacertgroup configuration Object(s). .NOTES File Name : Invoke-ADCDeleteSslcacertgroup Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslcacertgroup/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(Mandatory)] [string]$Cacertgroupname ) begin { Write-Verbose "Invoke-ADCDeleteSslcacertgroup: Starting" } process { try { $arguments = @{ } if ( $PSCmdlet.ShouldProcess("$cacertgroupname", "Delete SSL configuration Object") ) { $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method DELETE -Type sslcacertgroup -NitroPath nitro/v1/config -Resource $cacertgroupname -Arguments $arguments #HTTP Status Code on Success: 200 OK #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error Write-Output $response } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCDeleteSslcacertgroup: Finished" } } function Invoke-ADCGetSslcacertgroup { <# .SYNOPSIS Get SSL configuration object(s). .DESCRIPTION Configuration for Group of CA certificate-key pairs resource. .PARAMETER Cacertgroupname Name given to the CA certificate group. The name will be used to add the CA certificates to the group. Must begin with an ASCII alphanumeric or underscore (_) character, and must contain only ASCII alphanumeric, underscore, hash (#), period (.), space, colon (:), at (@), equals (=), and hyphen (-) characters. .PARAMETER GetAll Retrieve all sslcacertgroup object(s). .PARAMETER Count If specified, the count of the sslcacertgroup object(s) will be returned. .PARAMETER Filter Specify a filter. -Filter @{ 'name'='<value>' } .PARAMETER ViewSummary When specified, only a summary of information is returned. .EXAMPLE PS C:\>Invoke-ADCGetSslcacertgroup Get data. .EXAMPLE PS C:\>Invoke-ADCGetSslcacertgroup -GetAll Get all sslcacertgroup data. .EXAMPLE PS C:\>Invoke-ADCGetSslcacertgroup -Count Get the number of sslcacertgroup objects. .EXAMPLE PS C:\>Invoke-ADCGetSslcacertgroup -name <string> Get sslcacertgroup object by specifying for example the name. .EXAMPLE PS C:\>Invoke-ADCGetSslcacertgroup -Filter @{ 'name'='<value>' } Get sslcacertgroup data with a filter. .NOTES File Name : Invoke-ADCGetSslcacertgroup Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslcacertgroup/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(DefaultParameterSetName = "GetAll")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(ParameterSetName = 'GetByResource')] [ValidatePattern('^(([a-zA-Z0-9]|[_])+([a-zA-Z0-9]|[_])+)$')] [ValidateLength(1, 31)] [string]$Cacertgroupname, [Parameter(ParameterSetName = 'Count', Mandatory)] [Switch]$Count, [hashtable]$Filter = @{ }, [Parameter(ParameterSetName = 'GetAll')] [Switch]$GetAll, [Parameter(ParameterSetName = 'GetAll')] [Parameter(ParameterSetName = 'Get')] [Switch]$ViewSummary ) begin { Write-Verbose "Invoke-ADCGetSslcacertgroup: Beginning" } process { try { if ( $PsCmdlet.ParameterSetName -eq 'GetAll' ) { $query = @{ } Write-Verbose "Retrieving all sslcacertgroup objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcacertgroup -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'Count' ) { if ( $PSBoundParameters.ContainsKey('Count') ) { $query = @{ 'count' = 'yes' } } Write-Verbose "Retrieving total count for sslcacertgroup objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcacertgroup -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByArgument' ) { Write-Verbose "Retrieving sslcacertgroup objects by arguments" $arguments = @{ } $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcacertgroup -NitroPath nitro/v1/config -Arguments $arguments -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByResource' ) { Write-Verbose "Retrieving sslcacertgroup configuration for property 'cacertgroupname'" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcacertgroup -NitroPath nitro/v1/config -Resource $cacertgroupname -Summary:$ViewSummary -Filter $Filter -GetWarning } else { Write-Verbose "Retrieving sslcacertgroup configuration objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcacertgroup -NitroPath nitro/v1/config -Summary:$ViewSummary -Query $query -Filter $Filter -GetWarning } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" $response = $null } Write-Output $response } end { Write-Verbose "Invoke-ADCGetSslcacertgroup: Ended" } } function Invoke-ADCGetSslcacertgroupbinding { <# .SYNOPSIS Get SSL configuration object(s). .DESCRIPTION Binding object which returns the resources bound to sslcacertgroup. .PARAMETER Cacertgroupname Name of the CA certificate group for which to show detailed information. .PARAMETER GetAll Retrieve all sslcacertgroup_binding object(s). .PARAMETER Count If specified, the count of the sslcacertgroup_binding object(s) will be returned. .PARAMETER Filter Specify a filter. -Filter @{ 'name'='<value>' } .PARAMETER ViewSummary When specified, only a summary of information is returned. .EXAMPLE PS C:\>Invoke-ADCGetSslcacertgroupbinding Get data. .EXAMPLE PS C:\>Invoke-ADCGetSslcacertgroupbinding -GetAll Get all sslcacertgroup_binding data. .EXAMPLE PS C:\>Invoke-ADCGetSslcacertgroupbinding -name <string> Get sslcacertgroup_binding object by specifying for example the name. .EXAMPLE PS C:\>Invoke-ADCGetSslcacertgroupbinding -Filter @{ 'name'='<value>' } Get sslcacertgroup_binding data with a filter. .NOTES File Name : Invoke-ADCGetSslcacertgroupbinding Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslcacertgroup_binding/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(DefaultParameterSetName = "GetAll")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(ParameterSetName = 'GetByResource')] [ValidateLength(1, 31)] [string]$Cacertgroupname, [hashtable]$Filter = @{ }, [Parameter(ParameterSetName = 'GetAll')] [Switch]$GetAll ) begin { Write-Verbose "Invoke-ADCGetSslcacertgroupbinding: Beginning" } process { try { if ( $PsCmdlet.ParameterSetName -eq 'GetAll' ) { $query = @{ bulkbindings = 'yes' } Write-Verbose "Retrieving all sslcacertgroup_binding objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcacertgroup_binding -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'Count' ) { if ( $PSBoundParameters.ContainsKey('Count') ) { $query = @{ 'count' = 'yes' } } Write-Verbose "Retrieving total count for sslcacertgroup_binding objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcacertgroup_binding -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByArgument' ) { Write-Verbose "Retrieving sslcacertgroup_binding objects by arguments" $arguments = @{ } $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcacertgroup_binding -NitroPath nitro/v1/config -Arguments $arguments -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByResource' ) { Write-Verbose "Retrieving sslcacertgroup_binding configuration for property 'cacertgroupname'" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcacertgroup_binding -NitroPath nitro/v1/config -Resource $cacertgroupname -Summary:$ViewSummary -Filter $Filter -GetWarning } else { Write-Verbose "Retrieving sslcacertgroup_binding configuration objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcacertgroup_binding -NitroPath nitro/v1/config -Summary:$ViewSummary -Query $query -Filter $Filter -GetWarning } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" $response = $null } Write-Output $response } end { Write-Verbose "Invoke-ADCGetSslcacertgroupbinding: Ended" } } function Invoke-ADCAddSslcacertgroupsslcertkeybinding { <# .SYNOPSIS Add SSL configuration Object. .DESCRIPTION Binding object showing the sslcertkey that can be bound to sslcacertgroup. .PARAMETER Cacertgroupname Name given to the CA certificate group. The name will be used to add the CA certificates to the group. Must begin with an ASCII alphanumeric or underscore (_) character, and must contain only ASCII alphanumeric, underscore, hash (#), period (.), space, colon (:), at (@), equals (=), and hyphen (-) characters. .PARAMETER Certkeyname Name for the certkey added to the Citrix ADC. Must begin with an ASCII alphanumeric or underscore (_) character, and must contain only ASCII alphanumeric, underscore, hash (#), period (.), space, colon (:), at (@), equals (=), and hyphen (-) characters. Cannot be changed after the certificate-key pair is created. .PARAMETER Crlcheck The state of the CRL check parameter. (Mandatory/Optional). Possible values = Mandatory, Optional .PARAMETER Ocspcheck The state of the OCSP check parameter. (Mandatory/Optional). Possible values = Mandatory, Optional .PARAMETER PassThru Return details about the created sslcacertgroup_sslcertkey_binding item. .EXAMPLE PS C:\>Invoke-ADCAddSslcacertgroupsslcertkeybinding -cacertgroupname <string> -certkeyname <string> An example how to add sslcacertgroup_sslcertkey_binding configuration Object(s). .NOTES File Name : Invoke-ADCAddSslcacertgroupsslcertkeybinding Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslcacertgroup_sslcertkey_binding/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(Mandatory)] [ValidatePattern('^(([a-zA-Z0-9]|[_])+([a-zA-Z0-9]|[_])+)$')] [ValidateLength(1, 31)] [string]$Cacertgroupname, [Parameter(Mandatory)] [ValidatePattern('^(([a-zA-Z0-9]|[_])+([a-zA-Z0-9]|[_])+)$')] [ValidateLength(1, 31)] [string]$Certkeyname, [ValidateSet('Mandatory', 'Optional')] [string]$Crlcheck, [ValidateSet('Mandatory', 'Optional')] [string]$Ocspcheck, [Switch]$PassThru ) begin { Write-Verbose "Invoke-ADCAddSslcacertgroupsslcertkeybinding: Starting" } process { try { $payload = @{ cacertgroupname = $cacertgroupname certkeyname = $certkeyname } if ( $PSBoundParameters.ContainsKey('crlcheck') ) { $payload.Add('crlcheck', $crlcheck) } if ( $PSBoundParameters.ContainsKey('ocspcheck') ) { $payload.Add('ocspcheck', $ocspcheck) } if ( $PSCmdlet.ShouldProcess("sslcacertgroup_sslcertkey_binding", "Add SSL configuration Object") ) { $result = Invoke-ADCNitroApi -ADCSession $ADCSession -Method PUT -NitroPath nitro/v1/config -Type sslcacertgroup_sslcertkey_binding -Payload $payload -GetWarning #HTTP Status Code on Success: 201 Created #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error if ( $PSBoundParameters.ContainsKey('PassThru') ) { Write-Output (Invoke-ADCGetSslcacertgroupsslcertkeybinding -Filter $payload) } else { Write-Output $result } } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCAddSslcacertgroupsslcertkeybinding: Finished" } } function Invoke-ADCDeleteSslcacertgroupsslcertkeybinding { <# .SYNOPSIS Delete SSL configuration Object. .DESCRIPTION Binding object showing the sslcertkey that can be bound to sslcacertgroup. .PARAMETER Cacertgroupname Name given to the CA certificate group. The name will be used to add the CA certificates to the group. Must begin with an ASCII alphanumeric or underscore (_) character, and must contain only ASCII alphanumeric, underscore, hash (#), period (.), space, colon (:), at (@), equals (=), and hyphen (-) characters. .PARAMETER Certkeyname Name for the certkey added to the Citrix ADC. Must begin with an ASCII alphanumeric or underscore (_) character, and must contain only ASCII alphanumeric, underscore, hash (#), period (.), space, colon (:), at (@), equals (=), and hyphen (-) characters. Cannot be changed after the certificate-key pair is created. .EXAMPLE PS C:\>Invoke-ADCDeleteSslcacertgroupsslcertkeybinding -Cacertgroupname <string> An example how to delete sslcacertgroup_sslcertkey_binding configuration Object(s). .NOTES File Name : Invoke-ADCDeleteSslcacertgroupsslcertkeybinding Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslcacertgroup_sslcertkey_binding/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(Mandatory)] [string]$Cacertgroupname, [string]$Certkeyname ) begin { Write-Verbose "Invoke-ADCDeleteSslcacertgroupsslcertkeybinding: Starting" } process { try { $arguments = @{ } if ( $PSBoundParameters.ContainsKey('Certkeyname') ) { $arguments.Add('certkeyname', $Certkeyname) } if ( $PSCmdlet.ShouldProcess("$cacertgroupname", "Delete SSL configuration Object") ) { $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method DELETE -Type sslcacertgroup_sslcertkey_binding -NitroPath nitro/v1/config -Resource $cacertgroupname -Arguments $arguments #HTTP Status Code on Success: 200 OK #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error Write-Output $response } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCDeleteSslcacertgroupsslcertkeybinding: Finished" } } function Invoke-ADCGetSslcacertgroupsslcertkeybinding { <# .SYNOPSIS Get SSL configuration object(s). .DESCRIPTION Binding object showing the sslcertkey that can be bound to sslcacertgroup. .PARAMETER Cacertgroupname Name given to the CA certificate group. The name will be used to add the CA certificates to the group. Must begin with an ASCII alphanumeric or underscore (_) character, and must contain only ASCII alphanumeric, underscore, hash (#), period (.), space, colon (:), at (@), equals (=), and hyphen (-) characters. .PARAMETER GetAll Retrieve all sslcacertgroup_sslcertkey_binding object(s). .PARAMETER Count If specified, the count of the sslcacertgroup_sslcertkey_binding object(s) will be returned. .PARAMETER Filter Specify a filter. -Filter @{ 'name'='<value>' } .PARAMETER ViewSummary When specified, only a summary of information is returned. .EXAMPLE PS C:\>Invoke-ADCGetSslcacertgroupsslcertkeybinding Get data. .EXAMPLE PS C:\>Invoke-ADCGetSslcacertgroupsslcertkeybinding -GetAll Get all sslcacertgroup_sslcertkey_binding data. .EXAMPLE PS C:\>Invoke-ADCGetSslcacertgroupsslcertkeybinding -Count Get the number of sslcacertgroup_sslcertkey_binding objects. .EXAMPLE PS C:\>Invoke-ADCGetSslcacertgroupsslcertkeybinding -name <string> Get sslcacertgroup_sslcertkey_binding object by specifying for example the name. .EXAMPLE PS C:\>Invoke-ADCGetSslcacertgroupsslcertkeybinding -Filter @{ 'name'='<value>' } Get sslcacertgroup_sslcertkey_binding data with a filter. .NOTES File Name : Invoke-ADCGetSslcacertgroupsslcertkeybinding Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslcacertgroup_sslcertkey_binding/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(DefaultParameterSetName = "GetAll")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(ParameterSetName = 'GetByResource')] [ValidatePattern('^(([a-zA-Z0-9]|[_])+([a-zA-Z0-9]|[_])+)$')] [ValidateLength(1, 31)] [string]$Cacertgroupname, [Parameter(ParameterSetName = 'Count', Mandatory)] [Switch]$Count, [hashtable]$Filter = @{ }, [Parameter(ParameterSetName = 'GetAll')] [Switch]$GetAll ) begin { Write-Verbose "Invoke-ADCGetSslcacertgroupsslcertkeybinding: Beginning" } process { try { if ( $PsCmdlet.ParameterSetName -eq 'GetAll' ) { $query = @{ bulkbindings = 'yes' } Write-Verbose "Retrieving all sslcacertgroup_sslcertkey_binding objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcacertgroup_sslcertkey_binding -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'Count' ) { if ( $PSBoundParameters.ContainsKey('Count') ) { $query = @{ 'count' = 'yes' } } Write-Verbose "Retrieving total count for sslcacertgroup_sslcertkey_binding objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcacertgroup_sslcertkey_binding -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByArgument' ) { Write-Verbose "Retrieving sslcacertgroup_sslcertkey_binding objects by arguments" $arguments = @{ } $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcacertgroup_sslcertkey_binding -NitroPath nitro/v1/config -Arguments $arguments -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByResource' ) { Write-Verbose "Retrieving sslcacertgroup_sslcertkey_binding configuration for property 'cacertgroupname'" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcacertgroup_sslcertkey_binding -NitroPath nitro/v1/config -Resource $cacertgroupname -Summary:$ViewSummary -Filter $Filter -GetWarning } else { Write-Verbose "Retrieving sslcacertgroup_sslcertkey_binding configuration objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcacertgroup_sslcertkey_binding -NitroPath nitro/v1/config -Summary:$ViewSummary -Query $query -Filter $Filter -GetWarning } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" $response = $null } Write-Output $response } end { Write-Verbose "Invoke-ADCGetSslcacertgroupsslcertkeybinding: Ended" } } function Invoke-ADCCreateSslcert { <# .SYNOPSIS Create SSL configuration Object. .DESCRIPTION Configuration for cerificate resource. .PARAMETER Certfile Name for and, optionally, path to the generated certificate file. /nsconfig/ssl/ is the default path. .PARAMETER Reqfile Name for and, optionally, path to the certificate-signing request (CSR). /nsconfig/ssl/ is the default path. .PARAMETER Certtype Type of certificate to generate. Specify one of the following: * ROOT_CERT - Self-signed Root-CA certificate. You must specify the key file name. The generated Root-CA certificate can be used for signing end-user client or server certificates or to create Intermediate-CA certificates. * INTM_CERT - Intermediate-CA certificate. * CLNT_CERT - End-user client certificate used for client authentication. * SRVR_CERT - SSL server certificate used on SSL servers for end-to-end encryption. Possible values = ROOT_CERT, INTM_CERT, CLNT_CERT, SRVR_CERT .PARAMETER Keyfile Name for and, optionally, path to the private key. You can either use an existing RSA or DSA key that you own or create a new private key on the Citrix ADC. This file is required only when creating a self-signed Root-CA certificate. The key file is stored in the /nsconfig/ssl directory by default. If the input key specified is an encrypted key, you are prompted to enter the PEM pass phrase that was used for encrypting the key. .PARAMETER Keyform Format in which the key is stored on the appliance. Possible values = DER, PEM .PARAMETER Pempassphrase . .PARAMETER Days Number of days for which the certificate will be valid, beginning with the time and day (system time) of creation. .PARAMETER Subjectaltname Subject Alternative Name (SAN) is an extension to X.509 that allows various values to be associated with a security certificate using a subjectAltName field. These values are called "Subject Alternative Names" (SAN). Names include: 1. Email addresses 2. IP addresses 3. URIs 4. DNS names (This is usually also provided as the Common Name RDN within the Subject field of the main certificate.) 5. directory names (alternative Distinguished Names to that given in the Subject). .PARAMETER Certform Format in which the certificate is stored on the appliance. Possible values = DER, PEM .PARAMETER Cacert Name of the CA certificate file that issues and signs the Intermediate-CA certificate or the end-user client and server certificates. .PARAMETER Cacertform Format of the CA certificate. Possible values = DER, PEM .PARAMETER Cakey Private key, associated with the CA certificate that is used to sign the Intermediate-CA certificate or the end-user client and server certificate. If the CA key file is password protected, the user is prompted to enter the pass phrase that was used to encrypt the key. .PARAMETER Cakeyform Format for the CA certificate. Possible values = DER, PEM .PARAMETER Caserial Serial number file maintained for the CA certificate. This file contains the serial number of the next certificate to be issued or signed by the CA. If the specified file does not exist, a new file is created, with /nsconfig/ssl/ as the default path. If you do not specify a proper path for the existing serial file, a new serial file is created. This might change the certificate serial numbers assigned by the CA certificate to each of the certificates it signs. .EXAMPLE PS C:\>Invoke-ADCCreateSslcert -certfile <string> -reqfile <string> -certtype <string> An example how to create sslcert configuration Object(s). .NOTES File Name : Invoke-ADCCreateSslcert Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslcert/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(Mandatory)] [string]$Certfile, [Parameter(Mandatory)] [string]$Reqfile, [Parameter(Mandatory)] [ValidateSet('ROOT_CERT', 'INTM_CERT', 'CLNT_CERT', 'SRVR_CERT')] [string]$Certtype, [string]$Keyfile, [ValidateSet('DER', 'PEM')] [string]$Keyform, [ValidateLength(1, 31)] [string]$Pempassphrase, [ValidateRange(1, 3650)] [double]$Days, [ValidateScript({ $_.Length -gt 1 })] [string]$Subjectaltname, [ValidateSet('DER', 'PEM')] [string]$Certform, [string]$Cacert, [ValidateSet('DER', 'PEM')] [string]$Cacertform, [string]$Cakey, [ValidateSet('DER', 'PEM')] [string]$Cakeyform, [string]$Caserial ) begin { Write-Verbose "Invoke-ADCCreateSslcert: Starting" } process { try { $payload = @{ certfile = $certfile reqfile = $reqfile certtype = $certtype } if ( $PSBoundParameters.ContainsKey('keyfile') ) { $payload.Add('keyfile', $keyfile) } if ( $PSBoundParameters.ContainsKey('keyform') ) { $payload.Add('keyform', $keyform) } if ( $PSBoundParameters.ContainsKey('pempassphrase') ) { $payload.Add('pempassphrase', $pempassphrase) } if ( $PSBoundParameters.ContainsKey('days') ) { $payload.Add('days', $days) } if ( $PSBoundParameters.ContainsKey('subjectaltname') ) { $payload.Add('subjectaltname', $subjectaltname) } if ( $PSBoundParameters.ContainsKey('certform') ) { $payload.Add('certform', $certform) } if ( $PSBoundParameters.ContainsKey('cacert') ) { $payload.Add('cacert', $cacert) } if ( $PSBoundParameters.ContainsKey('cacertform') ) { $payload.Add('cacertform', $cacertform) } if ( $PSBoundParameters.ContainsKey('cakey') ) { $payload.Add('cakey', $cakey) } if ( $PSBoundParameters.ContainsKey('cakeyform') ) { $payload.Add('cakeyform', $cakeyform) } if ( $PSBoundParameters.ContainsKey('caserial') ) { $payload.Add('caserial', $caserial) } if ( $PSCmdlet.ShouldProcess($Name, "Create SSL configuration Object") ) { $result = Invoke-ADCNitroApi -ADCSession $ADCSession -Method POST -NitroPath nitro/v1/config -Type sslcert -Action create -Payload $payload -GetWarning #HTTP Status Code on Success: 200 OK #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error Write-Output $result } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCCreateSslcert: Finished" } } function Invoke-ADCImportSslcertbundle { <# .SYNOPSIS Import SSL configuration Object. .DESCRIPTION Configuration for Imported Certbundle resource. .PARAMETER Name Name to assign to the imported certificate bundle. Must begin with an ASCII alphanumeric or underscore (_) character, and must contain only ASCII alphanumeric, underscore, hash (#), period (.), space, colon (:), at (@), equals (=), and hyphen (-) characters. .PARAMETER Src URL specifying the protocol, host, and path, including file name, to the certificate bundle to be imported or exported. For example, http://www.example.com/cert_bundle_file. NOTE: The import fails if the object to be imported is on an HTTPS server that requires client certificate authentication for access. .EXAMPLE PS C:\>Invoke-ADCImportSslcertbundle -name <string> -src <string> An example how to import sslcertbundle configuration Object(s). .NOTES File Name : Invoke-ADCImportSslcertbundle Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslcertbundle/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(Mandatory)] [ValidatePattern('^(([a-zA-Z0-9]|[_])+([a-zA-Z0-9]|[_])+)$')] [ValidateLength(1, 31)] [string]$Name, [Parameter(Mandatory)] [ValidateLength(1, 2047)] [string]$Src ) begin { Write-Verbose "Invoke-ADCImportSslcertbundle: Starting" } process { try { $payload = @{ name = $name src = $src } if ( $PSCmdlet.ShouldProcess($Name, "Import SSL configuration Object") ) { $result = Invoke-ADCNitroApi -ADCSession $ADCSession -Method POST -NitroPath nitro/v1/config -Type sslcertbundle -Action import -Payload $payload -GetWarning #HTTP Status Code on Success: 200 OK #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error Write-Output $result } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCImportSslcertbundle: Finished" } } function Invoke-ADCDeleteSslcertbundle { <# .SYNOPSIS Delete SSL configuration Object. .DESCRIPTION Configuration for Imported Certbundle resource. .PARAMETER Name Name to assign to the imported certificate bundle. Must begin with an ASCII alphanumeric or underscore (_) character, and must contain only ASCII alphanumeric, underscore, hash (#), period (.), space, colon (:), at (@), equals (=), and hyphen (-) characters. .EXAMPLE PS C:\>Invoke-ADCDeleteSslcertbundle An example how to delete sslcertbundle configuration Object(s). .NOTES File Name : Invoke-ADCDeleteSslcertbundle Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslcertbundle/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [string]$Name ) begin { Write-Verbose "Invoke-ADCDeleteSslcertbundle: Starting" } process { try { $arguments = @{ } if ( $PSBoundParameters.ContainsKey('Name') ) { $arguments.Add('name', $Name) } if ( $PSCmdlet.ShouldProcess("sslcertbundle", "Delete SSL configuration Object") ) { $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method DELETE -Type sslcertbundle -NitroPath nitro/v1/config -Resource $ -Arguments $arguments #HTTP Status Code on Success: 200 OK #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error Write-Output $response } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCDeleteSslcertbundle: Finished" } } function Invoke-ADCApplySslcertbundle { <# .SYNOPSIS Apply SSL configuration Object. .DESCRIPTION Configuration for Imported Certbundle resource. .PARAMETER Name Name to assign to the imported certificate bundle. Must begin with an ASCII alphanumeric or underscore (_) character, and must contain only ASCII alphanumeric, underscore, hash (#), period (.), space, colon (:), at (@), equals (=), and hyphen (-) characters. .EXAMPLE PS C:\>Invoke-ADCApplySslcertbundle -name <string> An example how to apply sslcertbundle configuration Object(s). .NOTES File Name : Invoke-ADCApplySslcertbundle Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslcertbundle/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(Mandatory)] [ValidatePattern('^(([a-zA-Z0-9]|[_])+([a-zA-Z0-9]|[_])+)$')] [ValidateLength(1, 31)] [string]$Name ) begin { Write-Verbose "Invoke-ADCApplySslcertbundle: Starting" } process { try { $payload = @{ name = $name } if ( $PSCmdlet.ShouldProcess($Name, "Apply SSL configuration Object") ) { $result = Invoke-ADCNitroApi -ADCSession $ADCSession -Method POST -NitroPath nitro/v1/config -Type sslcertbundle -Action apply -Payload $payload -GetWarning #HTTP Status Code on Success: 200 OK #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error Write-Output $result } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCApplySslcertbundle: Finished" } } function Invoke-ADCExportSslcertbundle { <# .SYNOPSIS Export SSL configuration Object. .DESCRIPTION Configuration for Imported Certbundle resource. .PARAMETER Name Name to assign to the imported certificate bundle. Must begin with an ASCII alphanumeric or underscore (_) character, and must contain only ASCII alphanumeric, underscore, hash (#), period (.), space, colon (:), at (@), equals (=), and hyphen (-) characters. .PARAMETER Src URL specifying the protocol, host, and path, including file name, to the certificate bundle to be imported or exported. For example, http://www.example.com/cert_bundle_file. NOTE: The import fails if the object to be imported is on an HTTPS server that requires client certificate authentication for access. .EXAMPLE PS C:\>Invoke-ADCExportSslcertbundle -name <string> -src <string> An example how to export sslcertbundle configuration Object(s). .NOTES File Name : Invoke-ADCExportSslcertbundle Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslcertbundle/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(Mandatory)] [ValidatePattern('^(([a-zA-Z0-9]|[_])+([a-zA-Z0-9]|[_])+)$')] [ValidateLength(1, 31)] [string]$Name, [Parameter(Mandatory)] [ValidateLength(1, 2047)] [string]$Src ) begin { Write-Verbose "Invoke-ADCExportSslcertbundle: Starting" } process { try { $payload = @{ name = $name src = $src } if ( $PSCmdlet.ShouldProcess($Name, "Export SSL configuration Object") ) { $result = Invoke-ADCNitroApi -ADCSession $ADCSession -Method POST -NitroPath nitro/v1/config -Type sslcertbundle -Action export -Payload $payload -GetWarning #HTTP Status Code on Success: 200 OK #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error Write-Output $result } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCExportSslcertbundle: Finished" } } function Invoke-ADCGetSslcertbundle { <# .SYNOPSIS Get SSL configuration object(s). .DESCRIPTION Configuration for Imported Certbundle resource. .PARAMETER GetAll Retrieve all sslcertbundle object(s). .PARAMETER Count If specified, the count of the sslcertbundle object(s) will be returned. .PARAMETER Filter Specify a filter. -Filter @{ 'name'='<value>' } .PARAMETER ViewSummary When specified, only a summary of information is returned. .EXAMPLE PS C:\>Invoke-ADCGetSslcertbundle Get data. .EXAMPLE PS C:\>Invoke-ADCGetSslcertbundle -GetAll Get all sslcertbundle data. .EXAMPLE PS C:\>Invoke-ADCGetSslcertbundle -Count Get the number of sslcertbundle objects. .EXAMPLE PS C:\>Invoke-ADCGetSslcertbundle -name <string> Get sslcertbundle object by specifying for example the name. .EXAMPLE PS C:\>Invoke-ADCGetSslcertbundle -Filter @{ 'name'='<value>' } Get sslcertbundle data with a filter. .NOTES File Name : Invoke-ADCGetSslcertbundle Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslcertbundle/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(DefaultParameterSetName = "GetAll")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(ParameterSetName = 'Count', Mandatory)] [Switch]$Count, [hashtable]$Filter = @{ }, [Parameter(ParameterSetName = 'GetAll')] [Switch]$GetAll, [Parameter(ParameterSetName = 'GetAll')] [Switch]$ViewSummary ) begin { Write-Verbose "Invoke-ADCGetSslcertbundle: Beginning" } process { try { if ( $PsCmdlet.ParameterSetName -eq 'GetAll' ) { $query = @{ } Write-Verbose "Retrieving all sslcertbundle objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcertbundle -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'Count' ) { if ( $PSBoundParameters.ContainsKey('Count') ) { $query = @{ 'count' = 'yes' } } Write-Verbose "Retrieving total count for sslcertbundle objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcertbundle -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByArgument' ) { Write-Verbose "Retrieving sslcertbundle objects by arguments" $arguments = @{ } $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcertbundle -NitroPath nitro/v1/config -Arguments $arguments -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByResource' ) { Write-Verbose "Retrieving sslcertbundle configuration for property ''" } else { Write-Verbose "Retrieving sslcertbundle configuration objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcertbundle -NitroPath nitro/v1/config -Summary:$ViewSummary -Query $query -Filter $Filter -GetWarning } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" $response = $null } Write-Output $response } end { Write-Verbose "Invoke-ADCGetSslcertbundle: Ended" } } function Invoke-ADCGetSslcertchain { <# .SYNOPSIS Get SSL configuration object(s). .DESCRIPTION Configuration for CERT Chain resource. .PARAMETER Certkeyname Name of the Certificate. .PARAMETER GetAll Retrieve all sslcertchain object(s). .PARAMETER Count If specified, the count of the sslcertchain object(s) will be returned. .PARAMETER Filter Specify a filter. -Filter @{ 'name'='<value>' } .PARAMETER ViewSummary When specified, only a summary of information is returned. .EXAMPLE PS C:\>Invoke-ADCGetSslcertchain Get data. .EXAMPLE PS C:\>Invoke-ADCGetSslcertchain -GetAll Get all sslcertchain data. .EXAMPLE PS C:\>Invoke-ADCGetSslcertchain -Count Get the number of sslcertchain objects. .EXAMPLE PS C:\>Invoke-ADCGetSslcertchain -name <string> Get sslcertchain object by specifying for example the name. .EXAMPLE PS C:\>Invoke-ADCGetSslcertchain -Filter @{ 'name'='<value>' } Get sslcertchain data with a filter. .NOTES File Name : Invoke-ADCGetSslcertchain Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslcertchain/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(DefaultParameterSetName = "GetAll")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(ParameterSetName = 'GetByResource')] [ValidateScript({ $_.Length -gt 1 })] [string]$Certkeyname, [Parameter(ParameterSetName = 'Count', Mandatory)] [Switch]$Count, [hashtable]$Filter = @{ }, [Parameter(ParameterSetName = 'GetAll')] [Switch]$GetAll, [Parameter(ParameterSetName = 'GetAll')] [Parameter(ParameterSetName = 'Get')] [Switch]$ViewSummary ) begin { Write-Verbose "Invoke-ADCGetSslcertchain: Beginning" } process { try { if ( $PsCmdlet.ParameterSetName -eq 'GetAll' ) { $query = @{ } Write-Verbose "Retrieving all sslcertchain objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcertchain -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'Count' ) { if ( $PSBoundParameters.ContainsKey('Count') ) { $query = @{ 'count' = 'yes' } } Write-Verbose "Retrieving total count for sslcertchain objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcertchain -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByArgument' ) { Write-Verbose "Retrieving sslcertchain objects by arguments" $arguments = @{ } $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcertchain -NitroPath nitro/v1/config -Arguments $arguments -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByResource' ) { Write-Verbose "Retrieving sslcertchain configuration for property 'certkeyname'" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcertchain -NitroPath nitro/v1/config -Resource $certkeyname -Summary:$ViewSummary -Filter $Filter -GetWarning } else { Write-Verbose "Retrieving sslcertchain configuration objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcertchain -NitroPath nitro/v1/config -Summary:$ViewSummary -Query $query -Filter $Filter -GetWarning } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" $response = $null } Write-Output $response } end { Write-Verbose "Invoke-ADCGetSslcertchain: Ended" } } function Invoke-ADCGetSslcertchainbinding { <# .SYNOPSIS Get SSL configuration object(s). .DESCRIPTION Binding object which returns the resources bound to sslcertchain. .PARAMETER Certkeyname Name of the Certificate. .PARAMETER GetAll Retrieve all sslcertchain_binding object(s). .PARAMETER Count If specified, the count of the sslcertchain_binding object(s) will be returned. .PARAMETER Filter Specify a filter. -Filter @{ 'name'='<value>' } .PARAMETER ViewSummary When specified, only a summary of information is returned. .EXAMPLE PS C:\>Invoke-ADCGetSslcertchainbinding Get data. .EXAMPLE PS C:\>Invoke-ADCGetSslcertchainbinding -GetAll Get all sslcertchain_binding data. .EXAMPLE PS C:\>Invoke-ADCGetSslcertchainbinding -name <string> Get sslcertchain_binding object by specifying for example the name. .EXAMPLE PS C:\>Invoke-ADCGetSslcertchainbinding -Filter @{ 'name'='<value>' } Get sslcertchain_binding data with a filter. .NOTES File Name : Invoke-ADCGetSslcertchainbinding Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslcertchain_binding/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(DefaultParameterSetName = "GetAll")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(ParameterSetName = 'GetByResource')] [ValidateScript({ $_.Length -gt 1 })] [string]$Certkeyname, [hashtable]$Filter = @{ }, [Parameter(ParameterSetName = 'GetAll')] [Switch]$GetAll ) begin { Write-Verbose "Invoke-ADCGetSslcertchainbinding: Beginning" } process { try { if ( $PsCmdlet.ParameterSetName -eq 'GetAll' ) { $query = @{ bulkbindings = 'yes' } Write-Verbose "Retrieving all sslcertchain_binding objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcertchain_binding -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'Count' ) { if ( $PSBoundParameters.ContainsKey('Count') ) { $query = @{ 'count' = 'yes' } } Write-Verbose "Retrieving total count for sslcertchain_binding objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcertchain_binding -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByArgument' ) { Write-Verbose "Retrieving sslcertchain_binding objects by arguments" $arguments = @{ } $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcertchain_binding -NitroPath nitro/v1/config -Arguments $arguments -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByResource' ) { Write-Verbose "Retrieving sslcertchain_binding configuration for property 'certkeyname'" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcertchain_binding -NitroPath nitro/v1/config -Resource $certkeyname -Summary:$ViewSummary -Filter $Filter -GetWarning } else { Write-Verbose "Retrieving sslcertchain_binding configuration objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcertchain_binding -NitroPath nitro/v1/config -Summary:$ViewSummary -Query $query -Filter $Filter -GetWarning } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" $response = $null } Write-Output $response } end { Write-Verbose "Invoke-ADCGetSslcertchainbinding: Ended" } } function Invoke-ADCGetSslcertchainsslcertkeybinding { <# .SYNOPSIS Get SSL configuration object(s). .DESCRIPTION Binding object showing the sslcertkey that can be bound to sslcertchain. .PARAMETER Certkeyname Name of the Certificate. .PARAMETER GetAll Retrieve all sslcertchain_sslcertkey_binding object(s). .PARAMETER Count If specified, the count of the sslcertchain_sslcertkey_binding object(s) will be returned. .PARAMETER Filter Specify a filter. -Filter @{ 'name'='<value>' } .PARAMETER ViewSummary When specified, only a summary of information is returned. .EXAMPLE PS C:\>Invoke-ADCGetSslcertchainsslcertkeybinding Get data. .EXAMPLE PS C:\>Invoke-ADCGetSslcertchainsslcertkeybinding -GetAll Get all sslcertchain_sslcertkey_binding data. .EXAMPLE PS C:\>Invoke-ADCGetSslcertchainsslcertkeybinding -Count Get the number of sslcertchain_sslcertkey_binding objects. .EXAMPLE PS C:\>Invoke-ADCGetSslcertchainsslcertkeybinding -name <string> Get sslcertchain_sslcertkey_binding object by specifying for example the name. .EXAMPLE PS C:\>Invoke-ADCGetSslcertchainsslcertkeybinding -Filter @{ 'name'='<value>' } Get sslcertchain_sslcertkey_binding data with a filter. .NOTES File Name : Invoke-ADCGetSslcertchainsslcertkeybinding Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslcertchain_sslcertkey_binding/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(DefaultParameterSetName = "GetAll")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(ParameterSetName = 'GetByResource')] [ValidateScript({ $_.Length -gt 1 })] [string]$Certkeyname, [Parameter(ParameterSetName = 'Count', Mandatory)] [Switch]$Count, [hashtable]$Filter = @{ }, [Parameter(ParameterSetName = 'GetAll')] [Switch]$GetAll ) begin { Write-Verbose "Invoke-ADCGetSslcertchainsslcertkeybinding: Beginning" } process { try { if ( $PsCmdlet.ParameterSetName -eq 'GetAll' ) { $query = @{ bulkbindings = 'yes' } Write-Verbose "Retrieving all sslcertchain_sslcertkey_binding objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcertchain_sslcertkey_binding -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'Count' ) { if ( $PSBoundParameters.ContainsKey('Count') ) { $query = @{ 'count' = 'yes' } } Write-Verbose "Retrieving total count for sslcertchain_sslcertkey_binding objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcertchain_sslcertkey_binding -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByArgument' ) { Write-Verbose "Retrieving sslcertchain_sslcertkey_binding objects by arguments" $arguments = @{ } $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcertchain_sslcertkey_binding -NitroPath nitro/v1/config -Arguments $arguments -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByResource' ) { Write-Verbose "Retrieving sslcertchain_sslcertkey_binding configuration for property 'certkeyname'" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcertchain_sslcertkey_binding -NitroPath nitro/v1/config -Resource $certkeyname -Summary:$ViewSummary -Filter $Filter -GetWarning } else { Write-Verbose "Retrieving sslcertchain_sslcertkey_binding configuration objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcertchain_sslcertkey_binding -NitroPath nitro/v1/config -Summary:$ViewSummary -Query $query -Filter $Filter -GetWarning } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" $response = $null } Write-Output $response } end { Write-Verbose "Invoke-ADCGetSslcertchainsslcertkeybinding: Ended" } } function Invoke-ADCImportSslcertfile { <# .SYNOPSIS Import SSL configuration Object. .DESCRIPTION Configuration for Imported Certfile resource. .PARAMETER Name Name to assign to the imported certificate file. Must begin with an ASCII alphanumeric or underscore (_) character, and must contain only ASCII alphanumeric, underscore, hash (#), period (.), space, colon (:), at (@), equals (=), and hyphen (-) characters. .PARAMETER Src URL specifying the protocol, host, and path, including file name, to the certificate file to be imported. For example, http://www.example.com/cert_file. NOTE: The import fails if the object to be imported is on an HTTPS server that requires client certificate authentication for access. .EXAMPLE PS C:\>Invoke-ADCImportSslcertfile -name <string> -src <string> An example how to import sslcertfile configuration Object(s). .NOTES File Name : Invoke-ADCImportSslcertfile Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslcertfile/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(Mandatory)] [ValidatePattern('^(([a-zA-Z0-9]|[_])+([a-zA-Z0-9]|[_])+)$')] [ValidateLength(1, 31)] [string]$Name, [Parameter(Mandatory)] [ValidateLength(1, 2047)] [string]$Src ) begin { Write-Verbose "Invoke-ADCImportSslcertfile: Starting" } process { try { $payload = @{ name = $name src = $src } if ( $PSCmdlet.ShouldProcess($Name, "Import SSL configuration Object") ) { $result = Invoke-ADCNitroApi -ADCSession $ADCSession -Method POST -NitroPath nitro/v1/config -Type sslcertfile -Action import -Payload $payload -GetWarning #HTTP Status Code on Success: 200 OK #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error Write-Output $result } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCImportSslcertfile: Finished" } } function Invoke-ADCDeleteSslcertfile { <# .SYNOPSIS Delete SSL configuration Object. .DESCRIPTION Configuration for Imported Certfile resource. .PARAMETER Name Name to assign to the imported certificate file. Must begin with an ASCII alphanumeric or underscore (_) character, and must contain only ASCII alphanumeric, underscore, hash (#), period (.), space, colon (:), at (@), equals (=), and hyphen (-) characters. .EXAMPLE PS C:\>Invoke-ADCDeleteSslcertfile An example how to delete sslcertfile configuration Object(s). .NOTES File Name : Invoke-ADCDeleteSslcertfile Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslcertfile/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [string]$Name ) begin { Write-Verbose "Invoke-ADCDeleteSslcertfile: Starting" } process { try { $arguments = @{ } if ( $PSBoundParameters.ContainsKey('Name') ) { $arguments.Add('name', $Name) } if ( $PSCmdlet.ShouldProcess("sslcertfile", "Delete SSL configuration Object") ) { $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method DELETE -Type sslcertfile -NitroPath nitro/v1/config -Resource $ -Arguments $arguments #HTTP Status Code on Success: 200 OK #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error Write-Output $response } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCDeleteSslcertfile: Finished" } } function Invoke-ADCGetSslcertfile { <# .SYNOPSIS Get SSL configuration object(s). .DESCRIPTION Configuration for Imported Certfile resource. .PARAMETER GetAll Retrieve all sslcertfile object(s). .PARAMETER Count If specified, the count of the sslcertfile object(s) will be returned. .PARAMETER Filter Specify a filter. -Filter @{ 'name'='<value>' } .PARAMETER ViewSummary When specified, only a summary of information is returned. .EXAMPLE PS C:\>Invoke-ADCGetSslcertfile Get data. .EXAMPLE PS C:\>Invoke-ADCGetSslcertfile -GetAll Get all sslcertfile data. .EXAMPLE PS C:\>Invoke-ADCGetSslcertfile -Count Get the number of sslcertfile objects. .EXAMPLE PS C:\>Invoke-ADCGetSslcertfile -name <string> Get sslcertfile object by specifying for example the name. .EXAMPLE PS C:\>Invoke-ADCGetSslcertfile -Filter @{ 'name'='<value>' } Get sslcertfile data with a filter. .NOTES File Name : Invoke-ADCGetSslcertfile Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslcertfile/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(DefaultParameterSetName = "GetAll")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(ParameterSetName = 'Count', Mandatory)] [Switch]$Count, [hashtable]$Filter = @{ }, [Parameter(ParameterSetName = 'GetAll')] [Switch]$GetAll, [Parameter(ParameterSetName = 'GetAll')] [Switch]$ViewSummary ) begin { Write-Verbose "Invoke-ADCGetSslcertfile: Beginning" } process { try { if ( $PsCmdlet.ParameterSetName -eq 'GetAll' ) { $query = @{ } Write-Verbose "Retrieving all sslcertfile objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcertfile -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'Count' ) { if ( $PSBoundParameters.ContainsKey('Count') ) { $query = @{ 'count' = 'yes' } } Write-Verbose "Retrieving total count for sslcertfile objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcertfile -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByArgument' ) { Write-Verbose "Retrieving sslcertfile objects by arguments" $arguments = @{ } $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcertfile -NitroPath nitro/v1/config -Arguments $arguments -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByResource' ) { Write-Verbose "Retrieving sslcertfile configuration for property ''" } else { Write-Verbose "Retrieving sslcertfile configuration objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcertfile -NitroPath nitro/v1/config -Summary:$ViewSummary -Query $query -Filter $Filter -GetWarning } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" $response = $null } Write-Output $response } end { Write-Verbose "Invoke-ADCGetSslcertfile: Ended" } } function Invoke-ADCAddSslcertificatechain { <# .SYNOPSIS Add SSL configuration Object. .DESCRIPTION Configuration for linked certificate resource. .PARAMETER Certkeyname Name of the certificate-key pair. .PARAMETER PassThru Return details about the created sslcertificatechain item. .EXAMPLE PS C:\>Invoke-ADCAddSslcertificatechain -certkeyname <string> An example how to add sslcertificatechain configuration Object(s). .NOTES File Name : Invoke-ADCAddSslcertificatechain Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslcertificatechain/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(Mandatory)] [string]$Certkeyname, [Switch]$PassThru ) begin { Write-Verbose "Invoke-ADCAddSslcertificatechain: Starting" } process { try { $payload = @{ certkeyname = $certkeyname } if ( $PSCmdlet.ShouldProcess("sslcertificatechain", "Add SSL configuration Object") ) { $result = Invoke-ADCNitroApi -ADCSession $ADCSession -Method POST -NitroPath nitro/v1/config -Type sslcertificatechain -Payload $payload -GetWarning #HTTP Status Code on Success: 201 Created #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error if ( $PSBoundParameters.ContainsKey('PassThru') ) { Write-Output (Invoke-ADCGetSslcertificatechain -Filter $payload) } else { Write-Output $result } } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCAddSslcertificatechain: Finished" } } function Invoke-ADCGetSslcertificatechain { <# .SYNOPSIS Get SSL configuration object(s). .DESCRIPTION Configuration for linked certificate resource. .PARAMETER Certkeyname Name of the certificate-key pair. .PARAMETER GetAll Retrieve all sslcertificatechain object(s). .PARAMETER Count If specified, the count of the sslcertificatechain object(s) will be returned. .PARAMETER Filter Specify a filter. -Filter @{ 'name'='<value>' } .PARAMETER ViewSummary When specified, only a summary of information is returned. .EXAMPLE PS C:\>Invoke-ADCGetSslcertificatechain Get data. .EXAMPLE PS C:\>Invoke-ADCGetSslcertificatechain -GetAll Get all sslcertificatechain data. .EXAMPLE PS C:\>Invoke-ADCGetSslcertificatechain -Count Get the number of sslcertificatechain objects. .EXAMPLE PS C:\>Invoke-ADCGetSslcertificatechain -name <string> Get sslcertificatechain object by specifying for example the name. .EXAMPLE PS C:\>Invoke-ADCGetSslcertificatechain -Filter @{ 'name'='<value>' } Get sslcertificatechain data with a filter. .NOTES File Name : Invoke-ADCGetSslcertificatechain Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslcertificatechain/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(DefaultParameterSetName = "GetAll")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(ParameterSetName = 'GetByResource')] [string]$Certkeyname, [Parameter(ParameterSetName = 'Count', Mandatory)] [Switch]$Count, [hashtable]$Filter = @{ }, [Parameter(ParameterSetName = 'GetAll')] [Switch]$GetAll, [Parameter(ParameterSetName = 'GetAll')] [Parameter(ParameterSetName = 'Get')] [Switch]$ViewSummary ) begin { Write-Verbose "Invoke-ADCGetSslcertificatechain: Beginning" } process { try { if ( $PsCmdlet.ParameterSetName -eq 'GetAll' ) { $query = @{ } Write-Verbose "Retrieving all sslcertificatechain objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcertificatechain -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'Count' ) { if ( $PSBoundParameters.ContainsKey('Count') ) { $query = @{ 'count' = 'yes' } } Write-Verbose "Retrieving total count for sslcertificatechain objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcertificatechain -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByArgument' ) { Write-Verbose "Retrieving sslcertificatechain objects by arguments" $arguments = @{ } $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcertificatechain -NitroPath nitro/v1/config -Arguments $arguments -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByResource' ) { Write-Verbose "Retrieving sslcertificatechain configuration for property 'certkeyname'" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcertificatechain -NitroPath nitro/v1/config -Resource $certkeyname -Summary:$ViewSummary -Filter $Filter -GetWarning } else { Write-Verbose "Retrieving sslcertificatechain configuration objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcertificatechain -NitroPath nitro/v1/config -Summary:$ViewSummary -Query $query -Filter $Filter -GetWarning } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" $response = $null } Write-Output $response } end { Write-Verbose "Invoke-ADCGetSslcertificatechain: Ended" } } function Invoke-ADCAddSslcertkey { <# .SYNOPSIS Add SSL configuration Object. .DESCRIPTION Configuration for certificate key resource. .PARAMETER Certkey Name for the certificate and private-key pair. Must begin with an ASCII alphanumeric or underscore (_) character, and must contain only ASCII alphanumeric, underscore, hash (#), period (.), space, colon (:), at (@), equals (=), and hyphen (-) characters. Cannot be changed after the certificate-key pair is created. .PARAMETER Cert Name of and, optionally, path to the X509 certificate file that is used to form the certificate-key pair. The certificate file should be present on the appliance's hard-disk drive or solid-state drive. Storing a certificate in any location other than the default might cause inconsistency in a high availability setup. /nsconfig/ssl/ is the default path. .PARAMETER Key Name of and, optionally, path to the private-key file that is used to form the certificate-key pair. The certificate file should be present on the appliance's hard-disk drive or solid-state drive. Storing a certificate in any location other than the default might cause inconsistency in a high availability setup. /nsconfig/ssl/ is the default path. .PARAMETER Password Passphrase that was used to encrypt the private-key. Use this option to load encrypted private-keys in PEM format. .PARAMETER Fipskey Name of the FIPS key that was created inside the Hardware Security Module (HSM) of a FIPS appliance, or a key that was imported into the HSM. .PARAMETER Hsmkey Name of the HSM key that was created in the External Hardware Security Module (HSM) of a FIPS appliance. .PARAMETER Inform Input format of the certificate and the private-key files. The three formats supported by the appliance are: PEM - Privacy Enhanced Mail DER - Distinguished Encoding Rule PFX - Personal Information Exchange. Possible values = DER, PEM, PFX .PARAMETER Passplain Pass phrase used to encrypt the private-key. Required when adding an encrypted private-key in PEM format. .PARAMETER Expirymonitor Issue an alert when the certificate is about to expire. Possible values = ENABLED, DISABLED .PARAMETER Notificationperiod Time, in number of days, before certificate expiration, at which to generate an alert that the certificate is about to expire. .PARAMETER Bundle Parse the certificate chain as a single file after linking the server certificate to its issuer's certificate within the file. Possible values = YES, NO .PARAMETER PassThru Return details about the created sslcertkey item. .EXAMPLE PS C:\>Invoke-ADCAddSslcertkey -certkey <string> -cert <string> An example how to add sslcertkey configuration Object(s). .NOTES File Name : Invoke-ADCAddSslcertkey Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslcertkey/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(Mandatory)] [ValidateScript({ $_.Length -gt 1 })] [ValidatePattern('^(([a-zA-Z0-9]|[_])+([a-zA-Z0-9]|[_])+)$')] [string]$Certkey, [Parameter(Mandatory)] [ValidateScript({ $_.Length -gt 1 })] [string]$Cert, [ValidateScript({ $_.Length -gt 1 })] [string]$Key, [boolean]$Password, [ValidateScript({ $_.Length -gt 1 })] [string]$Fipskey, [ValidateScript({ $_.Length -gt 1 })] [string]$Hsmkey, [ValidateSet('DER', 'PEM', 'PFX')] [string]$Inform = 'PEM', [ValidateScript({ $_.Length -gt 1 })] [string]$Passplain, [ValidateSet('ENABLED', 'DISABLED')] [string]$Expirymonitor, [ValidateRange(10, 100)] [double]$Notificationperiod, [ValidateSet('YES', 'NO')] [string]$Bundle = 'NO', [Switch]$PassThru ) begin { Write-Verbose "Invoke-ADCAddSslcertkey: Starting" } process { try { $payload = @{ certkey = $certkey cert = $cert } if ( $PSBoundParameters.ContainsKey('key') ) { $payload.Add('key', $key) } if ( $PSBoundParameters.ContainsKey('password') ) { $payload.Add('password', $password) } if ( $PSBoundParameters.ContainsKey('fipskey') ) { $payload.Add('fipskey', $fipskey) } if ( $PSBoundParameters.ContainsKey('hsmkey') ) { $payload.Add('hsmkey', $hsmkey) } if ( $PSBoundParameters.ContainsKey('inform') ) { $payload.Add('inform', $inform) } if ( $PSBoundParameters.ContainsKey('passplain') ) { $payload.Add('passplain', $passplain) } if ( $PSBoundParameters.ContainsKey('expirymonitor') ) { $payload.Add('expirymonitor', $expirymonitor) } if ( $PSBoundParameters.ContainsKey('notificationperiod') ) { $payload.Add('notificationperiod', $notificationperiod) } if ( $PSBoundParameters.ContainsKey('bundle') ) { $payload.Add('bundle', $bundle) } if ( $PSCmdlet.ShouldProcess("sslcertkey", "Add SSL configuration Object") ) { $result = Invoke-ADCNitroApi -ADCSession $ADCSession -Method POST -NitroPath nitro/v1/config -Type sslcertkey -Payload $payload -GetWarning #HTTP Status Code on Success: 201 Created #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error if ( $PSBoundParameters.ContainsKey('PassThru') ) { Write-Output (Invoke-ADCGetSslcertkey -Filter $payload) } else { Write-Output $result } } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCAddSslcertkey: Finished" } } function Invoke-ADCDeleteSslcertkey { <# .SYNOPSIS Delete SSL configuration Object. .DESCRIPTION Configuration for certificate key resource. .PARAMETER Certkey Name for the certificate and private-key pair. Must begin with an ASCII alphanumeric or underscore (_) character, and must contain only ASCII alphanumeric, underscore, hash (#), period (.), space, colon (:), at (@), equals (=), and hyphen (-) characters. Cannot be changed after the certificate-key pair is created. .PARAMETER Deletefromdevice Delete cert/key file from file system. .EXAMPLE PS C:\>Invoke-ADCDeleteSslcertkey -Certkey <string> An example how to delete sslcertkey configuration Object(s). .NOTES File Name : Invoke-ADCDeleteSslcertkey Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslcertkey/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(Mandatory)] [string]$Certkey, [boolean]$Deletefromdevice ) begin { Write-Verbose "Invoke-ADCDeleteSslcertkey: Starting" } process { try { $arguments = @{ } if ( $PSBoundParameters.ContainsKey('Deletefromdevice') ) { $arguments.Add('deletefromdevice', $Deletefromdevice) } if ( $PSCmdlet.ShouldProcess("$certkey", "Delete SSL configuration Object") ) { $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method DELETE -Type sslcertkey -NitroPath nitro/v1/config -Resource $certkey -Arguments $arguments #HTTP Status Code on Success: 200 OK #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error Write-Output $response } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCDeleteSslcertkey: Finished" } } function Invoke-ADCUpdateSslcertkey { <# .SYNOPSIS Update SSL configuration Object. .DESCRIPTION Configuration for certificate key resource. .PARAMETER Certkey Name for the certificate and private-key pair. Must begin with an ASCII alphanumeric or underscore (_) character, and must contain only ASCII alphanumeric, underscore, hash (#), period (.), space, colon (:), at (@), equals (=), and hyphen (-) characters. Cannot be changed after the certificate-key pair is created. .PARAMETER Expirymonitor Issue an alert when the certificate is about to expire. Possible values = ENABLED, DISABLED .PARAMETER Notificationperiod Time, in number of days, before certificate expiration, at which to generate an alert that the certificate is about to expire. .PARAMETER PassThru Return details about the created sslcertkey item. .EXAMPLE PS C:\>Invoke-ADCUpdateSslcertkey -certkey <string> An example how to update sslcertkey configuration Object(s). .NOTES File Name : Invoke-ADCUpdateSslcertkey Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslcertkey/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(Mandatory)] [ValidateScript({ $_.Length -gt 1 })] [ValidatePattern('^(([a-zA-Z0-9]|[_])+([a-zA-Z0-9]|[_])+)$')] [string]$Certkey, [ValidateSet('ENABLED', 'DISABLED')] [string]$Expirymonitor, [ValidateRange(10, 100)] [double]$Notificationperiod, [Switch]$PassThru ) begin { Write-Verbose "Invoke-ADCUpdateSslcertkey: Starting" } process { try { $payload = @{ certkey = $certkey } if ( $PSBoundParameters.ContainsKey('expirymonitor') ) { $payload.Add('expirymonitor', $expirymonitor) } if ( $PSBoundParameters.ContainsKey('notificationperiod') ) { $payload.Add('notificationperiod', $notificationperiod) } if ( $PSCmdlet.ShouldProcess("sslcertkey", "Update SSL configuration Object") ) { $result = Invoke-ADCNitroApi -ADCSession $ADCSession -Method PUT -NitroPath nitro/v1/config -Type sslcertkey -Payload $payload -GetWarning #HTTP Status Code on Success: 200 OK #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error if ( $PSBoundParameters.ContainsKey('PassThru') ) { Write-Output (Invoke-ADCGetSslcertkey -Filter $payload) } else { Write-Output $result } } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCUpdateSslcertkey: Finished" } } function Invoke-ADCUnsetSslcertkey { <# .SYNOPSIS Unset SSL configuration Object. .DESCRIPTION Configuration for certificate key resource. .PARAMETER Certkey Name for the certificate and private-key pair. Must begin with an ASCII alphanumeric or underscore (_) character, and must contain only ASCII alphanumeric, underscore, hash (#), period (.), space, colon (:), at (@), equals (=), and hyphen (-) characters. Cannot be changed after the certificate-key pair is created. .PARAMETER Expirymonitor Issue an alert when the certificate is about to expire. Possible values = ENABLED, DISABLED .PARAMETER Notificationperiod Time, in number of days, before certificate expiration, at which to generate an alert that the certificate is about to expire. .EXAMPLE PS C:\>Invoke-ADCUnsetSslcertkey -certkey <string> An example how to unset sslcertkey configuration Object(s). .NOTES File Name : Invoke-ADCUnsetSslcertkey Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslcertkey Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [ValidateScript({ $_.Length -gt 1 })] [ValidatePattern('^(([a-zA-Z0-9]|[_])+([a-zA-Z0-9]|[_])+)$')] [string]$Certkey, [Boolean]$expirymonitor, [Boolean]$notificationperiod ) begin { Write-Verbose "Invoke-ADCUnsetSslcertkey: Starting" } process { try { $payload = @{ certkey = $certkey } if ( $PSBoundParameters.ContainsKey('expirymonitor') ) { $payload.Add('expirymonitor', $expirymonitor) } if ( $PSBoundParameters.ContainsKey('notificationperiod') ) { $payload.Add('notificationperiod', $notificationperiod) } if ( $PSCmdlet.ShouldProcess("$certkey", "Unset SSL configuration Object") ) { $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method POST -Type sslcertkey -NitroPath nitro/v1/config -Action unset -Payload $payload -GetWarning #HTTP Status Code on Success: 200 OK #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error Write-Output $response } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCUnsetSslcertkey: Finished" } } function Invoke-ADCLinkSslcertkey { <# .SYNOPSIS Link SSL configuration Object. .DESCRIPTION Configuration for certificate key resource. .PARAMETER Certkey Name for the certificate and private-key pair. Must begin with an ASCII alphanumeric or underscore (_) character, and must contain only ASCII alphanumeric, underscore, hash (#), period (.), space, colon (:), at (@), equals (=), and hyphen (-) characters. Cannot be changed after the certificate-key pair is created. .PARAMETER Linkcertkeyname Name of the Certificate Authority certificate-key pair to which to link a certificate-key pair. .EXAMPLE PS C:\>Invoke-ADCLinkSslcertkey -certkey <string> -linkcertkeyname <string> An example how to link sslcertkey configuration Object(s). .NOTES File Name : Invoke-ADCLinkSslcertkey Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslcertkey/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(Mandatory)] [ValidateScript({ $_.Length -gt 1 })] [ValidatePattern('^(([a-zA-Z0-9]|[_])+([a-zA-Z0-9]|[_])+)$')] [string]$Certkey, [Parameter(Mandatory)] [ValidateScript({ $_.Length -gt 1 })] [string]$Linkcertkeyname ) begin { Write-Verbose "Invoke-ADCLinkSslcertkey: Starting" } process { try { $payload = @{ certkey = $certkey linkcertkeyname = $linkcertkeyname } if ( $PSCmdlet.ShouldProcess($Name, "Link SSL configuration Object") ) { $result = Invoke-ADCNitroApi -ADCSession $ADCSession -Method POST -NitroPath nitro/v1/config -Type sslcertkey -Action link -Payload $payload -GetWarning #HTTP Status Code on Success: 200 OK #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error Write-Output $result } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCLinkSslcertkey: Finished" } } function Invoke-ADCUnlinkSslcertkey { <# .SYNOPSIS Unlink SSL configuration Object. .DESCRIPTION Configuration for certificate key resource. .PARAMETER Certkey Name for the certificate and private-key pair. Must begin with an ASCII alphanumeric or underscore (_) character, and must contain only ASCII alphanumeric, underscore, hash (#), period (.), space, colon (:), at (@), equals (=), and hyphen (-) characters. Cannot be changed after the certificate-key pair is created. .EXAMPLE PS C:\>Invoke-ADCUnlinkSslcertkey -certkey <string> An example how to unlink sslcertkey configuration Object(s). .NOTES File Name : Invoke-ADCUnlinkSslcertkey Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslcertkey/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(Mandatory)] [ValidateScript({ $_.Length -gt 1 })] [ValidatePattern('^(([a-zA-Z0-9]|[_])+([a-zA-Z0-9]|[_])+)$')] [string]$Certkey ) begin { Write-Verbose "Invoke-ADCUnlinkSslcertkey: Starting" } process { try { $payload = @{ certkey = $certkey } if ( $PSCmdlet.ShouldProcess($Name, "Unlink SSL configuration Object") ) { $result = Invoke-ADCNitroApi -ADCSession $ADCSession -Method POST -NitroPath nitro/v1/config -Type sslcertkey -Action unlink -Payload $payload -GetWarning #HTTP Status Code on Success: 200 OK #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error Write-Output $result } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCUnlinkSslcertkey: Finished" } } function Invoke-ADCChangeSslcertkey { <# .SYNOPSIS Change SSL configuration Object. .DESCRIPTION Configuration for certificate key resource. .PARAMETER Certkey Name for the certificate and private-key pair. Must begin with an ASCII alphanumeric or underscore (_) character, and must contain only ASCII alphanumeric, underscore, hash (#), period (.), space, colon (:), at (@), equals (=), and hyphen (-) characters. Cannot be changed after the certificate-key pair is created. .PARAMETER Cert Name of and, optionally, path to the X509 certificate file that is used to form the certificate-key pair. The certificate file should be present on the appliance's hard-disk drive or solid-state drive. Storing a certificate in any location other than the default might cause inconsistency in a high availability setup. /nsconfig/ssl/ is the default path. .PARAMETER Key Name of and, optionally, path to the private-key file that is used to form the certificate-key pair. The certificate file should be present on the appliance's hard-disk drive or solid-state drive. Storing a certificate in any location other than the default might cause inconsistency in a high availability setup. /nsconfig/ssl/ is the default path. .PARAMETER Password Passphrase that was used to encrypt the private-key. Use this option to load encrypted private-keys in PEM format. .PARAMETER Fipskey Name of the FIPS key that was created inside the Hardware Security Module (HSM) of a FIPS appliance, or a key that was imported into the HSM. .PARAMETER Inform Input format of the certificate and the private-key files. The three formats supported by the appliance are: PEM - Privacy Enhanced Mail DER - Distinguished Encoding Rule PFX - Personal Information Exchange. Possible values = DER, PEM, PFX .PARAMETER Passplain Pass phrase used to encrypt the private-key. Required when adding an encrypted private-key in PEM format. .PARAMETER Nodomaincheck Override the check for matching domain names during a certificate update operation. .PARAMETER PassThru Return details about the created sslcertkey item. .EXAMPLE PS C:\>Invoke-ADCChangeSslcertkey -certkey <string> An example how to change sslcertkey configuration Object(s). .NOTES File Name : Invoke-ADCChangeSslcertkey Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslcertkey/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(Mandatory)] [ValidateScript({ $_.Length -gt 1 })] [ValidatePattern('^(([a-zA-Z0-9]|[_])+([a-zA-Z0-9]|[_])+)$')] [string]$Certkey, [ValidateScript({ $_.Length -gt 1 })] [string]$Cert, [ValidateScript({ $_.Length -gt 1 })] [string]$Key, [boolean]$Password, [ValidateScript({ $_.Length -gt 1 })] [string]$Fipskey, [ValidateSet('DER', 'PEM', 'PFX')] [string]$Inform, [ValidateScript({ $_.Length -gt 1 })] [string]$Passplain, [boolean]$Nodomaincheck, [Switch]$PassThru ) begin { Write-Verbose "Invoke-ADCChangeSslcertkey: Starting" } process { try { $payload = @{ certkey = $certkey } if ( $PSBoundParameters.ContainsKey('cert') ) { $payload.Add('cert', $cert) } if ( $PSBoundParameters.ContainsKey('key') ) { $payload.Add('key', $key) } if ( $PSBoundParameters.ContainsKey('password') ) { $payload.Add('password', $password) } if ( $PSBoundParameters.ContainsKey('fipskey') ) { $payload.Add('fipskey', $fipskey) } if ( $PSBoundParameters.ContainsKey('inform') ) { $payload.Add('inform', $inform) } if ( $PSBoundParameters.ContainsKey('passplain') ) { $payload.Add('passplain', $passplain) } if ( $PSBoundParameters.ContainsKey('nodomaincheck') ) { $payload.Add('nodomaincheck', $nodomaincheck) } if ( $PSCmdlet.ShouldProcess("sslcertkey", "Change SSL configuration Object") ) { $result = Invoke-ADCNitroApi -ADCSession $ADCSession -Method POST -NitroPath nitro/v1/config -Type sslcertkey -Action update -Payload $payload -GetWarning #HTTP Status Code on Success: 200 OK #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error if ( $PSBoundParameters.ContainsKey('PassThru') ) { Write-Output (Invoke-ADCGetSslcertkey -Filter $payload) } else { Write-Output $result } } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCChangeSslcertkey: Finished" } } function Invoke-ADCClearSslcertkey { <# .SYNOPSIS Clear SSL configuration Object. .DESCRIPTION Configuration for certificate key resource. .PARAMETER Certkey Name for the certificate and private-key pair. Must begin with an ASCII alphanumeric or underscore (_) character, and must contain only ASCII alphanumeric, underscore, hash (#), period (.), space, colon (:), at (@), equals (=), and hyphen (-) characters. Cannot be changed after the certificate-key pair is created. .PARAMETER Ocspstaplingcache Clear cached ocspStapling response in certkey. .EXAMPLE PS C:\>Invoke-ADCClearSslcertkey -certkey <string> An example how to clear sslcertkey configuration Object(s). .NOTES File Name : Invoke-ADCClearSslcertkey Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslcertkey/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(Mandatory)] [ValidateScript({ $_.Length -gt 1 })] [ValidatePattern('^(([a-zA-Z0-9]|[_])+([a-zA-Z0-9]|[_])+)$')] [string]$Certkey, [boolean]$Ocspstaplingcache ) begin { Write-Verbose "Invoke-ADCClearSslcertkey: Starting" } process { try { $payload = @{ certkey = $certkey } if ( $PSBoundParameters.ContainsKey('ocspstaplingcache') ) { $payload.Add('ocspstaplingcache', $ocspstaplingcache) } if ( $PSCmdlet.ShouldProcess($Name, "Clear SSL configuration Object") ) { $result = Invoke-ADCNitroApi -ADCSession $ADCSession -Method POST -NitroPath nitro/v1/config -Type sslcertkey -Action clear -Payload $payload -GetWarning #HTTP Status Code on Success: 200 OK #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error Write-Output $result } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCClearSslcertkey: Finished" } } function Invoke-ADCGetSslcertkey { <# .SYNOPSIS Get SSL configuration object(s). .DESCRIPTION Configuration for certificate key resource. .PARAMETER Certkey Name for the certificate and private-key pair. Must begin with an ASCII alphanumeric or underscore (_) character, and must contain only ASCII alphanumeric, underscore, hash (#), period (.), space, colon (:), at (@), equals (=), and hyphen (-) characters. Cannot be changed after the certificate-key pair is created. .PARAMETER GetAll Retrieve all sslcertkey object(s). .PARAMETER Count If specified, the count of the sslcertkey object(s) will be returned. .PARAMETER Filter Specify a filter. -Filter @{ 'name'='<value>' } .PARAMETER ViewSummary When specified, only a summary of information is returned. .EXAMPLE PS C:\>Invoke-ADCGetSslcertkey Get data. .EXAMPLE PS C:\>Invoke-ADCGetSslcertkey -GetAll Get all sslcertkey data. .EXAMPLE PS C:\>Invoke-ADCGetSslcertkey -Count Get the number of sslcertkey objects. .EXAMPLE PS C:\>Invoke-ADCGetSslcertkey -name <string> Get sslcertkey object by specifying for example the name. .EXAMPLE PS C:\>Invoke-ADCGetSslcertkey -Filter @{ 'name'='<value>' } Get sslcertkey data with a filter. .NOTES File Name : Invoke-ADCGetSslcertkey Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslcertkey/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(DefaultParameterSetName = "GetAll")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(ParameterSetName = 'GetByResource')] [ValidateScript({ $_.Length -gt 1 })] [ValidatePattern('^(([a-zA-Z0-9]|[_])+([a-zA-Z0-9]|[_])+)$')] [string]$Certkey, [Parameter(ParameterSetName = 'Count', Mandatory)] [Switch]$Count, [hashtable]$Filter = @{ }, [Parameter(ParameterSetName = 'GetAll')] [Switch]$GetAll, [Parameter(ParameterSetName = 'GetAll')] [Parameter(ParameterSetName = 'Get')] [Switch]$ViewSummary ) begin { Write-Verbose "Invoke-ADCGetSslcertkey: Beginning" } process { try { if ( $PsCmdlet.ParameterSetName -eq 'GetAll' ) { $query = @{ } Write-Verbose "Retrieving all sslcertkey objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcertkey -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'Count' ) { if ( $PSBoundParameters.ContainsKey('Count') ) { $query = @{ 'count' = 'yes' } } Write-Verbose "Retrieving total count for sslcertkey objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcertkey -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByArgument' ) { Write-Verbose "Retrieving sslcertkey objects by arguments" $arguments = @{ } $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcertkey -NitroPath nitro/v1/config -Arguments $arguments -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByResource' ) { Write-Verbose "Retrieving sslcertkey configuration for property 'certkey'" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcertkey -NitroPath nitro/v1/config -Resource $certkey -Summary:$ViewSummary -Filter $Filter -GetWarning } else { Write-Verbose "Retrieving sslcertkey configuration objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcertkey -NitroPath nitro/v1/config -Summary:$ViewSummary -Query $query -Filter $Filter -GetWarning } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" $response = $null } Write-Output $response } end { Write-Verbose "Invoke-ADCGetSslcertkey: Ended" } } function Invoke-ADCGetSslcertkeybinding { <# .SYNOPSIS Get SSL configuration object(s). .DESCRIPTION Binding object which returns the resources bound to sslcertkey. .PARAMETER Certkey Name of the certificate-key pair for which to show detailed information. .PARAMETER GetAll Retrieve all sslcertkey_binding object(s). .PARAMETER Count If specified, the count of the sslcertkey_binding object(s) will be returned. .PARAMETER Filter Specify a filter. -Filter @{ 'name'='<value>' } .PARAMETER ViewSummary When specified, only a summary of information is returned. .EXAMPLE PS C:\>Invoke-ADCGetSslcertkeybinding Get data. .EXAMPLE PS C:\>Invoke-ADCGetSslcertkeybinding -GetAll Get all sslcertkey_binding data. .EXAMPLE PS C:\>Invoke-ADCGetSslcertkeybinding -name <string> Get sslcertkey_binding object by specifying for example the name. .EXAMPLE PS C:\>Invoke-ADCGetSslcertkeybinding -Filter @{ 'name'='<value>' } Get sslcertkey_binding data with a filter. .NOTES File Name : Invoke-ADCGetSslcertkeybinding Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslcertkey_binding/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(DefaultParameterSetName = "GetAll")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(ParameterSetName = 'GetByResource')] [ValidateScript({ $_.Length -gt 1 })] [string]$Certkey, [hashtable]$Filter = @{ }, [Parameter(ParameterSetName = 'GetAll')] [Switch]$GetAll ) begin { Write-Verbose "Invoke-ADCGetSslcertkeybinding: Beginning" } process { try { if ( $PsCmdlet.ParameterSetName -eq 'GetAll' ) { $query = @{ bulkbindings = 'yes' } Write-Verbose "Retrieving all sslcertkey_binding objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcertkey_binding -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'Count' ) { if ( $PSBoundParameters.ContainsKey('Count') ) { $query = @{ 'count' = 'yes' } } Write-Verbose "Retrieving total count for sslcertkey_binding objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcertkey_binding -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByArgument' ) { Write-Verbose "Retrieving sslcertkey_binding objects by arguments" $arguments = @{ } $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcertkey_binding -NitroPath nitro/v1/config -Arguments $arguments -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByResource' ) { Write-Verbose "Retrieving sslcertkey_binding configuration for property 'certkey'" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcertkey_binding -NitroPath nitro/v1/config -Resource $certkey -Summary:$ViewSummary -Filter $Filter -GetWarning } else { Write-Verbose "Retrieving sslcertkey_binding configuration objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcertkey_binding -NitroPath nitro/v1/config -Summary:$ViewSummary -Query $query -Filter $Filter -GetWarning } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" $response = $null } Write-Output $response } end { Write-Verbose "Invoke-ADCGetSslcertkeybinding: Ended" } } function Invoke-ADCGetSslcertkeycrldistributionbinding { <# .SYNOPSIS Get SSL configuration object(s). .DESCRIPTION Binding object showing the crldistribution that can be bound to sslcertkey. .PARAMETER Certkey Name of the certificate-key pair. .PARAMETER GetAll Retrieve all sslcertkey_crldistribution_binding object(s). .PARAMETER Count If specified, the count of the sslcertkey_crldistribution_binding object(s) will be returned. .PARAMETER Filter Specify a filter. -Filter @{ 'name'='<value>' } .PARAMETER ViewSummary When specified, only a summary of information is returned. .EXAMPLE PS C:\>Invoke-ADCGetSslcertkeycrldistributionbinding Get data. .EXAMPLE PS C:\>Invoke-ADCGetSslcertkeycrldistributionbinding -GetAll Get all sslcertkey_crldistribution_binding data. .EXAMPLE PS C:\>Invoke-ADCGetSslcertkeycrldistributionbinding -Count Get the number of sslcertkey_crldistribution_binding objects. .EXAMPLE PS C:\>Invoke-ADCGetSslcertkeycrldistributionbinding -name <string> Get sslcertkey_crldistribution_binding object by specifying for example the name. .EXAMPLE PS C:\>Invoke-ADCGetSslcertkeycrldistributionbinding -Filter @{ 'name'='<value>' } Get sslcertkey_crldistribution_binding data with a filter. .NOTES File Name : Invoke-ADCGetSslcertkeycrldistributionbinding Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslcertkey_crldistribution_binding/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(DefaultParameterSetName = "GetAll")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(ParameterSetName = 'GetByResource')] [ValidateScript({ $_.Length -gt 1 })] [string]$Certkey, [Parameter(ParameterSetName = 'Count', Mandatory)] [Switch]$Count, [hashtable]$Filter = @{ }, [Parameter(ParameterSetName = 'GetAll')] [Switch]$GetAll ) begin { Write-Verbose "Invoke-ADCGetSslcertkeycrldistributionbinding: Beginning" } process { try { if ( $PsCmdlet.ParameterSetName -eq 'GetAll' ) { $query = @{ bulkbindings = 'yes' } Write-Verbose "Retrieving all sslcertkey_crldistribution_binding objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcertkey_crldistribution_binding -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'Count' ) { if ( $PSBoundParameters.ContainsKey('Count') ) { $query = @{ 'count' = 'yes' } } Write-Verbose "Retrieving total count for sslcertkey_crldistribution_binding objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcertkey_crldistribution_binding -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByArgument' ) { Write-Verbose "Retrieving sslcertkey_crldistribution_binding objects by arguments" $arguments = @{ } $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcertkey_crldistribution_binding -NitroPath nitro/v1/config -Arguments $arguments -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByResource' ) { Write-Verbose "Retrieving sslcertkey_crldistribution_binding configuration for property 'certkey'" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcertkey_crldistribution_binding -NitroPath nitro/v1/config -Resource $certkey -Summary:$ViewSummary -Filter $Filter -GetWarning } else { Write-Verbose "Retrieving sslcertkey_crldistribution_binding configuration objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcertkey_crldistribution_binding -NitroPath nitro/v1/config -Summary:$ViewSummary -Query $query -Filter $Filter -GetWarning } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" $response = $null } Write-Output $response } end { Write-Verbose "Invoke-ADCGetSslcertkeycrldistributionbinding: Ended" } } function Invoke-ADCGetSslcertkeyservicebinding { <# .SYNOPSIS Get SSL configuration object(s). .DESCRIPTION Binding object showing the service that can be bound to sslcertkey. .PARAMETER Certkey Name of the certificate-key pair. .PARAMETER GetAll Retrieve all sslcertkey_service_binding object(s). .PARAMETER Count If specified, the count of the sslcertkey_service_binding object(s) will be returned. .PARAMETER Filter Specify a filter. -Filter @{ 'name'='<value>' } .PARAMETER ViewSummary When specified, only a summary of information is returned. .EXAMPLE PS C:\>Invoke-ADCGetSslcertkeyservicebinding Get data. .EXAMPLE PS C:\>Invoke-ADCGetSslcertkeyservicebinding -GetAll Get all sslcertkey_service_binding data. .EXAMPLE PS C:\>Invoke-ADCGetSslcertkeyservicebinding -Count Get the number of sslcertkey_service_binding objects. .EXAMPLE PS C:\>Invoke-ADCGetSslcertkeyservicebinding -name <string> Get sslcertkey_service_binding object by specifying for example the name. .EXAMPLE PS C:\>Invoke-ADCGetSslcertkeyservicebinding -Filter @{ 'name'='<value>' } Get sslcertkey_service_binding data with a filter. .NOTES File Name : Invoke-ADCGetSslcertkeyservicebinding Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslcertkey_service_binding/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(DefaultParameterSetName = "GetAll")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(ParameterSetName = 'GetByResource')] [ValidateScript({ $_.Length -gt 1 })] [string]$Certkey, [Parameter(ParameterSetName = 'Count', Mandatory)] [Switch]$Count, [hashtable]$Filter = @{ }, [Parameter(ParameterSetName = 'GetAll')] [Switch]$GetAll ) begin { Write-Verbose "Invoke-ADCGetSslcertkeyservicebinding: Beginning" } process { try { if ( $PsCmdlet.ParameterSetName -eq 'GetAll' ) { $query = @{ bulkbindings = 'yes' } Write-Verbose "Retrieving all sslcertkey_service_binding objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcertkey_service_binding -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'Count' ) { if ( $PSBoundParameters.ContainsKey('Count') ) { $query = @{ 'count' = 'yes' } } Write-Verbose "Retrieving total count for sslcertkey_service_binding objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcertkey_service_binding -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByArgument' ) { Write-Verbose "Retrieving sslcertkey_service_binding objects by arguments" $arguments = @{ } $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcertkey_service_binding -NitroPath nitro/v1/config -Arguments $arguments -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByResource' ) { Write-Verbose "Retrieving sslcertkey_service_binding configuration for property 'certkey'" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcertkey_service_binding -NitroPath nitro/v1/config -Resource $certkey -Summary:$ViewSummary -Filter $Filter -GetWarning } else { Write-Verbose "Retrieving sslcertkey_service_binding configuration objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcertkey_service_binding -NitroPath nitro/v1/config -Summary:$ViewSummary -Query $query -Filter $Filter -GetWarning } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" $response = $null } Write-Output $response } end { Write-Verbose "Invoke-ADCGetSslcertkeyservicebinding: Ended" } } function Invoke-ADCAddSslcertkeysslocspresponderbinding { <# .SYNOPSIS Add SSL configuration Object. .DESCRIPTION Binding object showing the sslocspresponder that can be bound to sslcertkey. .PARAMETER Certkey Name of the certificate-key pair. .PARAMETER Ocspresponder OCSP responders bound to this certkey. .PARAMETER Priority ocsp priority. .PARAMETER PassThru Return details about the created sslcertkey_sslocspresponder_binding item. .EXAMPLE PS C:\>Invoke-ADCAddSslcertkeysslocspresponderbinding An example how to add sslcertkey_sslocspresponder_binding configuration Object(s). .NOTES File Name : Invoke-ADCAddSslcertkeysslocspresponderbinding Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslcertkey_sslocspresponder_binding/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [ValidateScript({ $_.Length -gt 1 })] [string]$Certkey, [string]$Ocspresponder, [double]$Priority, [Switch]$PassThru ) begin { Write-Verbose "Invoke-ADCAddSslcertkeysslocspresponderbinding: Starting" } process { try { $payload = @{ } if ( $PSBoundParameters.ContainsKey('certkey') ) { $payload.Add('certkey', $certkey) } if ( $PSBoundParameters.ContainsKey('ocspresponder') ) { $payload.Add('ocspresponder', $ocspresponder) } if ( $PSBoundParameters.ContainsKey('priority') ) { $payload.Add('priority', $priority) } if ( $PSCmdlet.ShouldProcess("sslcertkey_sslocspresponder_binding", "Add SSL configuration Object") ) { $result = Invoke-ADCNitroApi -ADCSession $ADCSession -Method PUT -NitroPath nitro/v1/config -Type sslcertkey_sslocspresponder_binding -Payload $payload -GetWarning #HTTP Status Code on Success: 201 Created #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error if ( $PSBoundParameters.ContainsKey('PassThru') ) { Write-Output (Invoke-ADCGetSslcertkeysslocspresponderbinding -Filter $payload) } else { Write-Output $result } } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCAddSslcertkeysslocspresponderbinding: Finished" } } function Invoke-ADCDeleteSslcertkeysslocspresponderbinding { <# .SYNOPSIS Delete SSL configuration Object. .DESCRIPTION Binding object showing the sslocspresponder that can be bound to sslcertkey. .PARAMETER Certkey Name of the certificate-key pair. .PARAMETER Ocspresponder OCSP responders bound to this certkey. .PARAMETER Ca The certificate-key pair being unbound is a Certificate Authority (CA) certificate. If you choose this option, the certificate-key pair is unbound from the list of CA certificates that were bound to the specified SSL virtual server or SSL service. .EXAMPLE PS C:\>Invoke-ADCDeleteSslcertkeysslocspresponderbinding -Certkey <string> An example how to delete sslcertkey_sslocspresponder_binding configuration Object(s). .NOTES File Name : Invoke-ADCDeleteSslcertkeysslocspresponderbinding Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslcertkey_sslocspresponder_binding/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(Mandatory)] [string]$Certkey, [string]$Ocspresponder, [boolean]$Ca ) begin { Write-Verbose "Invoke-ADCDeleteSslcertkeysslocspresponderbinding: Starting" } process { try { $arguments = @{ } if ( $PSBoundParameters.ContainsKey('Ocspresponder') ) { $arguments.Add('ocspresponder', $Ocspresponder) } if ( $PSBoundParameters.ContainsKey('Ca') ) { $arguments.Add('ca', $Ca) } if ( $PSCmdlet.ShouldProcess("$certkey", "Delete SSL configuration Object") ) { $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method DELETE -Type sslcertkey_sslocspresponder_binding -NitroPath nitro/v1/config -Resource $certkey -Arguments $arguments #HTTP Status Code on Success: 200 OK #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error Write-Output $response } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCDeleteSslcertkeysslocspresponderbinding: Finished" } } function Invoke-ADCGetSslcertkeysslocspresponderbinding { <# .SYNOPSIS Get SSL configuration object(s). .DESCRIPTION Binding object showing the sslocspresponder that can be bound to sslcertkey. .PARAMETER Certkey Name of the certificate-key pair. .PARAMETER GetAll Retrieve all sslcertkey_sslocspresponder_binding object(s). .PARAMETER Count If specified, the count of the sslcertkey_sslocspresponder_binding object(s) will be returned. .PARAMETER Filter Specify a filter. -Filter @{ 'name'='<value>' } .PARAMETER ViewSummary When specified, only a summary of information is returned. .EXAMPLE PS C:\>Invoke-ADCGetSslcertkeysslocspresponderbinding Get data. .EXAMPLE PS C:\>Invoke-ADCGetSslcertkeysslocspresponderbinding -GetAll Get all sslcertkey_sslocspresponder_binding data. .EXAMPLE PS C:\>Invoke-ADCGetSslcertkeysslocspresponderbinding -Count Get the number of sslcertkey_sslocspresponder_binding objects. .EXAMPLE PS C:\>Invoke-ADCGetSslcertkeysslocspresponderbinding -name <string> Get sslcertkey_sslocspresponder_binding object by specifying for example the name. .EXAMPLE PS C:\>Invoke-ADCGetSslcertkeysslocspresponderbinding -Filter @{ 'name'='<value>' } Get sslcertkey_sslocspresponder_binding data with a filter. .NOTES File Name : Invoke-ADCGetSslcertkeysslocspresponderbinding Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslcertkey_sslocspresponder_binding/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(DefaultParameterSetName = "GetAll")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(ParameterSetName = 'GetByResource')] [ValidateScript({ $_.Length -gt 1 })] [string]$Certkey, [Parameter(ParameterSetName = 'Count', Mandatory)] [Switch]$Count, [hashtable]$Filter = @{ }, [Parameter(ParameterSetName = 'GetAll')] [Switch]$GetAll ) begin { Write-Verbose "Invoke-ADCGetSslcertkeysslocspresponderbinding: Beginning" } process { try { if ( $PsCmdlet.ParameterSetName -eq 'GetAll' ) { $query = @{ bulkbindings = 'yes' } Write-Verbose "Retrieving all sslcertkey_sslocspresponder_binding objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcertkey_sslocspresponder_binding -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'Count' ) { if ( $PSBoundParameters.ContainsKey('Count') ) { $query = @{ 'count' = 'yes' } } Write-Verbose "Retrieving total count for sslcertkey_sslocspresponder_binding objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcertkey_sslocspresponder_binding -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByArgument' ) { Write-Verbose "Retrieving sslcertkey_sslocspresponder_binding objects by arguments" $arguments = @{ } $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcertkey_sslocspresponder_binding -NitroPath nitro/v1/config -Arguments $arguments -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByResource' ) { Write-Verbose "Retrieving sslcertkey_sslocspresponder_binding configuration for property 'certkey'" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcertkey_sslocspresponder_binding -NitroPath nitro/v1/config -Resource $certkey -Summary:$ViewSummary -Filter $Filter -GetWarning } else { Write-Verbose "Retrieving sslcertkey_sslocspresponder_binding configuration objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcertkey_sslocspresponder_binding -NitroPath nitro/v1/config -Summary:$ViewSummary -Query $query -Filter $Filter -GetWarning } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" $response = $null } Write-Output $response } end { Write-Verbose "Invoke-ADCGetSslcertkeysslocspresponderbinding: Ended" } } function Invoke-ADCGetSslcertkeysslprofilebinding { <# .SYNOPSIS Get SSL configuration object(s). .DESCRIPTION Binding object showing the sslprofile that can be bound to sslcertkey. .PARAMETER Certkey Name of the certificate-key pair. .PARAMETER GetAll Retrieve all sslcertkey_sslprofile_binding object(s). .PARAMETER Count If specified, the count of the sslcertkey_sslprofile_binding object(s) will be returned. .PARAMETER Filter Specify a filter. -Filter @{ 'name'='<value>' } .PARAMETER ViewSummary When specified, only a summary of information is returned. .EXAMPLE PS C:\>Invoke-ADCGetSslcertkeysslprofilebinding Get data. .EXAMPLE PS C:\>Invoke-ADCGetSslcertkeysslprofilebinding -GetAll Get all sslcertkey_sslprofile_binding data. .EXAMPLE PS C:\>Invoke-ADCGetSslcertkeysslprofilebinding -Count Get the number of sslcertkey_sslprofile_binding objects. .EXAMPLE PS C:\>Invoke-ADCGetSslcertkeysslprofilebinding -name <string> Get sslcertkey_sslprofile_binding object by specifying for example the name. .EXAMPLE PS C:\>Invoke-ADCGetSslcertkeysslprofilebinding -Filter @{ 'name'='<value>' } Get sslcertkey_sslprofile_binding data with a filter. .NOTES File Name : Invoke-ADCGetSslcertkeysslprofilebinding Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslcertkey_sslprofile_binding/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(DefaultParameterSetName = "GetAll")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(ParameterSetName = 'GetByResource')] [ValidateScript({ $_.Length -gt 1 })] [string]$Certkey, [Parameter(ParameterSetName = 'Count', Mandatory)] [Switch]$Count, [hashtable]$Filter = @{ }, [Parameter(ParameterSetName = 'GetAll')] [Switch]$GetAll ) begin { Write-Verbose "Invoke-ADCGetSslcertkeysslprofilebinding: Beginning" } process { try { if ( $PsCmdlet.ParameterSetName -eq 'GetAll' ) { $query = @{ bulkbindings = 'yes' } Write-Verbose "Retrieving all sslcertkey_sslprofile_binding objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcertkey_sslprofile_binding -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'Count' ) { if ( $PSBoundParameters.ContainsKey('Count') ) { $query = @{ 'count' = 'yes' } } Write-Verbose "Retrieving total count for sslcertkey_sslprofile_binding objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcertkey_sslprofile_binding -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByArgument' ) { Write-Verbose "Retrieving sslcertkey_sslprofile_binding objects by arguments" $arguments = @{ } $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcertkey_sslprofile_binding -NitroPath nitro/v1/config -Arguments $arguments -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByResource' ) { Write-Verbose "Retrieving sslcertkey_sslprofile_binding configuration for property 'certkey'" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcertkey_sslprofile_binding -NitroPath nitro/v1/config -Resource $certkey -Summary:$ViewSummary -Filter $Filter -GetWarning } else { Write-Verbose "Retrieving sslcertkey_sslprofile_binding configuration objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcertkey_sslprofile_binding -NitroPath nitro/v1/config -Summary:$ViewSummary -Query $query -Filter $Filter -GetWarning } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" $response = $null } Write-Output $response } end { Write-Verbose "Invoke-ADCGetSslcertkeysslprofilebinding: Ended" } } function Invoke-ADCGetSslcertkeysslvserverbinding { <# .SYNOPSIS Get SSL configuration object(s). .DESCRIPTION Binding object showing the sslvserver that can be bound to sslcertkey. .PARAMETER Certkey Name of the certificate-key pair. .PARAMETER GetAll Retrieve all sslcertkey_sslvserver_binding object(s). .PARAMETER Count If specified, the count of the sslcertkey_sslvserver_binding object(s) will be returned. .PARAMETER Filter Specify a filter. -Filter @{ 'name'='<value>' } .PARAMETER ViewSummary When specified, only a summary of information is returned. .EXAMPLE PS C:\>Invoke-ADCGetSslcertkeysslvserverbinding Get data. .EXAMPLE PS C:\>Invoke-ADCGetSslcertkeysslvserverbinding -GetAll Get all sslcertkey_sslvserver_binding data. .EXAMPLE PS C:\>Invoke-ADCGetSslcertkeysslvserverbinding -Count Get the number of sslcertkey_sslvserver_binding objects. .EXAMPLE PS C:\>Invoke-ADCGetSslcertkeysslvserverbinding -name <string> Get sslcertkey_sslvserver_binding object by specifying for example the name. .EXAMPLE PS C:\>Invoke-ADCGetSslcertkeysslvserverbinding -Filter @{ 'name'='<value>' } Get sslcertkey_sslvserver_binding data with a filter. .NOTES File Name : Invoke-ADCGetSslcertkeysslvserverbinding Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslcertkey_sslvserver_binding/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(DefaultParameterSetName = "GetAll")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(ParameterSetName = 'GetByResource')] [ValidateScript({ $_.Length -gt 1 })] [string]$Certkey, [Parameter(ParameterSetName = 'Count', Mandatory)] [Switch]$Count, [hashtable]$Filter = @{ }, [Parameter(ParameterSetName = 'GetAll')] [Switch]$GetAll ) begin { Write-Verbose "Invoke-ADCGetSslcertkeysslvserverbinding: Beginning" } process { try { if ( $PsCmdlet.ParameterSetName -eq 'GetAll' ) { $query = @{ bulkbindings = 'yes' } Write-Verbose "Retrieving all sslcertkey_sslvserver_binding objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcertkey_sslvserver_binding -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'Count' ) { if ( $PSBoundParameters.ContainsKey('Count') ) { $query = @{ 'count' = 'yes' } } Write-Verbose "Retrieving total count for sslcertkey_sslvserver_binding objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcertkey_sslvserver_binding -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByArgument' ) { Write-Verbose "Retrieving sslcertkey_sslvserver_binding objects by arguments" $arguments = @{ } $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcertkey_sslvserver_binding -NitroPath nitro/v1/config -Arguments $arguments -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByResource' ) { Write-Verbose "Retrieving sslcertkey_sslvserver_binding configuration for property 'certkey'" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcertkey_sslvserver_binding -NitroPath nitro/v1/config -Resource $certkey -Summary:$ViewSummary -Filter $Filter -GetWarning } else { Write-Verbose "Retrieving sslcertkey_sslvserver_binding configuration objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcertkey_sslvserver_binding -NitroPath nitro/v1/config -Summary:$ViewSummary -Query $query -Filter $Filter -GetWarning } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" $response = $null } Write-Output $response } end { Write-Verbose "Invoke-ADCGetSslcertkeysslvserverbinding: Ended" } } function Invoke-ADCGetSslcertlink { <# .SYNOPSIS Get SSL configuration object(s). .DESCRIPTION Configuration for linked certificate resource. .PARAMETER GetAll Retrieve all sslcertlink object(s). .PARAMETER Count If specified, the count of the sslcertlink object(s) will be returned. .PARAMETER Filter Specify a filter. -Filter @{ 'name'='<value>' } .PARAMETER ViewSummary When specified, only a summary of information is returned. .EXAMPLE PS C:\>Invoke-ADCGetSslcertlink Get data. .EXAMPLE PS C:\>Invoke-ADCGetSslcertlink -GetAll Get all sslcertlink data. .EXAMPLE PS C:\>Invoke-ADCGetSslcertlink -Count Get the number of sslcertlink objects. .EXAMPLE PS C:\>Invoke-ADCGetSslcertlink -name <string> Get sslcertlink object by specifying for example the name. .EXAMPLE PS C:\>Invoke-ADCGetSslcertlink -Filter @{ 'name'='<value>' } Get sslcertlink data with a filter. .NOTES File Name : Invoke-ADCGetSslcertlink Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslcertlink/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(DefaultParameterSetName = "GetAll")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(ParameterSetName = 'Count', Mandatory)] [Switch]$Count, [hashtable]$Filter = @{ }, [Parameter(ParameterSetName = 'GetAll')] [Switch]$GetAll, [Parameter(ParameterSetName = 'GetAll')] [Switch]$ViewSummary ) begin { Write-Verbose "Invoke-ADCGetSslcertlink: Beginning" } process { try { if ( $PsCmdlet.ParameterSetName -eq 'GetAll' ) { $query = @{ } Write-Verbose "Retrieving all sslcertlink objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcertlink -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'Count' ) { if ( $PSBoundParameters.ContainsKey('Count') ) { $query = @{ 'count' = 'yes' } } Write-Verbose "Retrieving total count for sslcertlink objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcertlink -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByArgument' ) { Write-Verbose "Retrieving sslcertlink objects by arguments" $arguments = @{ } $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcertlink -NitroPath nitro/v1/config -Arguments $arguments -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByResource' ) { Write-Verbose "Retrieving sslcertlink configuration for property ''" } else { Write-Verbose "Retrieving sslcertlink configuration objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcertlink -NitroPath nitro/v1/config -Summary:$ViewSummary -Query $query -Filter $Filter -GetWarning } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" $response = $null } Write-Output $response } end { Write-Verbose "Invoke-ADCGetSslcertlink: Ended" } } function Invoke-ADCCreateSslcertreq { <# .SYNOPSIS Create SSL configuration Object. .DESCRIPTION Configuration for certificate request resource. .PARAMETER Reqfile Name for and, optionally, path to the certificate signing request (CSR). /nsconfig/ssl/ is the default path. .PARAMETER Keyfile Name of and, optionally, path to the private key used to create the certificate signing request, which then becomes part of the certificate-key pair. The private key can be either an RSA or a DSA key. The key must be present in the appliance's local storage. /nsconfig/ssl is the default path. .PARAMETER Subjectaltname Subject Alternative Name (SAN) is an extension to X.509 that allows various values to be associated with a security certificate using a subjectAltName field. These values are called "Subject Alternative Names" (SAN). Names include: 1. Email addresses 2. IP addresses 3. URIs 4. DNS names (this is usually also provided as the Common Name RDN within the Subject field of the main certificate.) 5. Directory names (alternative Distinguished Names to that given in the Subject). .PARAMETER Fipskeyname Name of the FIPS key used to create the certificate signing request. FIPS keys are created inside the Hardware Security Module of the FIPS card. .PARAMETER Keyform Format in which the key is stored on the appliance. Possible values = DER, PEM .PARAMETER Pempassphrase . .PARAMETER Countryname Two letter ISO code for your country. For example, US for United States. .PARAMETER Statename Full name of the state or province where your organization is located. Do not abbreviate. .PARAMETER Organizationname Name of the organization that will use this certificate. The organization name (corporation, limited partnership, university, or government agency) must be registered with some authority at the national, state, or city level. Use the legal name under which the organization is registered. Do not abbreviate the organization name and do not use the following characters in the name: Angle brackets (< >) tilde (~), exclamation mark, at (@), pound (#), zero (0), caret (^), asterisk (*), forward slash (/), square brackets ([ ]), question mark (?). .PARAMETER Organizationunitname Name of the division or section in the organization that will use the certificate. .PARAMETER Localityname Name of the city or town in which your organization's head office is located. .PARAMETER Commonname Fully qualified domain name for the company or web site. The common name must match the name used by DNS servers to do a DNS lookup of your server. Most browsers use this information for authenticating the server's certificate during the SSL handshake. If the server name in the URL does not match the common name as given in the server certificate, the browser terminates the SSL handshake or prompts the user with a warning message. Do not use wildcard characters, such as asterisk (*) or question mark (?), and do not use an IP address as the common name. The common name must not contain the protocol specifier <http://> or <https://>. .PARAMETER Emailaddress Contact person's e-mail address. This address is publically displayed as part of the certificate. Provide an e-mail address that is monitored by an administrator who can be contacted about the certificate. .PARAMETER Challengepassword Pass phrase, embedded in the certificate signing request that is shared only between the client or server requesting the certificate and the SSL certificate issuer (typically the certificate authority). This pass phrase can be used to authenticate a client or server that is requesting a certificate from the certificate authority. .PARAMETER Companyname Additional name for the company or web site. .PARAMETER Digestmethod Digest algorithm used in creating CSR. Possible values = SHA1, SHA256 .EXAMPLE PS C:\>Invoke-ADCCreateSslcertreq -reqfile <string> -countryname <string> -statename <string> -organizationname <string> An example how to create sslcertreq configuration Object(s). .NOTES File Name : Invoke-ADCCreateSslcertreq Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslcertreq/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(Mandatory)] [string]$Reqfile, [string]$Keyfile, [ValidateScript({ $_.Length -gt 1 })] [string]$Subjectaltname, [ValidateLength(1, 31)] [string]$Fipskeyname, [ValidateSet('DER', 'PEM')] [string]$Keyform, [ValidateLength(1, 31)] [string]$Pempassphrase, [Parameter(Mandatory)] [ValidateLength(2, 2)] [string]$Countryname, [Parameter(Mandatory)] [ValidateScript({ $_.Length -gt 1 })] [string]$Statename, [Parameter(Mandatory)] [ValidateScript({ $_.Length -gt 1 })] [string]$Organizationname, [ValidateScript({ $_.Length -gt 1 })] [string]$Organizationunitname, [ValidateScript({ $_.Length -gt 1 })] [string]$Localityname, [ValidateScript({ $_.Length -gt 1 })] [string]$Commonname, [ValidateScript({ $_.Length -gt 1 })] [string]$Emailaddress, [ValidateScript({ $_.Length -gt 1 })] [string]$Challengepassword, [ValidateScript({ $_.Length -gt 1 })] [string]$Companyname, [ValidateSet('SHA1', 'SHA256')] [string]$Digestmethod ) begin { Write-Verbose "Invoke-ADCCreateSslcertreq: Starting" } process { try { $payload = @{ reqfile = $reqfile countryname = $countryname statename = $statename organizationname = $organizationname } if ( $PSBoundParameters.ContainsKey('keyfile') ) { $payload.Add('keyfile', $keyfile) } if ( $PSBoundParameters.ContainsKey('subjectaltname') ) { $payload.Add('subjectaltname', $subjectaltname) } if ( $PSBoundParameters.ContainsKey('fipskeyname') ) { $payload.Add('fipskeyname', $fipskeyname) } if ( $PSBoundParameters.ContainsKey('keyform') ) { $payload.Add('keyform', $keyform) } if ( $PSBoundParameters.ContainsKey('pempassphrase') ) { $payload.Add('pempassphrase', $pempassphrase) } if ( $PSBoundParameters.ContainsKey('organizationunitname') ) { $payload.Add('organizationunitname', $organizationunitname) } if ( $PSBoundParameters.ContainsKey('localityname') ) { $payload.Add('localityname', $localityname) } if ( $PSBoundParameters.ContainsKey('commonname') ) { $payload.Add('commonname', $commonname) } if ( $PSBoundParameters.ContainsKey('emailaddress') ) { $payload.Add('emailaddress', $emailaddress) } if ( $PSBoundParameters.ContainsKey('challengepassword') ) { $payload.Add('challengepassword', $challengepassword) } if ( $PSBoundParameters.ContainsKey('companyname') ) { $payload.Add('companyname', $companyname) } if ( $PSBoundParameters.ContainsKey('digestmethod') ) { $payload.Add('digestmethod', $digestmethod) } if ( $PSCmdlet.ShouldProcess($Name, "Create SSL configuration Object") ) { $result = Invoke-ADCNitroApi -ADCSession $ADCSession -Method POST -NitroPath nitro/v1/config -Type sslcertreq -Action create -Payload $payload -GetWarning #HTTP Status Code on Success: 200 OK #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error Write-Output $result } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCCreateSslcertreq: Finished" } } function Invoke-ADCAddSslcipher { <# .SYNOPSIS Add SSL configuration Object. .DESCRIPTION Configuration for cipher resource. .PARAMETER Ciphergroupname Name for the user-defined cipher group. Must begin with an ASCII alphanumeric or underscore (_) character, and must contain only ASCII alphanumeric, underscore, hash (#), period (.), space, colon (:), at (@), equals (=), and hyphen (-) characters. Cannot be changed after the cipher group is created. .PARAMETER Ciphgrpalias The individual cipher name(s), a user-defined cipher group, or a system predefined cipher alias that will be added to the predefined cipher alias that will be added to the group cipherGroupName. If a cipher alias or a cipher group is specified, all the individual ciphers in the cipher alias or group will be added to the user-defined cipher group. .PARAMETER PassThru Return details about the created sslcipher item. .EXAMPLE PS C:\>Invoke-ADCAddSslcipher -ciphergroupname <string> An example how to add sslcipher configuration Object(s). .NOTES File Name : Invoke-ADCAddSslcipher Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslcipher/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(Mandatory)] [ValidateScript({ $_.Length -gt 1 })] [ValidatePattern('^(([a-zA-Z0-9]|[_])+([a-zA-Z0-9]|[_])+)$')] [string]$Ciphergroupname, [ValidateScript({ $_.Length -gt 1 })] [string]$Ciphgrpalias, [Switch]$PassThru ) begin { Write-Verbose "Invoke-ADCAddSslcipher: Starting" } process { try { $payload = @{ ciphergroupname = $ciphergroupname } if ( $PSBoundParameters.ContainsKey('ciphgrpalias') ) { $payload.Add('ciphgrpalias', $ciphgrpalias) } if ( $PSCmdlet.ShouldProcess("sslcipher", "Add SSL configuration Object") ) { $result = Invoke-ADCNitroApi -ADCSession $ADCSession -Method POST -NitroPath nitro/v1/config -Type sslcipher -Payload $payload -GetWarning #HTTP Status Code on Success: 201 Created #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error if ( $PSBoundParameters.ContainsKey('PassThru') ) { Write-Output (Invoke-ADCGetSslcipher -Filter $payload) } else { Write-Output $result } } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCAddSslcipher: Finished" } } function Invoke-ADCUpdateSslcipher { <# .SYNOPSIS Update SSL configuration Object. .DESCRIPTION Configuration for cipher resource. .PARAMETER Ciphergroupname Name for the user-defined cipher group. Must begin with an ASCII alphanumeric or underscore (_) character, and must contain only ASCII alphanumeric, underscore, hash (#), period (.), space, colon (:), at (@), equals (=), and hyphen (-) characters. Cannot be changed after the cipher group is created. .PARAMETER Ciphername Cipher name. .PARAMETER Cipherpriority This indicates priority assigned to the particular cipher. .PARAMETER PassThru Return details about the created sslcipher item. .EXAMPLE PS C:\>Invoke-ADCUpdateSslcipher -ciphergroupname <string> An example how to update sslcipher configuration Object(s). .NOTES File Name : Invoke-ADCUpdateSslcipher Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslcipher/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(Mandatory)] [ValidateScript({ $_.Length -gt 1 })] [ValidatePattern('^(([a-zA-Z0-9]|[_])+([a-zA-Z0-9]|[_])+)$')] [string]$Ciphergroupname, [string]$Ciphername, [double]$Cipherpriority, [Switch]$PassThru ) begin { Write-Verbose "Invoke-ADCUpdateSslcipher: Starting" } process { try { $payload = @{ ciphergroupname = $ciphergroupname } if ( $PSBoundParameters.ContainsKey('ciphername') ) { $payload.Add('ciphername', $ciphername) } if ( $PSBoundParameters.ContainsKey('cipherpriority') ) { $payload.Add('cipherpriority', $cipherpriority) } if ( $PSCmdlet.ShouldProcess("sslcipher", "Update SSL configuration Object") ) { $result = Invoke-ADCNitroApi -ADCSession $ADCSession -Method PUT -NitroPath nitro/v1/config -Type sslcipher -Payload $payload -GetWarning #HTTP Status Code on Success: 200 OK #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error if ( $PSBoundParameters.ContainsKey('PassThru') ) { Write-Output (Invoke-ADCGetSslcipher -Filter $payload) } else { Write-Output $result } } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCUpdateSslcipher: Finished" } } function Invoke-ADCUnsetSslcipher { <# .SYNOPSIS Unset SSL configuration Object. .DESCRIPTION Configuration for cipher resource. .PARAMETER Ciphergroupname Name for the user-defined cipher group. Must begin with an ASCII alphanumeric or underscore (_) character, and must contain only ASCII alphanumeric, underscore, hash (#), period (.), space, colon (:), at (@), equals (=), and hyphen (-) characters. Cannot be changed after the cipher group is created. .PARAMETER Ciphername Cipher name. .PARAMETER Cipherpriority This indicates priority assigned to the particular cipher. .EXAMPLE PS C:\>Invoke-ADCUnsetSslcipher -ciphergroupname <string> An example how to unset sslcipher configuration Object(s). .NOTES File Name : Invoke-ADCUnsetSslcipher Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslcipher Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [ValidateScript({ $_.Length -gt 1 })] [ValidatePattern('^(([a-zA-Z0-9]|[_])+([a-zA-Z0-9]|[_])+)$')] [string]$Ciphergroupname, [Boolean]$ciphername, [Boolean]$cipherpriority ) begin { Write-Verbose "Invoke-ADCUnsetSslcipher: Starting" } process { try { $payload = @{ ciphergroupname = $ciphergroupname } if ( $PSBoundParameters.ContainsKey('ciphername') ) { $payload.Add('ciphername', $ciphername) } if ( $PSBoundParameters.ContainsKey('cipherpriority') ) { $payload.Add('cipherpriority', $cipherpriority) } if ( $PSCmdlet.ShouldProcess("$ciphergroupname", "Unset SSL configuration Object") ) { $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method POST -Type sslcipher -NitroPath nitro/v1/config -Action unset -Payload $payload -GetWarning #HTTP Status Code on Success: 200 OK #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error Write-Output $response } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCUnsetSslcipher: Finished" } } function Invoke-ADCDeleteSslcipher { <# .SYNOPSIS Delete SSL configuration Object. .DESCRIPTION Configuration for cipher resource. .PARAMETER Ciphergroupname Name for the user-defined cipher group. Must begin with an ASCII alphanumeric or underscore (_) character, and must contain only ASCII alphanumeric, underscore, hash (#), period (.), space, colon (:), at (@), equals (=), and hyphen (-) characters. Cannot be changed after the cipher group is created. .PARAMETER Ciphername Cipher name. .EXAMPLE PS C:\>Invoke-ADCDeleteSslcipher -Ciphergroupname <string> An example how to delete sslcipher configuration Object(s). .NOTES File Name : Invoke-ADCDeleteSslcipher Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslcipher/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(Mandatory)] [string]$Ciphergroupname, [string]$Ciphername ) begin { Write-Verbose "Invoke-ADCDeleteSslcipher: Starting" } process { try { $arguments = @{ } if ( $PSBoundParameters.ContainsKey('Ciphername') ) { $arguments.Add('ciphername', $Ciphername) } if ( $PSCmdlet.ShouldProcess("$ciphergroupname", "Delete SSL configuration Object") ) { $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method DELETE -Type sslcipher -NitroPath nitro/v1/config -Resource $ciphergroupname -Arguments $arguments #HTTP Status Code on Success: 200 OK #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error Write-Output $response } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCDeleteSslcipher: Finished" } } function Invoke-ADCGetSslcipher { <# .SYNOPSIS Get SSL configuration object(s). .DESCRIPTION Configuration for cipher resource. .PARAMETER Ciphergroupname Name for the user-defined cipher group. Must begin with an ASCII alphanumeric or underscore (_) character, and must contain only ASCII alphanumeric, underscore, hash (#), period (.), space, colon (:), at (@), equals (=), and hyphen (-) characters. Cannot be changed after the cipher group is created. .PARAMETER GetAll Retrieve all sslcipher object(s). .PARAMETER Count If specified, the count of the sslcipher object(s) will be returned. .PARAMETER Filter Specify a filter. -Filter @{ 'name'='<value>' } .PARAMETER ViewSummary When specified, only a summary of information is returned. .EXAMPLE PS C:\>Invoke-ADCGetSslcipher Get data. .EXAMPLE PS C:\>Invoke-ADCGetSslcipher -GetAll Get all sslcipher data. .EXAMPLE PS C:\>Invoke-ADCGetSslcipher -Count Get the number of sslcipher objects. .EXAMPLE PS C:\>Invoke-ADCGetSslcipher -name <string> Get sslcipher object by specifying for example the name. .EXAMPLE PS C:\>Invoke-ADCGetSslcipher -Filter @{ 'name'='<value>' } Get sslcipher data with a filter. .NOTES File Name : Invoke-ADCGetSslcipher Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslcipher/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(DefaultParameterSetName = "GetAll")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(ParameterSetName = 'GetByResource')] [ValidateScript({ $_.Length -gt 1 })] [ValidatePattern('^(([a-zA-Z0-9]|[_])+([a-zA-Z0-9]|[_])+)$')] [string]$Ciphergroupname, [Parameter(ParameterSetName = 'Count', Mandatory)] [Switch]$Count, [hashtable]$Filter = @{ }, [Parameter(ParameterSetName = 'GetAll')] [Switch]$GetAll, [Parameter(ParameterSetName = 'GetAll')] [Parameter(ParameterSetName = 'Get')] [Switch]$ViewSummary ) begin { Write-Verbose "Invoke-ADCGetSslcipher: Beginning" } process { try { if ( $PsCmdlet.ParameterSetName -eq 'GetAll' ) { $query = @{ } Write-Verbose "Retrieving all sslcipher objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcipher -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'Count' ) { if ( $PSBoundParameters.ContainsKey('Count') ) { $query = @{ 'count' = 'yes' } } Write-Verbose "Retrieving total count for sslcipher objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcipher -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByArgument' ) { Write-Verbose "Retrieving sslcipher objects by arguments" $arguments = @{ } $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcipher -NitroPath nitro/v1/config -Arguments $arguments -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByResource' ) { Write-Verbose "Retrieving sslcipher configuration for property 'ciphergroupname'" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcipher -NitroPath nitro/v1/config -Resource $ciphergroupname -Summary:$ViewSummary -Filter $Filter -GetWarning } else { Write-Verbose "Retrieving sslcipher configuration objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcipher -NitroPath nitro/v1/config -Summary:$ViewSummary -Query $query -Filter $Filter -GetWarning } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" $response = $null } Write-Output $response } end { Write-Verbose "Invoke-ADCGetSslcipher: Ended" } } function Invoke-ADCGetSslciphersuite { <# .SYNOPSIS Get SSL configuration object(s). .DESCRIPTION Configuration for ciphersuite resource. .PARAMETER Ciphername Name of the cipher suite for which to show detailed information. .PARAMETER GetAll Retrieve all sslciphersuite object(s). .PARAMETER Count If specified, the count of the sslciphersuite object(s) will be returned. .PARAMETER Filter Specify a filter. -Filter @{ 'name'='<value>' } .PARAMETER ViewSummary When specified, only a summary of information is returned. .EXAMPLE PS C:\>Invoke-ADCGetSslciphersuite Get data. .EXAMPLE PS C:\>Invoke-ADCGetSslciphersuite -GetAll Get all sslciphersuite data. .EXAMPLE PS C:\>Invoke-ADCGetSslciphersuite -Count Get the number of sslciphersuite objects. .EXAMPLE PS C:\>Invoke-ADCGetSslciphersuite -name <string> Get sslciphersuite object by specifying for example the name. .EXAMPLE PS C:\>Invoke-ADCGetSslciphersuite -Filter @{ 'name'='<value>' } Get sslciphersuite data with a filter. .NOTES File Name : Invoke-ADCGetSslciphersuite Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslciphersuite/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(DefaultParameterSetName = "GetAll")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(ParameterSetName = 'GetByResource')] [string]$Ciphername, [Parameter(ParameterSetName = 'Count', Mandatory)] [Switch]$Count, [hashtable]$Filter = @{ }, [Parameter(ParameterSetName = 'GetAll')] [Switch]$GetAll, [Parameter(ParameterSetName = 'GetAll')] [Parameter(ParameterSetName = 'Get')] [Switch]$ViewSummary ) begin { Write-Verbose "Invoke-ADCGetSslciphersuite: Beginning" } process { try { if ( $PsCmdlet.ParameterSetName -eq 'GetAll' ) { $query = @{ } Write-Verbose "Retrieving all sslciphersuite objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslciphersuite -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'Count' ) { if ( $PSBoundParameters.ContainsKey('Count') ) { $query = @{ 'count' = 'yes' } } Write-Verbose "Retrieving total count for sslciphersuite objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslciphersuite -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByArgument' ) { Write-Verbose "Retrieving sslciphersuite objects by arguments" $arguments = @{ } $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslciphersuite -NitroPath nitro/v1/config -Arguments $arguments -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByResource' ) { Write-Verbose "Retrieving sslciphersuite configuration for property 'ciphername'" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslciphersuite -NitroPath nitro/v1/config -Resource $ciphername -Summary:$ViewSummary -Filter $Filter -GetWarning } else { Write-Verbose "Retrieving sslciphersuite configuration objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslciphersuite -NitroPath nitro/v1/config -Summary:$ViewSummary -Query $query -Filter $Filter -GetWarning } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" $response = $null } Write-Output $response } end { Write-Verbose "Invoke-ADCGetSslciphersuite: Ended" } } function Invoke-ADCGetSslcipherbinding { <# .SYNOPSIS Get SSL configuration object(s). .DESCRIPTION Binding object which returns the resources bound to sslcipher. .PARAMETER Ciphergroupname Name of the cipher group for which to show detailed information. .PARAMETER GetAll Retrieve all sslcipher_binding object(s). .PARAMETER Count If specified, the count of the sslcipher_binding object(s) will be returned. .PARAMETER Filter Specify a filter. -Filter @{ 'name'='<value>' } .PARAMETER ViewSummary When specified, only a summary of information is returned. .EXAMPLE PS C:\>Invoke-ADCGetSslcipherbinding Get data. .EXAMPLE PS C:\>Invoke-ADCGetSslcipherbinding -GetAll Get all sslcipher_binding data. .EXAMPLE PS C:\>Invoke-ADCGetSslcipherbinding -name <string> Get sslcipher_binding object by specifying for example the name. .EXAMPLE PS C:\>Invoke-ADCGetSslcipherbinding -Filter @{ 'name'='<value>' } Get sslcipher_binding data with a filter. .NOTES File Name : Invoke-ADCGetSslcipherbinding Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslcipher_binding/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(DefaultParameterSetName = "GetAll")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(ParameterSetName = 'GetByResource')] [ValidateScript({ $_.Length -gt 1 })] [string]$Ciphergroupname, [hashtable]$Filter = @{ }, [Parameter(ParameterSetName = 'GetAll')] [Switch]$GetAll ) begin { Write-Verbose "Invoke-ADCGetSslcipherbinding: Beginning" } process { try { if ( $PsCmdlet.ParameterSetName -eq 'GetAll' ) { $query = @{ bulkbindings = 'yes' } Write-Verbose "Retrieving all sslcipher_binding objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcipher_binding -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'Count' ) { if ( $PSBoundParameters.ContainsKey('Count') ) { $query = @{ 'count' = 'yes' } } Write-Verbose "Retrieving total count for sslcipher_binding objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcipher_binding -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByArgument' ) { Write-Verbose "Retrieving sslcipher_binding objects by arguments" $arguments = @{ } $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcipher_binding -NitroPath nitro/v1/config -Arguments $arguments -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByResource' ) { Write-Verbose "Retrieving sslcipher_binding configuration for property 'ciphergroupname'" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcipher_binding -NitroPath nitro/v1/config -Resource $ciphergroupname -Summary:$ViewSummary -Filter $Filter -GetWarning } else { Write-Verbose "Retrieving sslcipher_binding configuration objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcipher_binding -NitroPath nitro/v1/config -Summary:$ViewSummary -Query $query -Filter $Filter -GetWarning } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" $response = $null } Write-Output $response } end { Write-Verbose "Invoke-ADCGetSslcipherbinding: Ended" } } function Invoke-ADCGetSslcipherindividualcipherbinding { <# .SYNOPSIS Get SSL configuration object(s). .DESCRIPTION Binding object showing the individualcipher that can be bound to sslcipher. .PARAMETER Ciphergroupname Name of the user-defined cipher group. .PARAMETER GetAll Retrieve all sslcipher_individualcipher_binding object(s). .PARAMETER Count If specified, the count of the sslcipher_individualcipher_binding object(s) will be returned. .PARAMETER Filter Specify a filter. -Filter @{ 'name'='<value>' } .PARAMETER ViewSummary When specified, only a summary of information is returned. .EXAMPLE PS C:\>Invoke-ADCGetSslcipherindividualcipherbinding Get data. .EXAMPLE PS C:\>Invoke-ADCGetSslcipherindividualcipherbinding -GetAll Get all sslcipher_individualcipher_binding data. .EXAMPLE PS C:\>Invoke-ADCGetSslcipherindividualcipherbinding -Count Get the number of sslcipher_individualcipher_binding objects. .EXAMPLE PS C:\>Invoke-ADCGetSslcipherindividualcipherbinding -name <string> Get sslcipher_individualcipher_binding object by specifying for example the name. .EXAMPLE PS C:\>Invoke-ADCGetSslcipherindividualcipherbinding -Filter @{ 'name'='<value>' } Get sslcipher_individualcipher_binding data with a filter. .NOTES File Name : Invoke-ADCGetSslcipherindividualcipherbinding Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslcipher_individualcipher_binding/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(DefaultParameterSetName = "GetAll")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(ParameterSetName = 'GetByResource')] [ValidateScript({ $_.Length -gt 1 })] [string]$Ciphergroupname, [Parameter(ParameterSetName = 'Count', Mandatory)] [Switch]$Count, [hashtable]$Filter = @{ }, [Parameter(ParameterSetName = 'GetAll')] [Switch]$GetAll ) begin { Write-Verbose "Invoke-ADCGetSslcipherindividualcipherbinding: Beginning" } process { try { if ( $PsCmdlet.ParameterSetName -eq 'GetAll' ) { $query = @{ bulkbindings = 'yes' } Write-Verbose "Retrieving all sslcipher_individualcipher_binding objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcipher_individualcipher_binding -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'Count' ) { if ( $PSBoundParameters.ContainsKey('Count') ) { $query = @{ 'count' = 'yes' } } Write-Verbose "Retrieving total count for sslcipher_individualcipher_binding objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcipher_individualcipher_binding -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByArgument' ) { Write-Verbose "Retrieving sslcipher_individualcipher_binding objects by arguments" $arguments = @{ } $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcipher_individualcipher_binding -NitroPath nitro/v1/config -Arguments $arguments -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByResource' ) { Write-Verbose "Retrieving sslcipher_individualcipher_binding configuration for property 'ciphergroupname'" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcipher_individualcipher_binding -NitroPath nitro/v1/config -Resource $ciphergroupname -Summary:$ViewSummary -Filter $Filter -GetWarning } else { Write-Verbose "Retrieving sslcipher_individualcipher_binding configuration objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcipher_individualcipher_binding -NitroPath nitro/v1/config -Summary:$ViewSummary -Query $query -Filter $Filter -GetWarning } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" $response = $null } Write-Output $response } end { Write-Verbose "Invoke-ADCGetSslcipherindividualcipherbinding: Ended" } } function Invoke-ADCAddSslciphersslciphersuitebinding { <# .SYNOPSIS Add SSL configuration Object. .DESCRIPTION Binding object showing the sslciphersuite that can be bound to sslcipher. .PARAMETER Ciphergroupname Name for the user-defined cipher group. Must begin with an ASCII alphanumeric or underscore (_) character, and must contain only ASCII alphanumeric, underscore, hash (#), period (.), space, colon (:), at (@), equals (=), and hyphen (-) characters. Cannot be changed after the cipher group is created. .PARAMETER Cipheroperation The operation that is performed when adding the cipher-suite. Possible cipher operations are: ADD - Appends the given cipher-suite to the existing one configured for the virtual server. REM - Removes the given cipher-suite from the existing one configured for the virtual server. ORD - Overrides the current configured cipher-suite for the virtual server with the given cipher-suite. Possible values = ADD, REM, ORD .PARAMETER Ciphgrpals A cipher-suite can consist of an individual cipher name, the system predefined cipher-alias name, or user defined cipher-group name. .PARAMETER Ciphername Cipher name. .PARAMETER Cipherpriority This indicates priority assigned to the particular cipher. .PARAMETER PassThru Return details about the created sslcipher_sslciphersuite_binding item. .EXAMPLE PS C:\>Invoke-ADCAddSslciphersslciphersuitebinding An example how to add sslcipher_sslciphersuite_binding configuration Object(s). .NOTES File Name : Invoke-ADCAddSslciphersslciphersuitebinding Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslcipher_sslciphersuite_binding/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [ValidateScript({ $_.Length -gt 1 })] [ValidatePattern('^(([a-zA-Z0-9]|[_])+([a-zA-Z0-9]|[_])+)$')] [string]$Ciphergroupname, [ValidateSet('ADD', 'REM', 'ORD')] [string]$Cipheroperation = '0', [ValidateScript({ $_.Length -gt 1 })] [string]$Ciphgrpals, [string]$Ciphername, [double]$Cipherpriority, [Switch]$PassThru ) begin { Write-Verbose "Invoke-ADCAddSslciphersslciphersuitebinding: Starting" } process { try { $payload = @{ } if ( $PSBoundParameters.ContainsKey('ciphergroupname') ) { $payload.Add('ciphergroupname', $ciphergroupname) } if ( $PSBoundParameters.ContainsKey('cipheroperation') ) { $payload.Add('cipheroperation', $cipheroperation) } if ( $PSBoundParameters.ContainsKey('ciphgrpals') ) { $payload.Add('ciphgrpals', $ciphgrpals) } if ( $PSBoundParameters.ContainsKey('ciphername') ) { $payload.Add('ciphername', $ciphername) } if ( $PSBoundParameters.ContainsKey('cipherpriority') ) { $payload.Add('cipherpriority', $cipherpriority) } if ( $PSCmdlet.ShouldProcess("sslcipher_sslciphersuite_binding", "Add SSL configuration Object") ) { $result = Invoke-ADCNitroApi -ADCSession $ADCSession -Method PUT -NitroPath nitro/v1/config -Type sslcipher_sslciphersuite_binding -Payload $payload -GetWarning #HTTP Status Code on Success: 201 Created #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error if ( $PSBoundParameters.ContainsKey('PassThru') ) { Write-Output (Invoke-ADCGetSslciphersslciphersuitebinding -Filter $payload) } else { Write-Output $result } } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCAddSslciphersslciphersuitebinding: Finished" } } function Invoke-ADCDeleteSslciphersslciphersuitebinding { <# .SYNOPSIS Delete SSL configuration Object. .DESCRIPTION Binding object showing the sslciphersuite that can be bound to sslcipher. .PARAMETER Ciphergroupname Name for the user-defined cipher group. Must begin with an ASCII alphanumeric or underscore (_) character, and must contain only ASCII alphanumeric, underscore, hash (#), period (.), space, colon (:), at (@), equals (=), and hyphen (-) characters. Cannot be changed after the cipher group is created. .PARAMETER Ciphername Cipher name. .EXAMPLE PS C:\>Invoke-ADCDeleteSslciphersslciphersuitebinding An example how to delete sslcipher_sslciphersuite_binding configuration Object(s). .NOTES File Name : Invoke-ADCDeleteSslciphersslciphersuitebinding Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslcipher_sslciphersuite_binding/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [string]$Ciphergroupname, [string]$Ciphername ) begin { Write-Verbose "Invoke-ADCDeleteSslciphersslciphersuitebinding: Starting" } process { try { $arguments = @{ } if ( $PSBoundParameters.ContainsKey('Ciphergroupname') ) { $arguments.Add('ciphergroupname', $Ciphergroupname) } if ( $PSBoundParameters.ContainsKey('Ciphername') ) { $arguments.Add('ciphername', $Ciphername) } if ( $PSCmdlet.ShouldProcess("sslcipher_sslciphersuite_binding", "Delete SSL configuration Object") ) { $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method DELETE -Type sslcipher_sslciphersuite_binding -NitroPath nitro/v1/config -Resource $ -Arguments $arguments #HTTP Status Code on Success: 200 OK #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error Write-Output $response } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCDeleteSslciphersslciphersuitebinding: Finished" } } function Invoke-ADCGetSslciphersslciphersuitebinding { <# .SYNOPSIS Get SSL configuration object(s). .DESCRIPTION Binding object showing the sslciphersuite that can be bound to sslcipher. .PARAMETER GetAll Retrieve all sslcipher_sslciphersuite_binding object(s). .PARAMETER Count If specified, the count of the sslcipher_sslciphersuite_binding object(s) will be returned. .PARAMETER Filter Specify a filter. -Filter @{ 'name'='<value>' } .PARAMETER ViewSummary When specified, only a summary of information is returned. .EXAMPLE PS C:\>Invoke-ADCGetSslciphersslciphersuitebinding Get data. .EXAMPLE PS C:\>Invoke-ADCGetSslciphersslciphersuitebinding -GetAll Get all sslcipher_sslciphersuite_binding data. .EXAMPLE PS C:\>Invoke-ADCGetSslciphersslciphersuitebinding -Count Get the number of sslcipher_sslciphersuite_binding objects. .EXAMPLE PS C:\>Invoke-ADCGetSslciphersslciphersuitebinding -name <string> Get sslcipher_sslciphersuite_binding object by specifying for example the name. .EXAMPLE PS C:\>Invoke-ADCGetSslciphersslciphersuitebinding -Filter @{ 'name'='<value>' } Get sslcipher_sslciphersuite_binding data with a filter. .NOTES File Name : Invoke-ADCGetSslciphersslciphersuitebinding Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslcipher_sslciphersuite_binding/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(DefaultParameterSetName = "GetAll")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [hashtable]$Filter = @{ }, [Parameter(ParameterSetName = 'GetAll')] [Switch]$GetAll ) begin { Write-Verbose "Invoke-ADCGetSslciphersslciphersuitebinding: Beginning" } process { try { if ( $PsCmdlet.ParameterSetName -eq 'GetAll' ) { $query = @{ bulkbindings = 'yes' } Write-Verbose "Retrieving all sslcipher_sslciphersuite_binding objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcipher_sslciphersuite_binding -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'Count' ) { if ( $PSBoundParameters.ContainsKey('Count') ) { $query = @{ 'count' = 'yes' } } Write-Verbose "Retrieving total count for sslcipher_sslciphersuite_binding objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcipher_sslciphersuite_binding -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByArgument' ) { Write-Verbose "Retrieving sslcipher_sslciphersuite_binding objects by arguments" $arguments = @{ } $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcipher_sslciphersuite_binding -NitroPath nitro/v1/config -Arguments $arguments -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByResource' ) { Write-Verbose "Retrieving sslcipher_sslciphersuite_binding configuration for property ''" } else { Write-Verbose "Retrieving sslcipher_sslciphersuite_binding configuration objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcipher_sslciphersuite_binding -NitroPath nitro/v1/config -Summary:$ViewSummary -Query $query -Filter $Filter -GetWarning } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" $response = $null } Write-Output $response } end { Write-Verbose "Invoke-ADCGetSslciphersslciphersuitebinding: Ended" } } function Invoke-ADCGetSslciphersslprofilebinding { <# .SYNOPSIS Get SSL configuration object(s). .DESCRIPTION Binding object showing the sslprofile that can be bound to sslcipher. .PARAMETER Ciphergroupname Name of the user-defined cipher group. .PARAMETER GetAll Retrieve all sslcipher_sslprofile_binding object(s). .PARAMETER Count If specified, the count of the sslcipher_sslprofile_binding object(s) will be returned. .PARAMETER Filter Specify a filter. -Filter @{ 'name'='<value>' } .PARAMETER ViewSummary When specified, only a summary of information is returned. .EXAMPLE PS C:\>Invoke-ADCGetSslciphersslprofilebinding Get data. .EXAMPLE PS C:\>Invoke-ADCGetSslciphersslprofilebinding -GetAll Get all sslcipher_sslprofile_binding data. .EXAMPLE PS C:\>Invoke-ADCGetSslciphersslprofilebinding -Count Get the number of sslcipher_sslprofile_binding objects. .EXAMPLE PS C:\>Invoke-ADCGetSslciphersslprofilebinding -name <string> Get sslcipher_sslprofile_binding object by specifying for example the name. .EXAMPLE PS C:\>Invoke-ADCGetSslciphersslprofilebinding -Filter @{ 'name'='<value>' } Get sslcipher_sslprofile_binding data with a filter. .NOTES File Name : Invoke-ADCGetSslciphersslprofilebinding Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslcipher_sslprofile_binding/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(DefaultParameterSetName = "GetAll")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(ParameterSetName = 'GetByResource')] [ValidateScript({ $_.Length -gt 1 })] [string]$Ciphergroupname, [Parameter(ParameterSetName = 'Count', Mandatory)] [Switch]$Count, [hashtable]$Filter = @{ }, [Parameter(ParameterSetName = 'GetAll')] [Switch]$GetAll ) begin { Write-Verbose "Invoke-ADCGetSslciphersslprofilebinding: Beginning" } process { try { if ( $PsCmdlet.ParameterSetName -eq 'GetAll' ) { $query = @{ bulkbindings = 'yes' } Write-Verbose "Retrieving all sslcipher_sslprofile_binding objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcipher_sslprofile_binding -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'Count' ) { if ( $PSBoundParameters.ContainsKey('Count') ) { $query = @{ 'count' = 'yes' } } Write-Verbose "Retrieving total count for sslcipher_sslprofile_binding objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcipher_sslprofile_binding -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByArgument' ) { Write-Verbose "Retrieving sslcipher_sslprofile_binding objects by arguments" $arguments = @{ } $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcipher_sslprofile_binding -NitroPath nitro/v1/config -Arguments $arguments -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByResource' ) { Write-Verbose "Retrieving sslcipher_sslprofile_binding configuration for property 'ciphergroupname'" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcipher_sslprofile_binding -NitroPath nitro/v1/config -Resource $ciphergroupname -Summary:$ViewSummary -Filter $Filter -GetWarning } else { Write-Verbose "Retrieving sslcipher_sslprofile_binding configuration objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcipher_sslprofile_binding -NitroPath nitro/v1/config -Summary:$ViewSummary -Query $query -Filter $Filter -GetWarning } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" $response = $null } Write-Output $response } end { Write-Verbose "Invoke-ADCGetSslciphersslprofilebinding: Ended" } } function Invoke-ADCAddSslcrl { <# .SYNOPSIS Add SSL configuration Object. .DESCRIPTION Configuration for Certificate Revocation List resource. .PARAMETER Crlname Name for the Certificate Revocation List (CRL). Must begin with an ASCII alphanumeric or underscore (_) character, and must contain only ASCII alphanumeric, underscore, hash (#), period (.), space, colon (:), at (@), equals (=), and hyphen (-) characters. Cannot be changed after the CRL is created. .PARAMETER Crlpath Path to the CRL file. /var/netscaler/ssl/ is the default path. .PARAMETER Inform Input format of the CRL file. The two formats supported on the appliance are: PEM - Privacy Enhanced Mail. DER - Distinguished Encoding Rule. Possible values = DER, PEM .PARAMETER Refresh Set CRL auto refresh. Possible values = ENABLED, DISABLED .PARAMETER Cacert CA certificate that has issued the CRL. Required if CRL Auto Refresh is selected. Install the CA certificate on the appliance before adding the CRL. .PARAMETER Method Method for CRL refresh. If LDAP is selected, specify the method, CA certificate, base DN, port, and LDAP server name. If HTTP is selected, specify the CA certificate, method, URL, and port. Cannot be changed after a CRL is added. Possible values = HTTP, LDAP .PARAMETER Server IP address of the LDAP server from which to fetch the CRLs. .PARAMETER Url URL of the CRL distribution point. .PARAMETER Port Port for the LDAP server. .PARAMETER Basedn Base distinguished name (DN), which is used in an LDAP search to search for a CRL. Citrix recommends searching for the Base DN instead of the Issuer Name from the CA certificate, because the Issuer Name field might not exactly match the LDAP directory structure's DN. .PARAMETER Scope Extent of the search operation on the LDAP server. Available settings function as follows: One - One level below Base DN. Base - Exactly the same level as Base DN. Possible values = Base, One .PARAMETER Interval CRL refresh interval. Use the NONE setting to unset this parameter. Possible values = MONTHLY, WEEKLY, DAILY, NOW, NONE .PARAMETER Day Day on which to refresh the CRL, or, if the Interval parameter is not set, the number of days after which to refresh the CRL. If Interval is set to MONTHLY, specify the date. If Interval is set to WEEKLY, specify the day of the week (for example, Sun=0 and Sat=6). This parameter is not applicable if the Interval is set to DAILY. .PARAMETER Time Time, in hours (1-24) and minutes (1-60), at which to refresh the CRL. .PARAMETER Binddn Bind distinguished name (DN) to be used to access the CRL object in the LDAP repository if access to the LDAP repository is restricted or anonymous access is not allowed. .PARAMETER Password Password to access the CRL in the LDAP repository if access to the LDAP repository is restricted or anonymous access is not allowed. .PARAMETER Binary Set the LDAP-based CRL retrieval mode to binary. Possible values = YES, NO .PARAMETER PassThru Return details about the created sslcrl item. .EXAMPLE PS C:\>Invoke-ADCAddSslcrl -crlname <string> -crlpath <string> An example how to add sslcrl configuration Object(s). .NOTES File Name : Invoke-ADCAddSslcrl Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslcrl/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(Mandatory)] [ValidateScript({ $_.Length -gt 1 })] [ValidatePattern('^(([a-zA-Z0-9]|[_])+([a-zA-Z0-9]|[_])+)$')] [string]$Crlname, [Parameter(Mandatory)] [ValidateScript({ $_.Length -gt 1 })] [string]$Crlpath, [ValidateSet('DER', 'PEM')] [string]$Inform = 'PEM', [ValidateSet('ENABLED', 'DISABLED')] [string]$Refresh, [ValidateScript({ $_.Length -gt 1 })] [string]$Cacert, [ValidateSet('HTTP', 'LDAP')] [string]$Method, [ValidateScript({ $_.Length -gt 1 })] [string]$Server, [string]$Url, [int]$Port, [ValidateScript({ $_.Length -gt 1 })] [string]$Basedn, [ValidateSet('Base', 'One')] [string]$Scope = 'One', [ValidateSet('MONTHLY', 'WEEKLY', 'DAILY', 'NOW', 'NONE')] [string]$Interval, [ValidateRange(0, 31)] [double]$Day, [string]$Time, [ValidateScript({ $_.Length -gt 1 })] [string]$Binddn, [ValidateScript({ $_.Length -gt 1 })] [string]$Password, [ValidateSet('YES', 'NO')] [string]$Binary = 'NO', [Switch]$PassThru ) begin { Write-Verbose "Invoke-ADCAddSslcrl: Starting" } process { try { $payload = @{ crlname = $crlname crlpath = $crlpath } if ( $PSBoundParameters.ContainsKey('inform') ) { $payload.Add('inform', $inform) } if ( $PSBoundParameters.ContainsKey('refresh') ) { $payload.Add('refresh', $refresh) } if ( $PSBoundParameters.ContainsKey('cacert') ) { $payload.Add('cacert', $cacert) } if ( $PSBoundParameters.ContainsKey('method') ) { $payload.Add('method', $method) } if ( $PSBoundParameters.ContainsKey('server') ) { $payload.Add('server', $server) } if ( $PSBoundParameters.ContainsKey('url') ) { $payload.Add('url', $url) } if ( $PSBoundParameters.ContainsKey('port') ) { $payload.Add('port', $port) } if ( $PSBoundParameters.ContainsKey('basedn') ) { $payload.Add('basedn', $basedn) } if ( $PSBoundParameters.ContainsKey('scope') ) { $payload.Add('scope', $scope) } if ( $PSBoundParameters.ContainsKey('interval') ) { $payload.Add('interval', $interval) } if ( $PSBoundParameters.ContainsKey('day') ) { $payload.Add('day', $day) } if ( $PSBoundParameters.ContainsKey('time') ) { $payload.Add('time', $time) } if ( $PSBoundParameters.ContainsKey('binddn') ) { $payload.Add('binddn', $binddn) } if ( $PSBoundParameters.ContainsKey('password') ) { $payload.Add('password', $password) } if ( $PSBoundParameters.ContainsKey('binary') ) { $payload.Add('binary', $binary) } if ( $PSCmdlet.ShouldProcess("sslcrl", "Add SSL configuration Object") ) { $result = Invoke-ADCNitroApi -ADCSession $ADCSession -Method POST -NitroPath nitro/v1/config -Type sslcrl -Payload $payload -GetWarning #HTTP Status Code on Success: 201 Created #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error if ( $PSBoundParameters.ContainsKey('PassThru') ) { Write-Output (Invoke-ADCGetSslcrl -Filter $payload) } else { Write-Output $result } } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCAddSslcrl: Finished" } } function Invoke-ADCCreateSslcrl { <# .SYNOPSIS Create SSL configuration Object. .DESCRIPTION Configuration for Certificate Revocation List resource. .PARAMETER Cacertfile Name of and, optionally, path to the CA certificate file. /nsconfig/ssl/ is the default path. .PARAMETER Cakeyfile Name of and, optionally, path to the CA key file. /nsconfig/ssl/ is the default path. .PARAMETER Indexfile Name of and, optionally, path to the file containing the serial numbers of all the certificates that are revoked. Revoked certificates are appended to the file. /nsconfig/ssl/ is the default path. .PARAMETER Revoke Name of and, optionally, path to the certificate to be revoked. /nsconfig/ssl/ is the default path. .PARAMETER Gencrl Name of and, optionally, path to the CRL file to be generated. The list of certificates that have been revoked is obtained from the index file. /nsconfig/ssl/ is the default path. .PARAMETER Password Password to access the CRL in the LDAP repository if access to the LDAP repository is restricted or anonymous access is not allowed. .EXAMPLE PS C:\>Invoke-ADCCreateSslcrl -cacertfile <string> -cakeyfile <string> -indexfile <string> An example how to create sslcrl configuration Object(s). .NOTES File Name : Invoke-ADCCreateSslcrl Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslcrl/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(Mandatory)] [string]$Cacertfile, [Parameter(Mandatory)] [string]$Cakeyfile, [Parameter(Mandatory)] [string]$Indexfile, [string]$Revoke, [string]$Gencrl, [ValidateScript({ $_.Length -gt 1 })] [string]$Password ) begin { Write-Verbose "Invoke-ADCCreateSslcrl: Starting" } process { try { $payload = @{ cacertfile = $cacertfile cakeyfile = $cakeyfile indexfile = $indexfile } if ( $PSBoundParameters.ContainsKey('revoke') ) { $payload.Add('revoke', $revoke) } if ( $PSBoundParameters.ContainsKey('gencrl') ) { $payload.Add('gencrl', $gencrl) } if ( $PSBoundParameters.ContainsKey('password') ) { $payload.Add('password', $password) } if ( $PSCmdlet.ShouldProcess($Name, "Create SSL configuration Object") ) { $result = Invoke-ADCNitroApi -ADCSession $ADCSession -Method POST -NitroPath nitro/v1/config -Type sslcrl -Action create -Payload $payload -GetWarning #HTTP Status Code on Success: 200 OK #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error Write-Output $result } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCCreateSslcrl: Finished" } } function Invoke-ADCDeleteSslcrl { <# .SYNOPSIS Delete SSL configuration Object. .DESCRIPTION Configuration for Certificate Revocation List resource. .PARAMETER Crlname Name for the Certificate Revocation List (CRL). Must begin with an ASCII alphanumeric or underscore (_) character, and must contain only ASCII alphanumeric, underscore, hash (#), period (.), space, colon (:), at (@), equals (=), and hyphen (-) characters. Cannot be changed after the CRL is created. .EXAMPLE PS C:\>Invoke-ADCDeleteSslcrl -Crlname <string> An example how to delete sslcrl configuration Object(s). .NOTES File Name : Invoke-ADCDeleteSslcrl Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslcrl/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(Mandatory)] [string]$Crlname ) begin { Write-Verbose "Invoke-ADCDeleteSslcrl: Starting" } process { try { $arguments = @{ } if ( $PSCmdlet.ShouldProcess("$crlname", "Delete SSL configuration Object") ) { $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method DELETE -Type sslcrl -NitroPath nitro/v1/config -Resource $crlname -Arguments $arguments #HTTP Status Code on Success: 200 OK #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error Write-Output $response } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCDeleteSslcrl: Finished" } } function Invoke-ADCUpdateSslcrl { <# .SYNOPSIS Update SSL configuration Object. .DESCRIPTION Configuration for Certificate Revocation List resource. .PARAMETER Crlname Name for the Certificate Revocation List (CRL). Must begin with an ASCII alphanumeric or underscore (_) character, and must contain only ASCII alphanumeric, underscore, hash (#), period (.), space, colon (:), at (@), equals (=), and hyphen (-) characters. Cannot be changed after the CRL is created. .PARAMETER Refresh Set CRL auto refresh. Possible values = ENABLED, DISABLED .PARAMETER Cacert CA certificate that has issued the CRL. Required if CRL Auto Refresh is selected. Install the CA certificate on the appliance before adding the CRL. .PARAMETER Server IP address of the LDAP server from which to fetch the CRLs. .PARAMETER Method Method for CRL refresh. If LDAP is selected, specify the method, CA certificate, base DN, port, and LDAP server name. If HTTP is selected, specify the CA certificate, method, URL, and port. Cannot be changed after a CRL is added. Possible values = HTTP, LDAP .PARAMETER Url URL of the CRL distribution point. .PARAMETER Port Port for the LDAP server. .PARAMETER Basedn Base distinguished name (DN), which is used in an LDAP search to search for a CRL. Citrix recommends searching for the Base DN instead of the Issuer Name from the CA certificate, because the Issuer Name field might not exactly match the LDAP directory structure's DN. .PARAMETER Scope Extent of the search operation on the LDAP server. Available settings function as follows: One - One level below Base DN. Base - Exactly the same level as Base DN. Possible values = Base, One .PARAMETER Interval CRL refresh interval. Use the NONE setting to unset this parameter. Possible values = MONTHLY, WEEKLY, DAILY, NOW, NONE .PARAMETER Day Day on which to refresh the CRL, or, if the Interval parameter is not set, the number of days after which to refresh the CRL. If Interval is set to MONTHLY, specify the date. If Interval is set to WEEKLY, specify the day of the week (for example, Sun=0 and Sat=6). This parameter is not applicable if the Interval is set to DAILY. .PARAMETER Time Time, in hours (1-24) and minutes (1-60), at which to refresh the CRL. .PARAMETER Binddn Bind distinguished name (DN) to be used to access the CRL object in the LDAP repository if access to the LDAP repository is restricted or anonymous access is not allowed. .PARAMETER Password Password to access the CRL in the LDAP repository if access to the LDAP repository is restricted or anonymous access is not allowed. .PARAMETER Binary Set the LDAP-based CRL retrieval mode to binary. Possible values = YES, NO .PARAMETER PassThru Return details about the created sslcrl item. .EXAMPLE PS C:\>Invoke-ADCUpdateSslcrl -crlname <string> An example how to update sslcrl configuration Object(s). .NOTES File Name : Invoke-ADCUpdateSslcrl Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslcrl/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(Mandatory)] [ValidateScript({ $_.Length -gt 1 })] [ValidatePattern('^(([a-zA-Z0-9]|[_])+([a-zA-Z0-9]|[_])+)$')] [string]$Crlname, [ValidateSet('ENABLED', 'DISABLED')] [string]$Refresh, [ValidateScript({ $_.Length -gt 1 })] [string]$Cacert, [ValidateScript({ $_.Length -gt 1 })] [string]$Server, [ValidateSet('HTTP', 'LDAP')] [string]$Method, [string]$Url, [int]$Port, [ValidateScript({ $_.Length -gt 1 })] [string]$Basedn, [ValidateSet('Base', 'One')] [string]$Scope, [ValidateSet('MONTHLY', 'WEEKLY', 'DAILY', 'NOW', 'NONE')] [string]$Interval, [ValidateRange(0, 31)] [double]$Day, [string]$Time, [ValidateScript({ $_.Length -gt 1 })] [string]$Binddn, [ValidateScript({ $_.Length -gt 1 })] [string]$Password, [ValidateSet('YES', 'NO')] [string]$Binary, [Switch]$PassThru ) begin { Write-Verbose "Invoke-ADCUpdateSslcrl: Starting" } process { try { $payload = @{ crlname = $crlname } if ( $PSBoundParameters.ContainsKey('refresh') ) { $payload.Add('refresh', $refresh) } if ( $PSBoundParameters.ContainsKey('cacert') ) { $payload.Add('cacert', $cacert) } if ( $PSBoundParameters.ContainsKey('server') ) { $payload.Add('server', $server) } if ( $PSBoundParameters.ContainsKey('method') ) { $payload.Add('method', $method) } if ( $PSBoundParameters.ContainsKey('url') ) { $payload.Add('url', $url) } if ( $PSBoundParameters.ContainsKey('port') ) { $payload.Add('port', $port) } if ( $PSBoundParameters.ContainsKey('basedn') ) { $payload.Add('basedn', $basedn) } if ( $PSBoundParameters.ContainsKey('scope') ) { $payload.Add('scope', $scope) } if ( $PSBoundParameters.ContainsKey('interval') ) { $payload.Add('interval', $interval) } if ( $PSBoundParameters.ContainsKey('day') ) { $payload.Add('day', $day) } if ( $PSBoundParameters.ContainsKey('time') ) { $payload.Add('time', $time) } if ( $PSBoundParameters.ContainsKey('binddn') ) { $payload.Add('binddn', $binddn) } if ( $PSBoundParameters.ContainsKey('password') ) { $payload.Add('password', $password) } if ( $PSBoundParameters.ContainsKey('binary') ) { $payload.Add('binary', $binary) } if ( $PSCmdlet.ShouldProcess("sslcrl", "Update SSL configuration Object") ) { $result = Invoke-ADCNitroApi -ADCSession $ADCSession -Method PUT -NitroPath nitro/v1/config -Type sslcrl -Payload $payload -GetWarning #HTTP Status Code on Success: 200 OK #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error if ( $PSBoundParameters.ContainsKey('PassThru') ) { Write-Output (Invoke-ADCGetSslcrl -Filter $payload) } else { Write-Output $result } } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCUpdateSslcrl: Finished" } } function Invoke-ADCUnsetSslcrl { <# .SYNOPSIS Unset SSL configuration Object. .DESCRIPTION Configuration for Certificate Revocation List resource. .PARAMETER Crlname Name for the Certificate Revocation List (CRL). Must begin with an ASCII alphanumeric or underscore (_) character, and must contain only ASCII alphanumeric, underscore, hash (#), period (.), space, colon (:), at (@), equals (=), and hyphen (-) characters. Cannot be changed after the CRL is created. .PARAMETER Refresh Set CRL auto refresh. Possible values = ENABLED, DISABLED .PARAMETER Cacert CA certificate that has issued the CRL. Required if CRL Auto Refresh is selected. Install the CA certificate on the appliance before adding the CRL. .PARAMETER Server IP address of the LDAP server from which to fetch the CRLs. .PARAMETER Method Method for CRL refresh. If LDAP is selected, specify the method, CA certificate, base DN, port, and LDAP server name. If HTTP is selected, specify the CA certificate, method, URL, and port. Cannot be changed after a CRL is added. Possible values = HTTP, LDAP .PARAMETER Url URL of the CRL distribution point. .PARAMETER Port Port for the LDAP server. .PARAMETER Basedn Base distinguished name (DN), which is used in an LDAP search to search for a CRL. Citrix recommends searching for the Base DN instead of the Issuer Name from the CA certificate, because the Issuer Name field might not exactly match the LDAP directory structure's DN. .PARAMETER Scope Extent of the search operation on the LDAP server. Available settings function as follows: One - One level below Base DN. Base - Exactly the same level as Base DN. Possible values = Base, One .PARAMETER Interval CRL refresh interval. Use the NONE setting to unset this parameter. Possible values = MONTHLY, WEEKLY, DAILY, NOW, NONE .PARAMETER Day Day on which to refresh the CRL, or, if the Interval parameter is not set, the number of days after which to refresh the CRL. If Interval is set to MONTHLY, specify the date. If Interval is set to WEEKLY, specify the day of the week (for example, Sun=0 and Sat=6). This parameter is not applicable if the Interval is set to DAILY. .PARAMETER Time Time, in hours (1-24) and minutes (1-60), at which to refresh the CRL. .PARAMETER Binddn Bind distinguished name (DN) to be used to access the CRL object in the LDAP repository if access to the LDAP repository is restricted or anonymous access is not allowed. .PARAMETER Password Password to access the CRL in the LDAP repository if access to the LDAP repository is restricted or anonymous access is not allowed. .PARAMETER Binary Set the LDAP-based CRL retrieval mode to binary. Possible values = YES, NO .EXAMPLE PS C:\>Invoke-ADCUnsetSslcrl -crlname <string> An example how to unset sslcrl configuration Object(s). .NOTES File Name : Invoke-ADCUnsetSslcrl Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslcrl Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [ValidateScript({ $_.Length -gt 1 })] [ValidatePattern('^(([a-zA-Z0-9]|[_])+([a-zA-Z0-9]|[_])+)$')] [string]$Crlname, [Boolean]$refresh, [Boolean]$cacert, [Boolean]$server, [Boolean]$method, [Boolean]$url, [Boolean]$port, [Boolean]$basedn, [Boolean]$scope, [Boolean]$interval, [Boolean]$day, [Boolean]$time, [Boolean]$binddn, [Boolean]$password, [Boolean]$binary ) begin { Write-Verbose "Invoke-ADCUnsetSslcrl: Starting" } process { try { $payload = @{ crlname = $crlname } if ( $PSBoundParameters.ContainsKey('refresh') ) { $payload.Add('refresh', $refresh) } if ( $PSBoundParameters.ContainsKey('cacert') ) { $payload.Add('cacert', $cacert) } if ( $PSBoundParameters.ContainsKey('server') ) { $payload.Add('server', $server) } if ( $PSBoundParameters.ContainsKey('method') ) { $payload.Add('method', $method) } if ( $PSBoundParameters.ContainsKey('url') ) { $payload.Add('url', $url) } if ( $PSBoundParameters.ContainsKey('port') ) { $payload.Add('port', $port) } if ( $PSBoundParameters.ContainsKey('basedn') ) { $payload.Add('basedn', $basedn) } if ( $PSBoundParameters.ContainsKey('scope') ) { $payload.Add('scope', $scope) } if ( $PSBoundParameters.ContainsKey('interval') ) { $payload.Add('interval', $interval) } if ( $PSBoundParameters.ContainsKey('day') ) { $payload.Add('day', $day) } if ( $PSBoundParameters.ContainsKey('time') ) { $payload.Add('time', $time) } if ( $PSBoundParameters.ContainsKey('binddn') ) { $payload.Add('binddn', $binddn) } if ( $PSBoundParameters.ContainsKey('password') ) { $payload.Add('password', $password) } if ( $PSBoundParameters.ContainsKey('binary') ) { $payload.Add('binary', $binary) } if ( $PSCmdlet.ShouldProcess("$crlname", "Unset SSL configuration Object") ) { $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method POST -Type sslcrl -NitroPath nitro/v1/config -Action unset -Payload $payload -GetWarning #HTTP Status Code on Success: 200 OK #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error Write-Output $response } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCUnsetSslcrl: Finished" } } function Invoke-ADCGetSslcrl { <# .SYNOPSIS Get SSL configuration object(s). .DESCRIPTION Configuration for Certificate Revocation List resource. .PARAMETER Crlname Name for the Certificate Revocation List (CRL). Must begin with an ASCII alphanumeric or underscore (_) character, and must contain only ASCII alphanumeric, underscore, hash (#), period (.), space, colon (:), at (@), equals (=), and hyphen (-) characters. Cannot be changed after the CRL is created. .PARAMETER GetAll Retrieve all sslcrl object(s). .PARAMETER Count If specified, the count of the sslcrl object(s) will be returned. .PARAMETER Filter Specify a filter. -Filter @{ 'name'='<value>' } .PARAMETER ViewSummary When specified, only a summary of information is returned. .EXAMPLE PS C:\>Invoke-ADCGetSslcrl Get data. .EXAMPLE PS C:\>Invoke-ADCGetSslcrl -GetAll Get all sslcrl data. .EXAMPLE PS C:\>Invoke-ADCGetSslcrl -Count Get the number of sslcrl objects. .EXAMPLE PS C:\>Invoke-ADCGetSslcrl -name <string> Get sslcrl object by specifying for example the name. .EXAMPLE PS C:\>Invoke-ADCGetSslcrl -Filter @{ 'name'='<value>' } Get sslcrl data with a filter. .NOTES File Name : Invoke-ADCGetSslcrl Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslcrl/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(DefaultParameterSetName = "GetAll")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(ParameterSetName = 'GetByResource')] [ValidateScript({ $_.Length -gt 1 })] [ValidatePattern('^(([a-zA-Z0-9]|[_])+([a-zA-Z0-9]|[_])+)$')] [string]$Crlname, [Parameter(ParameterSetName = 'Count', Mandatory)] [Switch]$Count, [hashtable]$Filter = @{ }, [Parameter(ParameterSetName = 'GetAll')] [Switch]$GetAll, [Parameter(ParameterSetName = 'GetAll')] [Parameter(ParameterSetName = 'Get')] [Switch]$ViewSummary ) begin { Write-Verbose "Invoke-ADCGetSslcrl: Beginning" } process { try { if ( $PsCmdlet.ParameterSetName -eq 'GetAll' ) { $query = @{ } Write-Verbose "Retrieving all sslcrl objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcrl -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'Count' ) { if ( $PSBoundParameters.ContainsKey('Count') ) { $query = @{ 'count' = 'yes' } } Write-Verbose "Retrieving total count for sslcrl objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcrl -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByArgument' ) { Write-Verbose "Retrieving sslcrl objects by arguments" $arguments = @{ } $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcrl -NitroPath nitro/v1/config -Arguments $arguments -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByResource' ) { Write-Verbose "Retrieving sslcrl configuration for property 'crlname'" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcrl -NitroPath nitro/v1/config -Resource $crlname -Summary:$ViewSummary -Filter $Filter -GetWarning } else { Write-Verbose "Retrieving sslcrl configuration objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcrl -NitroPath nitro/v1/config -Summary:$ViewSummary -Query $query -Filter $Filter -GetWarning } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" $response = $null } Write-Output $response } end { Write-Verbose "Invoke-ADCGetSslcrl: Ended" } } function Invoke-ADCImportSslcrlfile { <# .SYNOPSIS Import SSL configuration Object. .DESCRIPTION Configuration for Imported crl files resource. .PARAMETER Name Name to assign to the imported CRL file. Must begin with an ASCII alphanumeric or underscore (_) character, and must contain only ASCII alphanumeric, underscore, hash (#), period (.), space, colon (:), at (@), equals (=), and hyphen (-) characters. .PARAMETER Src URL specifying the protocol, host, and path, including file name to the CRL file to be imported. For example, http://www.example.com/crl_file. NOTE: The import fails if the object to be imported is on an HTTPS server that requires client certificate authentication for access. .EXAMPLE PS C:\>Invoke-ADCImportSslcrlfile -name <string> -src <string> An example how to import sslcrlfile configuration Object(s). .NOTES File Name : Invoke-ADCImportSslcrlfile Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslcrlfile/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(Mandatory)] [ValidatePattern('^(([a-zA-Z0-9]|[_])+([a-zA-Z0-9]|[_])+)$')] [ValidateLength(1, 31)] [string]$Name, [Parameter(Mandatory)] [ValidateLength(1, 2047)] [string]$Src ) begin { Write-Verbose "Invoke-ADCImportSslcrlfile: Starting" } process { try { $payload = @{ name = $name src = $src } if ( $PSCmdlet.ShouldProcess($Name, "Import SSL configuration Object") ) { $result = Invoke-ADCNitroApi -ADCSession $ADCSession -Method POST -NitroPath nitro/v1/config -Type sslcrlfile -Action import -Payload $payload -GetWarning #HTTP Status Code on Success: 200 OK #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error Write-Output $result } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCImportSslcrlfile: Finished" } } function Invoke-ADCDeleteSslcrlfile { <# .SYNOPSIS Delete SSL configuration Object. .DESCRIPTION Configuration for Imported crl files resource. .PARAMETER Name Name to assign to the imported CRL file. Must begin with an ASCII alphanumeric or underscore (_) character, and must contain only ASCII alphanumeric, underscore, hash (#), period (.), space, colon (:), at (@), equals (=), and hyphen (-) characters. .EXAMPLE PS C:\>Invoke-ADCDeleteSslcrlfile An example how to delete sslcrlfile configuration Object(s). .NOTES File Name : Invoke-ADCDeleteSslcrlfile Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslcrlfile/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [string]$Name ) begin { Write-Verbose "Invoke-ADCDeleteSslcrlfile: Starting" } process { try { $arguments = @{ } if ( $PSBoundParameters.ContainsKey('Name') ) { $arguments.Add('name', $Name) } if ( $PSCmdlet.ShouldProcess("sslcrlfile", "Delete SSL configuration Object") ) { $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method DELETE -Type sslcrlfile -NitroPath nitro/v1/config -Resource $ -Arguments $arguments #HTTP Status Code on Success: 200 OK #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error Write-Output $response } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCDeleteSslcrlfile: Finished" } } function Invoke-ADCGetSslcrlfile { <# .SYNOPSIS Get SSL configuration object(s). .DESCRIPTION Configuration for Imported crl files resource. .PARAMETER GetAll Retrieve all sslcrlfile object(s). .PARAMETER Count If specified, the count of the sslcrlfile object(s) will be returned. .PARAMETER Filter Specify a filter. -Filter @{ 'name'='<value>' } .PARAMETER ViewSummary When specified, only a summary of information is returned. .EXAMPLE PS C:\>Invoke-ADCGetSslcrlfile Get data. .EXAMPLE PS C:\>Invoke-ADCGetSslcrlfile -GetAll Get all sslcrlfile data. .EXAMPLE PS C:\>Invoke-ADCGetSslcrlfile -Count Get the number of sslcrlfile objects. .EXAMPLE PS C:\>Invoke-ADCGetSslcrlfile -name <string> Get sslcrlfile object by specifying for example the name. .EXAMPLE PS C:\>Invoke-ADCGetSslcrlfile -Filter @{ 'name'='<value>' } Get sslcrlfile data with a filter. .NOTES File Name : Invoke-ADCGetSslcrlfile Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslcrlfile/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(DefaultParameterSetName = "GetAll")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(ParameterSetName = 'Count', Mandatory)] [Switch]$Count, [hashtable]$Filter = @{ }, [Parameter(ParameterSetName = 'GetAll')] [Switch]$GetAll, [Parameter(ParameterSetName = 'GetAll')] [Switch]$ViewSummary ) begin { Write-Verbose "Invoke-ADCGetSslcrlfile: Beginning" } process { try { if ( $PsCmdlet.ParameterSetName -eq 'GetAll' ) { $query = @{ } Write-Verbose "Retrieving all sslcrlfile objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcrlfile -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'Count' ) { if ( $PSBoundParameters.ContainsKey('Count') ) { $query = @{ 'count' = 'yes' } } Write-Verbose "Retrieving total count for sslcrlfile objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcrlfile -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByArgument' ) { Write-Verbose "Retrieving sslcrlfile objects by arguments" $arguments = @{ } $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcrlfile -NitroPath nitro/v1/config -Arguments $arguments -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByResource' ) { Write-Verbose "Retrieving sslcrlfile configuration for property ''" } else { Write-Verbose "Retrieving sslcrlfile configuration objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcrlfile -NitroPath nitro/v1/config -Summary:$ViewSummary -Query $query -Filter $Filter -GetWarning } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" $response = $null } Write-Output $response } end { Write-Verbose "Invoke-ADCGetSslcrlfile: Ended" } } function Invoke-ADCGetSslcrlbinding { <# .SYNOPSIS Get SSL configuration object(s). .DESCRIPTION Binding object which returns the resources bound to sslcrl. .PARAMETER Crlname Name of the CRL for which to show detailed information. .PARAMETER GetAll Retrieve all sslcrl_binding object(s). .PARAMETER Count If specified, the count of the sslcrl_binding object(s) will be returned. .PARAMETER Filter Specify a filter. -Filter @{ 'name'='<value>' } .PARAMETER ViewSummary When specified, only a summary of information is returned. .EXAMPLE PS C:\>Invoke-ADCGetSslcrlbinding Get data. .EXAMPLE PS C:\>Invoke-ADCGetSslcrlbinding -GetAll Get all sslcrl_binding data. .EXAMPLE PS C:\>Invoke-ADCGetSslcrlbinding -name <string> Get sslcrl_binding object by specifying for example the name. .EXAMPLE PS C:\>Invoke-ADCGetSslcrlbinding -Filter @{ 'name'='<value>' } Get sslcrl_binding data with a filter. .NOTES File Name : Invoke-ADCGetSslcrlbinding Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslcrl_binding/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(DefaultParameterSetName = "GetAll")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(ParameterSetName = 'GetByResource')] [ValidateScript({ $_.Length -gt 1 })] [string]$Crlname, [hashtable]$Filter = @{ }, [Parameter(ParameterSetName = 'GetAll')] [Switch]$GetAll ) begin { Write-Verbose "Invoke-ADCGetSslcrlbinding: Beginning" } process { try { if ( $PsCmdlet.ParameterSetName -eq 'GetAll' ) { $query = @{ bulkbindings = 'yes' } Write-Verbose "Retrieving all sslcrl_binding objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcrl_binding -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'Count' ) { if ( $PSBoundParameters.ContainsKey('Count') ) { $query = @{ 'count' = 'yes' } } Write-Verbose "Retrieving total count for sslcrl_binding objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcrl_binding -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByArgument' ) { Write-Verbose "Retrieving sslcrl_binding objects by arguments" $arguments = @{ } $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcrl_binding -NitroPath nitro/v1/config -Arguments $arguments -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByResource' ) { Write-Verbose "Retrieving sslcrl_binding configuration for property 'crlname'" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcrl_binding -NitroPath nitro/v1/config -Resource $crlname -Summary:$ViewSummary -Filter $Filter -GetWarning } else { Write-Verbose "Retrieving sslcrl_binding configuration objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcrl_binding -NitroPath nitro/v1/config -Summary:$ViewSummary -Query $query -Filter $Filter -GetWarning } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" $response = $null } Write-Output $response } end { Write-Verbose "Invoke-ADCGetSslcrlbinding: Ended" } } function Invoke-ADCGetSslcrlserialnumberbinding { <# .SYNOPSIS Get SSL configuration object(s). .DESCRIPTION Binding object showing the serialnumber that can be bound to sslcrl. .PARAMETER Crlname Name of the CRL for which to show detailed information. .PARAMETER GetAll Retrieve all sslcrl_serialnumber_binding object(s). .PARAMETER Count If specified, the count of the sslcrl_serialnumber_binding object(s) will be returned. .PARAMETER Filter Specify a filter. -Filter @{ 'name'='<value>' } .PARAMETER ViewSummary When specified, only a summary of information is returned. .EXAMPLE PS C:\>Invoke-ADCGetSslcrlserialnumberbinding Get data. .EXAMPLE PS C:\>Invoke-ADCGetSslcrlserialnumberbinding -GetAll Get all sslcrl_serialnumber_binding data. .EXAMPLE PS C:\>Invoke-ADCGetSslcrlserialnumberbinding -Count Get the number of sslcrl_serialnumber_binding objects. .EXAMPLE PS C:\>Invoke-ADCGetSslcrlserialnumberbinding -name <string> Get sslcrl_serialnumber_binding object by specifying for example the name. .EXAMPLE PS C:\>Invoke-ADCGetSslcrlserialnumberbinding -Filter @{ 'name'='<value>' } Get sslcrl_serialnumber_binding data with a filter. .NOTES File Name : Invoke-ADCGetSslcrlserialnumberbinding Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslcrl_serialnumber_binding/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(DefaultParameterSetName = "GetAll")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(ParameterSetName = 'GetByResource')] [ValidateScript({ $_.Length -gt 1 })] [string]$Crlname, [Parameter(ParameterSetName = 'Count', Mandatory)] [Switch]$Count, [hashtable]$Filter = @{ }, [Parameter(ParameterSetName = 'GetAll')] [Switch]$GetAll ) begin { Write-Verbose "Invoke-ADCGetSslcrlserialnumberbinding: Beginning" } process { try { if ( $PsCmdlet.ParameterSetName -eq 'GetAll' ) { $query = @{ bulkbindings = 'yes' } Write-Verbose "Retrieving all sslcrl_serialnumber_binding objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcrl_serialnumber_binding -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'Count' ) { if ( $PSBoundParameters.ContainsKey('Count') ) { $query = @{ 'count' = 'yes' } } Write-Verbose "Retrieving total count for sslcrl_serialnumber_binding objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcrl_serialnumber_binding -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByArgument' ) { Write-Verbose "Retrieving sslcrl_serialnumber_binding objects by arguments" $arguments = @{ } $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcrl_serialnumber_binding -NitroPath nitro/v1/config -Arguments $arguments -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByResource' ) { Write-Verbose "Retrieving sslcrl_serialnumber_binding configuration for property 'crlname'" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcrl_serialnumber_binding -NitroPath nitro/v1/config -Resource $crlname -Summary:$ViewSummary -Filter $Filter -GetWarning } else { Write-Verbose "Retrieving sslcrl_serialnumber_binding configuration objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslcrl_serialnumber_binding -NitroPath nitro/v1/config -Summary:$ViewSummary -Query $query -Filter $Filter -GetWarning } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" $response = $null } Write-Output $response } end { Write-Verbose "Invoke-ADCGetSslcrlserialnumberbinding: Ended" } } function Invoke-ADCImportSsldhfile { <# .SYNOPSIS Import SSL configuration Object. .DESCRIPTION Configuration for dh imported file resource. .PARAMETER Name Name to assign to the imported DH file. Must begin with an ASCII alphanumeric or underscore (_) character, and must contain only ASCII alphanumeric, underscore, hash (#), period (.), space, colon (:), at (@), equals (=), and hyphen (-) characters. .PARAMETER Src URL specifying the protocol, host, and path, including file name, to the DH file to be imported. For example, http://www.example.com/dh_file. NOTE: The import fails if the file is on an HTTPS server that requires client certificate authentication for access. .EXAMPLE PS C:\>Invoke-ADCImportSsldhfile -name <string> -src <string> An example how to import ssldhfile configuration Object(s). .NOTES File Name : Invoke-ADCImportSsldhfile Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/ssldhfile/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(Mandatory)] [ValidatePattern('^(([a-zA-Z0-9]|[_])+([a-zA-Z0-9]|[_])+)$')] [ValidateLength(1, 31)] [string]$Name, [Parameter(Mandatory)] [ValidateLength(1, 2047)] [string]$Src ) begin { Write-Verbose "Invoke-ADCImportSsldhfile: Starting" } process { try { $payload = @{ name = $name src = $src } if ( $PSCmdlet.ShouldProcess($Name, "Import SSL configuration Object") ) { $result = Invoke-ADCNitroApi -ADCSession $ADCSession -Method POST -NitroPath nitro/v1/config -Type ssldhfile -Action import -Payload $payload -GetWarning #HTTP Status Code on Success: 200 OK #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error Write-Output $result } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCImportSsldhfile: Finished" } } function Invoke-ADCDeleteSsldhfile { <# .SYNOPSIS Delete SSL configuration Object. .DESCRIPTION Configuration for dh imported file resource. .PARAMETER Name Name to assign to the imported DH file. Must begin with an ASCII alphanumeric or underscore (_) character, and must contain only ASCII alphanumeric, underscore, hash (#), period (.), space, colon (:), at (@), equals (=), and hyphen (-) characters. .EXAMPLE PS C:\>Invoke-ADCDeleteSsldhfile An example how to delete ssldhfile configuration Object(s). .NOTES File Name : Invoke-ADCDeleteSsldhfile Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/ssldhfile/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [string]$Name ) begin { Write-Verbose "Invoke-ADCDeleteSsldhfile: Starting" } process { try { $arguments = @{ } if ( $PSBoundParameters.ContainsKey('Name') ) { $arguments.Add('name', $Name) } if ( $PSCmdlet.ShouldProcess("ssldhfile", "Delete SSL configuration Object") ) { $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method DELETE -Type ssldhfile -NitroPath nitro/v1/config -Resource $ -Arguments $arguments #HTTP Status Code on Success: 200 OK #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error Write-Output $response } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCDeleteSsldhfile: Finished" } } function Invoke-ADCGetSsldhfile { <# .SYNOPSIS Get SSL configuration object(s). .DESCRIPTION Configuration for dh imported file resource. .PARAMETER GetAll Retrieve all ssldhfile object(s). .PARAMETER Count If specified, the count of the ssldhfile object(s) will be returned. .PARAMETER Filter Specify a filter. -Filter @{ 'name'='<value>' } .PARAMETER ViewSummary When specified, only a summary of information is returned. .EXAMPLE PS C:\>Invoke-ADCGetSsldhfile Get data. .EXAMPLE PS C:\>Invoke-ADCGetSsldhfile -GetAll Get all ssldhfile data. .EXAMPLE PS C:\>Invoke-ADCGetSsldhfile -Count Get the number of ssldhfile objects. .EXAMPLE PS C:\>Invoke-ADCGetSsldhfile -name <string> Get ssldhfile object by specifying for example the name. .EXAMPLE PS C:\>Invoke-ADCGetSsldhfile -Filter @{ 'name'='<value>' } Get ssldhfile data with a filter. .NOTES File Name : Invoke-ADCGetSsldhfile Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/ssldhfile/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(DefaultParameterSetName = "GetAll")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(ParameterSetName = 'Count', Mandatory)] [Switch]$Count, [hashtable]$Filter = @{ }, [Parameter(ParameterSetName = 'GetAll')] [Switch]$GetAll, [Parameter(ParameterSetName = 'GetAll')] [Switch]$ViewSummary ) begin { Write-Verbose "Invoke-ADCGetSsldhfile: Beginning" } process { try { if ( $PsCmdlet.ParameterSetName -eq 'GetAll' ) { $query = @{ } Write-Verbose "Retrieving all ssldhfile objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type ssldhfile -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'Count' ) { if ( $PSBoundParameters.ContainsKey('Count') ) { $query = @{ 'count' = 'yes' } } Write-Verbose "Retrieving total count for ssldhfile objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type ssldhfile -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByArgument' ) { Write-Verbose "Retrieving ssldhfile objects by arguments" $arguments = @{ } $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type ssldhfile -NitroPath nitro/v1/config -Arguments $arguments -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByResource' ) { Write-Verbose "Retrieving ssldhfile configuration for property ''" } else { Write-Verbose "Retrieving ssldhfile configuration objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type ssldhfile -NitroPath nitro/v1/config -Summary:$ViewSummary -Query $query -Filter $Filter -GetWarning } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" $response = $null } Write-Output $response } end { Write-Verbose "Invoke-ADCGetSsldhfile: Ended" } } function Invoke-ADCCreateSsldhparam { <# .SYNOPSIS Create SSL configuration Object. .DESCRIPTION Configuration for dh Parameter resource. .PARAMETER Dhfile Name of and, optionally, path to the DH key file. /nsconfig/ssl/ is the default path. .PARAMETER Bits Size, in bits, of the DH key being generated. .PARAMETER Gen Random number required for generating the DH key. Required as part of the DH key generation algorithm. Possible values = 2, 5 .EXAMPLE PS C:\>Invoke-ADCCreateSsldhparam -dhfile <string> An example how to create ssldhparam configuration Object(s). .NOTES File Name : Invoke-ADCCreateSsldhparam Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/ssldhparam/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(Mandatory)] [string]$Dhfile, [ValidateRange(512, 2048)] [double]$Bits, [ValidateSet('2', '5')] [string]$Gen ) begin { Write-Verbose "Invoke-ADCCreateSsldhparam: Starting" } process { try { $payload = @{ dhfile = $dhfile } if ( $PSBoundParameters.ContainsKey('bits') ) { $payload.Add('bits', $bits) } if ( $PSBoundParameters.ContainsKey('gen') ) { $payload.Add('gen', $gen) } if ( $PSCmdlet.ShouldProcess($Name, "Create SSL configuration Object") ) { $result = Invoke-ADCNitroApi -ADCSession $ADCSession -Method POST -NitroPath nitro/v1/config -Type ssldhparam -Action create -Payload $payload -GetWarning #HTTP Status Code on Success: 200 OK #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error Write-Output $result } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCCreateSsldhparam: Finished" } } function Invoke-ADCCreateSsldsakey { <# .SYNOPSIS Create SSL configuration Object. .DESCRIPTION Configuration for dsa key resource. .PARAMETER Keyfile Name for and, optionally, path to the DSA key file. /nsconfig/ssl/ is the default path. .PARAMETER Bits Size, in bits, of the DSA key. .PARAMETER Keyform Format in which the DSA key file is stored on the appliance. Possible values = DER, PEM .PARAMETER Des Encrypt the generated DSA key by using the DES algorithm. On the command line, you are prompted to enter the pass phrase (password) that will be used to encrypt the key. .PARAMETER Des3 Encrypt the generated DSA key by using the Triple-DES algorithm. On the command line, you are prompted to enter the pass phrase (password) that will be used to encrypt the key. .PARAMETER Aes256 Encrypt the generated DSA key by using the AES algorithm. .PARAMETER Password Pass phrase to use for encryption if DES or DES3 option is selected. .PARAMETER Pkcs8 Create the private key in PKCS#8 format. .EXAMPLE PS C:\>Invoke-ADCCreateSsldsakey -keyfile <string> -bits <double> An example how to create ssldsakey configuration Object(s). .NOTES File Name : Invoke-ADCCreateSsldsakey Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/ssldsakey.md/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(Mandatory)] [string]$Keyfile, [Parameter(Mandatory)] [ValidateRange(512, 2048)] [double]$Bits, [ValidateSet('DER', 'PEM')] [string]$Keyform, [boolean]$Des, [boolean]$Des3, [boolean]$Aes256, [ValidateLength(1, 31)] [string]$Password, [boolean]$Pkcs8 ) begin { Write-Verbose "Invoke-ADCCreateSsldsakey: Starting" } process { try { $payload = @{ keyfile = $keyfile bits = $bits } if ( $PSBoundParameters.ContainsKey('keyform') ) { $payload.Add('keyform', $keyform) } if ( $PSBoundParameters.ContainsKey('des') ) { $payload.Add('des', $des) } if ( $PSBoundParameters.ContainsKey('des3') ) { $payload.Add('des3', $des3) } if ( $PSBoundParameters.ContainsKey('aes256') ) { $payload.Add('aes256', $aes256) } if ( $PSBoundParameters.ContainsKey('password') ) { $payload.Add('password', $password) } if ( $PSBoundParameters.ContainsKey('pkcs8') ) { $payload.Add('pkcs8', $pkcs8) } if ( $PSCmdlet.ShouldProcess($Name, "Create SSL configuration Object") ) { $result = Invoke-ADCNitroApi -ADCSession $ADCSession -Method POST -NitroPath nitro/v1/config -Type ssldsakey -Action create -Payload $payload -GetWarning #HTTP Status Code on Success: 200 OK #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error Write-Output $result } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCCreateSsldsakey: Finished" } } function Invoke-ADCAddSsldtlsprofile { <# .SYNOPSIS Add SSL configuration Object. .DESCRIPTION Configuration for DTLS profile resource. .PARAMETER Name Name for the DTLS profile. Must begin with an ASCII alphanumeric or underscore (_) character, and must contain only ASCII alphanumeric, underscore, hash (#), period (.), space, colon (:), at (@),equals sign (=), and hyphen (-) characters. Cannot be changed after the profile is created. .PARAMETER Pmtudiscovery Source for the maximum record size value. If ENABLED, the value is taken from the PMTU table. If DISABLED, the value is taken from the profile. Possible values = ENABLED, DISABLED .PARAMETER Maxrecordsize Maximum size of records that can be sent if PMTU is disabled. .PARAMETER Maxretrytime Wait for the specified time, in seconds, before resending the request. .PARAMETER Helloverifyrequest Send a Hello Verify request to validate the client. Possible values = ENABLED, DISABLED .PARAMETER Terminatesession Terminate the session if the message authentication code (MAC) of the client and server do not match. Possible values = ENABLED, DISABLED .PARAMETER Maxpacketsize Maximum number of packets to reassemble. This value helps protect against a fragmented packet attack. .PARAMETER Maxholdqlen Maximum number of datagrams that can be queued at DTLS layer for processing. .PARAMETER Maxbadmacignorecount Maximum number of bad MAC errors to ignore for a connection prior disconnect. Disabling parameter terminateSession terminates session immediately when bad MAC is detected in the connection. .PARAMETER PassThru Return details about the created ssldtlsprofile item. .EXAMPLE PS C:\>Invoke-ADCAddSsldtlsprofile -name <string> An example how to add ssldtlsprofile configuration Object(s). .NOTES File Name : Invoke-ADCAddSsldtlsprofile Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/ssldtlsprofile/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(Mandatory)] [ValidatePattern('^(([a-zA-Z0-9]|[_])+([a-zA-Z0-9]|[_])+)$')] [ValidateLength(1, 127)] [string]$Name, [ValidateSet('ENABLED', 'DISABLED')] [string]$Pmtudiscovery = 'DISABLED', [ValidateRange(250, 1459)] [double]$Maxrecordsize = '1459', [double]$Maxretrytime = '3', [ValidateSet('ENABLED', 'DISABLED')] [string]$Helloverifyrequest = 'ENABLED', [ValidateSet('ENABLED', 'DISABLED')] [string]$Terminatesession = 'DISABLED', [ValidateRange(0, 86400)] [double]$Maxpacketsize = '120', [ValidateRange(32, 65535)] [double]$Maxholdqlen = '32', [ValidateRange(1, 65535)] [double]$Maxbadmacignorecount = '100', [Switch]$PassThru ) begin { Write-Verbose "Invoke-ADCAddSsldtlsprofile: Starting" } process { try { $payload = @{ name = $name } if ( $PSBoundParameters.ContainsKey('pmtudiscovery') ) { $payload.Add('pmtudiscovery', $pmtudiscovery) } if ( $PSBoundParameters.ContainsKey('maxrecordsize') ) { $payload.Add('maxrecordsize', $maxrecordsize) } if ( $PSBoundParameters.ContainsKey('maxretrytime') ) { $payload.Add('maxretrytime', $maxretrytime) } if ( $PSBoundParameters.ContainsKey('helloverifyrequest') ) { $payload.Add('helloverifyrequest', $helloverifyrequest) } if ( $PSBoundParameters.ContainsKey('terminatesession') ) { $payload.Add('terminatesession', $terminatesession) } if ( $PSBoundParameters.ContainsKey('maxpacketsize') ) { $payload.Add('maxpacketsize', $maxpacketsize) } if ( $PSBoundParameters.ContainsKey('maxholdqlen') ) { $payload.Add('maxholdqlen', $maxholdqlen) } if ( $PSBoundParameters.ContainsKey('maxbadmacignorecount') ) { $payload.Add('maxbadmacignorecount', $maxbadmacignorecount) } if ( $PSCmdlet.ShouldProcess("ssldtlsprofile", "Add SSL configuration Object") ) { $result = Invoke-ADCNitroApi -ADCSession $ADCSession -Method POST -NitroPath nitro/v1/config -Type ssldtlsprofile -Payload $payload -GetWarning #HTTP Status Code on Success: 201 Created #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error if ( $PSBoundParameters.ContainsKey('PassThru') ) { Write-Output (Invoke-ADCGetSsldtlsprofile -Filter $payload) } else { Write-Output $result } } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCAddSsldtlsprofile: Finished" } } function Invoke-ADCDeleteSsldtlsprofile { <# .SYNOPSIS Delete SSL configuration Object. .DESCRIPTION Configuration for DTLS profile resource. .PARAMETER Name Name for the DTLS profile. Must begin with an ASCII alphanumeric or underscore (_) character, and must contain only ASCII alphanumeric, underscore, hash (#), period (.), space, colon (:), at (@),equals sign (=), and hyphen (-) characters. Cannot be changed after the profile is created. .EXAMPLE PS C:\>Invoke-ADCDeleteSsldtlsprofile -Name <string> An example how to delete ssldtlsprofile configuration Object(s). .NOTES File Name : Invoke-ADCDeleteSsldtlsprofile Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/ssldtlsprofile/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(Mandatory)] [string]$Name ) begin { Write-Verbose "Invoke-ADCDeleteSsldtlsprofile: Starting" } process { try { $arguments = @{ } if ( $PSCmdlet.ShouldProcess("$name", "Delete SSL configuration Object") ) { $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method DELETE -Type ssldtlsprofile -NitroPath nitro/v1/config -Resource $name -Arguments $arguments #HTTP Status Code on Success: 200 OK #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error Write-Output $response } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCDeleteSsldtlsprofile: Finished" } } function Invoke-ADCUpdateSsldtlsprofile { <# .SYNOPSIS Update SSL configuration Object. .DESCRIPTION Configuration for DTLS profile resource. .PARAMETER Name Name for the DTLS profile. Must begin with an ASCII alphanumeric or underscore (_) character, and must contain only ASCII alphanumeric, underscore, hash (#), period (.), space, colon (:), at (@),equals sign (=), and hyphen (-) characters. Cannot be changed after the profile is created. .PARAMETER Pmtudiscovery Source for the maximum record size value. If ENABLED, the value is taken from the PMTU table. If DISABLED, the value is taken from the profile. Possible values = ENABLED, DISABLED .PARAMETER Maxrecordsize Maximum size of records that can be sent if PMTU is disabled. .PARAMETER Maxretrytime Wait for the specified time, in seconds, before resending the request. .PARAMETER Helloverifyrequest Send a Hello Verify request to validate the client. Possible values = ENABLED, DISABLED .PARAMETER Terminatesession Terminate the session if the message authentication code (MAC) of the client and server do not match. Possible values = ENABLED, DISABLED .PARAMETER Maxpacketsize Maximum number of packets to reassemble. This value helps protect against a fragmented packet attack. .PARAMETER Maxholdqlen Maximum number of datagrams that can be queued at DTLS layer for processing. .PARAMETER Maxbadmacignorecount Maximum number of bad MAC errors to ignore for a connection prior disconnect. Disabling parameter terminateSession terminates session immediately when bad MAC is detected in the connection. .PARAMETER PassThru Return details about the created ssldtlsprofile item. .EXAMPLE PS C:\>Invoke-ADCUpdateSsldtlsprofile -name <string> An example how to update ssldtlsprofile configuration Object(s). .NOTES File Name : Invoke-ADCUpdateSsldtlsprofile Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/ssldtlsprofile/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(Mandatory)] [ValidatePattern('^(([a-zA-Z0-9]|[_])+([a-zA-Z0-9]|[_])+)$')] [ValidateLength(1, 127)] [string]$Name, [ValidateSet('ENABLED', 'DISABLED')] [string]$Pmtudiscovery, [ValidateRange(250, 1459)] [double]$Maxrecordsize, [double]$Maxretrytime, [ValidateSet('ENABLED', 'DISABLED')] [string]$Helloverifyrequest, [ValidateSet('ENABLED', 'DISABLED')] [string]$Terminatesession, [ValidateRange(0, 86400)] [double]$Maxpacketsize, [ValidateRange(32, 65535)] [double]$Maxholdqlen, [ValidateRange(1, 65535)] [double]$Maxbadmacignorecount, [Switch]$PassThru ) begin { Write-Verbose "Invoke-ADCUpdateSsldtlsprofile: Starting" } process { try { $payload = @{ name = $name } if ( $PSBoundParameters.ContainsKey('pmtudiscovery') ) { $payload.Add('pmtudiscovery', $pmtudiscovery) } if ( $PSBoundParameters.ContainsKey('maxrecordsize') ) { $payload.Add('maxrecordsize', $maxrecordsize) } if ( $PSBoundParameters.ContainsKey('maxretrytime') ) { $payload.Add('maxretrytime', $maxretrytime) } if ( $PSBoundParameters.ContainsKey('helloverifyrequest') ) { $payload.Add('helloverifyrequest', $helloverifyrequest) } if ( $PSBoundParameters.ContainsKey('terminatesession') ) { $payload.Add('terminatesession', $terminatesession) } if ( $PSBoundParameters.ContainsKey('maxpacketsize') ) { $payload.Add('maxpacketsize', $maxpacketsize) } if ( $PSBoundParameters.ContainsKey('maxholdqlen') ) { $payload.Add('maxholdqlen', $maxholdqlen) } if ( $PSBoundParameters.ContainsKey('maxbadmacignorecount') ) { $payload.Add('maxbadmacignorecount', $maxbadmacignorecount) } if ( $PSCmdlet.ShouldProcess("ssldtlsprofile", "Update SSL configuration Object") ) { $result = Invoke-ADCNitroApi -ADCSession $ADCSession -Method PUT -NitroPath nitro/v1/config -Type ssldtlsprofile -Payload $payload -GetWarning #HTTP Status Code on Success: 200 OK #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error if ( $PSBoundParameters.ContainsKey('PassThru') ) { Write-Output (Invoke-ADCGetSsldtlsprofile -Filter $payload) } else { Write-Output $result } } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCUpdateSsldtlsprofile: Finished" } } function Invoke-ADCUnsetSsldtlsprofile { <# .SYNOPSIS Unset SSL configuration Object. .DESCRIPTION Configuration for DTLS profile resource. .PARAMETER Name Name for the DTLS profile. Must begin with an ASCII alphanumeric or underscore (_) character, and must contain only ASCII alphanumeric, underscore, hash (#), period (.), space, colon (:), at (@),equals sign (=), and hyphen (-) characters. Cannot be changed after the profile is created. .PARAMETER Pmtudiscovery Source for the maximum record size value. If ENABLED, the value is taken from the PMTU table. If DISABLED, the value is taken from the profile. Possible values = ENABLED, DISABLED .PARAMETER Maxrecordsize Maximum size of records that can be sent if PMTU is disabled. .PARAMETER Maxretrytime Wait for the specified time, in seconds, before resending the request. .PARAMETER Helloverifyrequest Send a Hello Verify request to validate the client. Possible values = ENABLED, DISABLED .PARAMETER Terminatesession Terminate the session if the message authentication code (MAC) of the client and server do not match. Possible values = ENABLED, DISABLED .PARAMETER Maxpacketsize Maximum number of packets to reassemble. This value helps protect against a fragmented packet attack. .PARAMETER Maxholdqlen Maximum number of datagrams that can be queued at DTLS layer for processing. .PARAMETER Maxbadmacignorecount Maximum number of bad MAC errors to ignore for a connection prior disconnect. Disabling parameter terminateSession terminates session immediately when bad MAC is detected in the connection. .EXAMPLE PS C:\>Invoke-ADCUnsetSsldtlsprofile -name <string> An example how to unset ssldtlsprofile configuration Object(s). .NOTES File Name : Invoke-ADCUnsetSsldtlsprofile Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/ssldtlsprofile Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [ValidatePattern('^(([a-zA-Z0-9]|[_])+([a-zA-Z0-9]|[_])+)$')] [ValidateLength(1, 127)] [string]$Name, [Boolean]$pmtudiscovery, [Boolean]$maxrecordsize, [Boolean]$maxretrytime, [Boolean]$helloverifyrequest, [Boolean]$terminatesession, [Boolean]$maxpacketsize, [Boolean]$maxholdqlen, [Boolean]$maxbadmacignorecount ) begin { Write-Verbose "Invoke-ADCUnsetSsldtlsprofile: Starting" } process { try { $payload = @{ name = $name } if ( $PSBoundParameters.ContainsKey('pmtudiscovery') ) { $payload.Add('pmtudiscovery', $pmtudiscovery) } if ( $PSBoundParameters.ContainsKey('maxrecordsize') ) { $payload.Add('maxrecordsize', $maxrecordsize) } if ( $PSBoundParameters.ContainsKey('maxretrytime') ) { $payload.Add('maxretrytime', $maxretrytime) } if ( $PSBoundParameters.ContainsKey('helloverifyrequest') ) { $payload.Add('helloverifyrequest', $helloverifyrequest) } if ( $PSBoundParameters.ContainsKey('terminatesession') ) { $payload.Add('terminatesession', $terminatesession) } if ( $PSBoundParameters.ContainsKey('maxpacketsize') ) { $payload.Add('maxpacketsize', $maxpacketsize) } if ( $PSBoundParameters.ContainsKey('maxholdqlen') ) { $payload.Add('maxholdqlen', $maxholdqlen) } if ( $PSBoundParameters.ContainsKey('maxbadmacignorecount') ) { $payload.Add('maxbadmacignorecount', $maxbadmacignorecount) } if ( $PSCmdlet.ShouldProcess("$name", "Unset SSL configuration Object") ) { $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method POST -Type ssldtlsprofile -NitroPath nitro/v1/config -Action unset -Payload $payload -GetWarning #HTTP Status Code on Success: 200 OK #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error Write-Output $response } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCUnsetSsldtlsprofile: Finished" } } function Invoke-ADCGetSsldtlsprofile { <# .SYNOPSIS Get SSL configuration object(s). .DESCRIPTION Configuration for DTLS profile resource. .PARAMETER Name Name for the DTLS profile. Must begin with an ASCII alphanumeric or underscore (_) character, and must contain only ASCII alphanumeric, underscore, hash (#), period (.), space, colon (:), at (@),equals sign (=), and hyphen (-) characters. Cannot be changed after the profile is created. .PARAMETER GetAll Retrieve all ssldtlsprofile object(s). .PARAMETER Count If specified, the count of the ssldtlsprofile object(s) will be returned. .PARAMETER Filter Specify a filter. -Filter @{ 'name'='<value>' } .PARAMETER ViewSummary When specified, only a summary of information is returned. .EXAMPLE PS C:\>Invoke-ADCGetSsldtlsprofile Get data. .EXAMPLE PS C:\>Invoke-ADCGetSsldtlsprofile -GetAll Get all ssldtlsprofile data. .EXAMPLE PS C:\>Invoke-ADCGetSsldtlsprofile -Count Get the number of ssldtlsprofile objects. .EXAMPLE PS C:\>Invoke-ADCGetSsldtlsprofile -name <string> Get ssldtlsprofile object by specifying for example the name. .EXAMPLE PS C:\>Invoke-ADCGetSsldtlsprofile -Filter @{ 'name'='<value>' } Get ssldtlsprofile data with a filter. .NOTES File Name : Invoke-ADCGetSsldtlsprofile Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/ssldtlsprofile/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(DefaultParameterSetName = "GetAll")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(ParameterSetName = 'GetByResource')] [ValidatePattern('^(([a-zA-Z0-9]|[_])+([a-zA-Z0-9]|[_])+)$')] [ValidateLength(1, 127)] [string]$Name, [Parameter(ParameterSetName = 'Count', Mandatory)] [Switch]$Count, [hashtable]$Filter = @{ }, [Parameter(ParameterSetName = 'GetAll')] [Switch]$GetAll, [Parameter(ParameterSetName = 'GetAll')] [Parameter(ParameterSetName = 'Get')] [Switch]$ViewSummary ) begin { Write-Verbose "Invoke-ADCGetSsldtlsprofile: Beginning" } process { try { if ( $PsCmdlet.ParameterSetName -eq 'GetAll' ) { $query = @{ } Write-Verbose "Retrieving all ssldtlsprofile objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type ssldtlsprofile -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'Count' ) { if ( $PSBoundParameters.ContainsKey('Count') ) { $query = @{ 'count' = 'yes' } } Write-Verbose "Retrieving total count for ssldtlsprofile objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type ssldtlsprofile -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByArgument' ) { Write-Verbose "Retrieving ssldtlsprofile objects by arguments" $arguments = @{ } $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type ssldtlsprofile -NitroPath nitro/v1/config -Arguments $arguments -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByResource' ) { Write-Verbose "Retrieving ssldtlsprofile configuration for property 'name'" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type ssldtlsprofile -NitroPath nitro/v1/config -Resource $name -Summary:$ViewSummary -Filter $Filter -GetWarning } else { Write-Verbose "Retrieving ssldtlsprofile configuration objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type ssldtlsprofile -NitroPath nitro/v1/config -Summary:$ViewSummary -Query $query -Filter $Filter -GetWarning } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" $response = $null } Write-Output $response } end { Write-Verbose "Invoke-ADCGetSsldtlsprofile: Ended" } } function Invoke-ADCCreateSslecdsakey { <# .SYNOPSIS Create SSL configuration Object. .DESCRIPTION Configuration for ecdsa key resource. .PARAMETER Keyfile Name for and, optionally, path to the ECDSA key file. /nsconfig/ssl/ is the default path. .PARAMETER Curve Curve id to generate ECDSA key. Only P_256 and P_384 are supported. Possible values = P_256, P_384 .PARAMETER Keyform Format in which the ECDSA key file is stored on the appliance. Possible values = DER, PEM .PARAMETER Des Encrypt the generated ECDSA key by using the DES algorithm. On the command line, you are prompted to enter the pass phrase (password) that is used to encrypt the key. .PARAMETER Des3 Encrypt the generated ECDSA key by using the Triple-DES algorithm. On the command line, you are prompted to enter the pass phrase (password) that is used to encrypt the key. .PARAMETER Aes256 Encrypt the generated ECDSA key by using the AES algorithm. .PARAMETER Password Pass phrase to use for encryption if DES or DES3 option is selected. .PARAMETER Pkcs8 Create the private key in PKCS#8 format. .EXAMPLE PS C:\>Invoke-ADCCreateSslecdsakey -keyfile <string> -curve <string> An example how to create sslecdsakey configuration Object(s). .NOTES File Name : Invoke-ADCCreateSslecdsakey Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslecdsakey/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(Mandatory)] [string]$Keyfile, [Parameter(Mandatory)] [ValidateSet('P_256', 'P_384')] [string]$Curve, [ValidateSet('DER', 'PEM')] [string]$Keyform, [boolean]$Des, [boolean]$Des3, [boolean]$Aes256, [ValidateLength(1, 31)] [string]$Password, [boolean]$Pkcs8 ) begin { Write-Verbose "Invoke-ADCCreateSslecdsakey: Starting" } process { try { $payload = @{ keyfile = $keyfile curve = $curve } if ( $PSBoundParameters.ContainsKey('keyform') ) { $payload.Add('keyform', $keyform) } if ( $PSBoundParameters.ContainsKey('des') ) { $payload.Add('des', $des) } if ( $PSBoundParameters.ContainsKey('des3') ) { $payload.Add('des3', $des3) } if ( $PSBoundParameters.ContainsKey('aes256') ) { $payload.Add('aes256', $aes256) } if ( $PSBoundParameters.ContainsKey('password') ) { $payload.Add('password', $password) } if ( $PSBoundParameters.ContainsKey('pkcs8') ) { $payload.Add('pkcs8', $pkcs8) } if ( $PSCmdlet.ShouldProcess($Name, "Create SSL configuration Object") ) { $result = Invoke-ADCNitroApi -ADCSession $ADCSession -Method POST -NitroPath nitro/v1/config -Type sslecdsakey -Action create -Payload $payload -GetWarning #HTTP Status Code on Success: 200 OK #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error Write-Output $result } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCCreateSslecdsakey: Finished" } } function Invoke-ADCUpdateSslfips { <# .SYNOPSIS Update SSL configuration Object. .DESCRIPTION Configuration for fips resource. .PARAMETER Inithsm FIPS initialization level. The appliance currently supports Level-2 (FIPS 140-2). Possible values = Level-2 .PARAMETER Sopassword Security officer password that will be in effect after you have configured the HSM. .PARAMETER Oldsopassword Old password for the security officer. .PARAMETER Userpassword The Hardware Security Module's (HSM) User password. .PARAMETER Hsmlabel Label to identify the Hardware Security Module (HSM). .EXAMPLE PS C:\>Invoke-ADCUpdateSslfips -inithsm <string> -sopassword <string> -oldsopassword <string> -userpassword <string> An example how to update sslfips configuration Object(s). .NOTES File Name : Invoke-ADCUpdateSslfips Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslfips/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(Mandatory)] [ValidateSet('Level-2')] [string]$Inithsm, [Parameter(Mandatory)] [ValidateScript({ $_.Length -gt 1 })] [string]$Sopassword, [Parameter(Mandatory)] [ValidateScript({ $_.Length -gt 1 })] [string]$Oldsopassword, [Parameter(Mandatory)] [ValidateScript({ $_.Length -gt 1 })] [string]$Userpassword, [ValidateScript({ $_.Length -gt 1 })] [string]$Hsmlabel ) begin { Write-Verbose "Invoke-ADCUpdateSslfips: Starting" } process { try { $payload = @{ inithsm = $inithsm sopassword = $sopassword oldsopassword = $oldsopassword userpassword = $userpassword } if ( $PSBoundParameters.ContainsKey('hsmlabel') ) { $payload.Add('hsmlabel', $hsmlabel) } if ( $PSCmdlet.ShouldProcess("sslfips", "Update SSL configuration Object") ) { $result = Invoke-ADCNitroApi -ADCSession $ADCSession -Method PUT -NitroPath nitro/v1/config -Type sslfips -Payload $payload -GetWarning #HTTP Status Code on Success: 200 OK #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error Write-Output $result } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCUpdateSslfips: Finished" } } function Invoke-ADCUnsetSslfips { <# .SYNOPSIS Unset SSL configuration Object. .DESCRIPTION Configuration for fips resource. .PARAMETER Hsmlabel Label to identify the Hardware Security Module (HSM). .EXAMPLE PS C:\>Invoke-ADCUnsetSslfips An example how to unset sslfips configuration Object(s). .NOTES File Name : Invoke-ADCUnsetSslfips Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslfips Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Boolean]$hsmlabel ) begin { Write-Verbose "Invoke-ADCUnsetSslfips: Starting" } process { try { $payload = @{ } if ( $PSBoundParameters.ContainsKey('hsmlabel') ) { $payload.Add('hsmlabel', $hsmlabel) } if ( $PSCmdlet.ShouldProcess("sslfips", "Unset SSL configuration Object") ) { $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method POST -Type sslfips -NitroPath nitro/v1/config -Action unset -Payload $payload -GetWarning #HTTP Status Code on Success: 200 OK #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error Write-Output $response } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCUnsetSslfips: Finished" } } function Invoke-ADCResetSslfips { <# .SYNOPSIS Reset SSL configuration Object. .DESCRIPTION Configuration for fips resource. .EXAMPLE PS C:\>Invoke-ADCResetSslfips An example how to reset sslfips configuration Object(s). .NOTES File Name : Invoke-ADCResetSslfips Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslfips/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession) ) begin { Write-Verbose "Invoke-ADCResetSslfips: Starting" } process { try { $payload = @{ } if ( $PSCmdlet.ShouldProcess($Name, "Reset SSL configuration Object") ) { $result = Invoke-ADCNitroApi -ADCSession $ADCSession -Method POST -NitroPath nitro/v1/config -Type sslfips -Action reset -Payload $payload -GetWarning #HTTP Status Code on Success: 200 OK #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error Write-Output $result } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCResetSslfips: Finished" } } function Invoke-ADCChangeSslfips { <# .SYNOPSIS Change SSL configuration Object. .DESCRIPTION Configuration for fips resource. .PARAMETER Fipsfw Path to the FIPS firmware file. .EXAMPLE PS C:\>Invoke-ADCChangeSslfips -fipsfw <string> An example how to change sslfips configuration Object(s). .NOTES File Name : Invoke-ADCChangeSslfips Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslfips/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(Mandatory)] [ValidateScript({ $_.Length -gt 1 })] [string]$Fipsfw ) begin { Write-Verbose "Invoke-ADCChangeSslfips: Starting" } process { try { $payload = @{ fipsfw = $fipsfw } if ( $PSCmdlet.ShouldProcess("sslfips", "Change SSL configuration Object") ) { $result = Invoke-ADCNitroApi -ADCSession $ADCSession -Method POST -NitroPath nitro/v1/config -Type sslfips -Action update -Payload $payload -GetWarning #HTTP Status Code on Success: 200 OK #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error Write-Output $result } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCChangeSslfips: Finished" } } function Invoke-ADCGetSslfips { <# .SYNOPSIS Get SSL configuration object(s). .DESCRIPTION Configuration for fips resource. .PARAMETER GetAll Retrieve all sslfips object(s). .PARAMETER Count If specified, the count of the sslfips object(s) will be returned. .PARAMETER Filter Specify a filter. -Filter @{ 'name'='<value>' } .PARAMETER ViewSummary When specified, only a summary of information is returned. .EXAMPLE PS C:\>Invoke-ADCGetSslfips Get data. .EXAMPLE PS C:\>Invoke-ADCGetSslfips -GetAll Get all sslfips data. .EXAMPLE PS C:\>Invoke-ADCGetSslfips -name <string> Get sslfips object by specifying for example the name. .EXAMPLE PS C:\>Invoke-ADCGetSslfips -Filter @{ 'name'='<value>' } Get sslfips data with a filter. .NOTES File Name : Invoke-ADCGetSslfips Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslfips/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(DefaultParameterSetName = "GetAll")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [hashtable]$Filter = @{ }, [Parameter(ParameterSetName = 'GetAll')] [Switch]$GetAll ) begin { Write-Verbose "Invoke-ADCGetSslfips: Beginning" } process { try { if ( $PsCmdlet.ParameterSetName -eq 'GetAll' ) { $query = @{ } Write-Verbose "Retrieving all sslfips objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslfips -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'Count' ) { if ( $PSBoundParameters.ContainsKey('Count') ) { $query = @{ 'count' = 'yes' } } Write-Verbose "Retrieving total count for sslfips objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslfips -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByArgument' ) { Write-Verbose "Retrieving sslfips objects by arguments" $arguments = @{ } $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslfips -NitroPath nitro/v1/config -Arguments $arguments -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByResource' ) { Write-Verbose "Retrieving sslfips configuration for property ''" } else { Write-Verbose "Retrieving sslfips configuration objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslfips -NitroPath nitro/v1/config -Summary:$ViewSummary -Query $query -Filter $Filter -GetWarning } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" $response = $null } Write-Output $response } end { Write-Verbose "Invoke-ADCGetSslfips: Ended" } } function Invoke-ADCCreateSslfipskey { <# .SYNOPSIS Create SSL configuration Object. .DESCRIPTION Configuration for FIPS key resource. .PARAMETER Fipskeyname Name for the FIPS key. Must begin with an ASCII alphanumeric or underscore (_) character, and must contain only ASCII alphanumeric, underscore, hash (#), period (.), space, colon (:), at (@), equals (=), and hyphen (-) characters. Cannot be changed after the FIPS key is created. .PARAMETER Keytype Only RSA key and ECDSA Key are supported. Possible values = RSA, ECDSA .PARAMETER Exponent Exponent value for the FIPS key to be created. Available values function as follows: 3=3 (hexadecimal) F4=10001 (hexadecimal). Possible values = 3, F4 .PARAMETER Modulus Modulus, in multiples of 64, of the FIPS key to be created. .PARAMETER Curve Only p_256 (prime256v1) and P_384 (secp384r1) are supported. Possible values = P_256, P_384 .EXAMPLE PS C:\>Invoke-ADCCreateSslfipskey -fipskeyname <string> -keytype <string> An example how to create sslfipskey configuration Object(s). .NOTES File Name : Invoke-ADCCreateSslfipskey Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslfipskey/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(Mandatory)] [ValidateScript({ $_.Length -gt 1 })] [ValidatePattern('^(([a-zA-Z0-9]|[_])+([a-zA-Z0-9]|[_])+)$')] [string]$Fipskeyname, [Parameter(Mandatory)] [ValidateSet('RSA', 'ECDSA')] [string]$Keytype, [ValidateSet('3', 'F4')] [string]$Exponent, [ValidateRange(0, 4096)] [double]$Modulus, [ValidateSet('P_256', 'P_384')] [string]$Curve ) begin { Write-Verbose "Invoke-ADCCreateSslfipskey: Starting" } process { try { $payload = @{ fipskeyname = $fipskeyname keytype = $keytype } if ( $PSBoundParameters.ContainsKey('exponent') ) { $payload.Add('exponent', $exponent) } if ( $PSBoundParameters.ContainsKey('modulus') ) { $payload.Add('modulus', $modulus) } if ( $PSBoundParameters.ContainsKey('curve') ) { $payload.Add('curve', $curve) } if ( $PSCmdlet.ShouldProcess($Name, "Create SSL configuration Object") ) { $result = Invoke-ADCNitroApi -ADCSession $ADCSession -Method POST -NitroPath nitro/v1/config -Type sslfipskey -Action create -Payload $payload -GetWarning #HTTP Status Code on Success: 200 OK #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error Write-Output $result } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCCreateSslfipskey: Finished" } } function Invoke-ADCDeleteSslfipskey { <# .SYNOPSIS Delete SSL configuration Object. .DESCRIPTION Configuration for FIPS key resource. .PARAMETER Fipskeyname Name for the FIPS key. Must begin with an ASCII alphanumeric or underscore (_) character, and must contain only ASCII alphanumeric, underscore, hash (#), period (.), space, colon (:), at (@), equals (=), and hyphen (-) characters. Cannot be changed after the FIPS key is created. .EXAMPLE PS C:\>Invoke-ADCDeleteSslfipskey -Fipskeyname <string> An example how to delete sslfipskey configuration Object(s). .NOTES File Name : Invoke-ADCDeleteSslfipskey Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslfipskey/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(Mandatory)] [string]$Fipskeyname ) begin { Write-Verbose "Invoke-ADCDeleteSslfipskey: Starting" } process { try { $arguments = @{ } if ( $PSCmdlet.ShouldProcess("$fipskeyname", "Delete SSL configuration Object") ) { $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method DELETE -Type sslfipskey -NitroPath nitro/v1/config -Resource $fipskeyname -Arguments $arguments #HTTP Status Code on Success: 200 OK #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error Write-Output $response } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCDeleteSslfipskey: Finished" } } function Invoke-ADCImportSslfipskey { <# .SYNOPSIS Import SSL configuration Object. .DESCRIPTION Configuration for FIPS key resource. .PARAMETER Fipskeyname Name for the FIPS key. Must begin with an ASCII alphanumeric or underscore (_) character, and must contain only ASCII alphanumeric, underscore, hash (#), period (.), space, colon (:), at (@), equals (=), and hyphen (-) characters. Cannot be changed after the FIPS key is created. .PARAMETER Key Name of and, optionally, path to the key file to be imported. /nsconfig/ssl/ is the default path. .PARAMETER Inform Input format of the key file. Available formats are: SIM - Secure Information Management; select when importing a FIPS key. If the external FIPS key is encrypted, first decrypt it, and then import it. PEM - Privacy Enhanced Mail; select when importing a non-FIPS key. Possible values = SIM, DER, PEM .PARAMETER Wrapkeyname Name of the wrap key to use for importing the key. Required for importing a non-FIPS key. .PARAMETER Initalizationvector Initialization Vector (IV) to use for importing the key. Required for importing a non-FIPS key. NOTE: The Nitro parameter 'iv' cannot be used as a PowerShell parameter, therefore an alternative Parameter name was chosen. .PARAMETER Exponent Exponent value for the FIPS key to be created. Available values function as follows: 3=3 (hexadecimal) F4=10001 (hexadecimal). Possible values = 3, F4 .EXAMPLE PS C:\>Invoke-ADCImportSslfipskey -fipskeyname <string> -key <string> An example how to import sslfipskey configuration Object(s). .NOTES File Name : Invoke-ADCImportSslfipskey Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslfipskey/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(Mandatory)] [ValidateScript({ $_.Length -gt 1 })] [ValidatePattern('^(([a-zA-Z0-9]|[_])+([a-zA-Z0-9]|[_])+)$')] [string]$Fipskeyname, [Parameter(Mandatory)] [ValidateScript({ $_.Length -gt 1 })] [string]$Key, [ValidateSet('SIM', 'DER', 'PEM')] [string]$Inform, [ValidateScript({ $_.Length -gt 1 })] [string]$Wrapkeyname, [ValidateScript({ $_.Length -gt 1 })] [string]$Initalizationvector, [ValidateSet('3', 'F4')] [string]$Exponent ) begin { Write-Verbose "Invoke-ADCImportSslfipskey: Starting" } process { try { $payload = @{ fipskeyname = $fipskeyname key = $key } if ( $PSBoundParameters.ContainsKey('inform') ) { $payload.Add('inform', $inform) } if ( $PSBoundParameters.ContainsKey('wrapkeyname') ) { $payload.Add('wrapkeyname', $wrapkeyname) } if ( $PSBoundParameters.ContainsKey('initalizationvector') ) { $payload.Add('iv', $initalizationvector) } if ( $PSBoundParameters.ContainsKey('exponent') ) { $payload.Add('exponent', $exponent) } if ( $PSCmdlet.ShouldProcess($Name, "Import SSL configuration Object") ) { $result = Invoke-ADCNitroApi -ADCSession $ADCSession -Method POST -NitroPath nitro/v1/config -Type sslfipskey -Action import -Payload $payload -GetWarning #HTTP Status Code on Success: 200 OK #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error Write-Output $result } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCImportSslfipskey: Finished" } } function Invoke-ADCExportSslfipskey { <# .SYNOPSIS Export SSL configuration Object. .DESCRIPTION Configuration for FIPS key resource. .PARAMETER Fipskeyname Name for the FIPS key. Must begin with an ASCII alphanumeric or underscore (_) character, and must contain only ASCII alphanumeric, underscore, hash (#), period (.), space, colon (:), at (@), equals (=), and hyphen (-) characters. Cannot be changed after the FIPS key is created. .PARAMETER Key Name of and, optionally, path to the key file to be imported. /nsconfig/ssl/ is the default path. .EXAMPLE PS C:\>Invoke-ADCExportSslfipskey -fipskeyname <string> -key <string> An example how to export sslfipskey configuration Object(s). .NOTES File Name : Invoke-ADCExportSslfipskey Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslfipskey/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(Mandatory)] [ValidateScript({ $_.Length -gt 1 })] [ValidatePattern('^(([a-zA-Z0-9]|[_])+([a-zA-Z0-9]|[_])+)$')] [string]$Fipskeyname, [Parameter(Mandatory)] [ValidateScript({ $_.Length -gt 1 })] [string]$Key ) begin { Write-Verbose "Invoke-ADCExportSslfipskey: Starting" } process { try { $payload = @{ fipskeyname = $fipskeyname key = $key } if ( $PSCmdlet.ShouldProcess($Name, "Export SSL configuration Object") ) { $result = Invoke-ADCNitroApi -ADCSession $ADCSession -Method POST -NitroPath nitro/v1/config -Type sslfipskey -Action export -Payload $payload -GetWarning #HTTP Status Code on Success: 200 OK #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error Write-Output $result } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCExportSslfipskey: Finished" } } function Invoke-ADCGetSslfipskey { <# .SYNOPSIS Get SSL configuration object(s). .DESCRIPTION Configuration for FIPS key resource. .PARAMETER Fipskeyname Name for the FIPS key. Must begin with an ASCII alphanumeric or underscore (_) character, and must contain only ASCII alphanumeric, underscore, hash (#), period (.), space, colon (:), at (@), equals (=), and hyphen (-) characters. Cannot be changed after the FIPS key is created. .PARAMETER GetAll Retrieve all sslfipskey object(s). .PARAMETER Count If specified, the count of the sslfipskey object(s) will be returned. .PARAMETER Filter Specify a filter. -Filter @{ 'name'='<value>' } .PARAMETER ViewSummary When specified, only a summary of information is returned. .EXAMPLE PS C:\>Invoke-ADCGetSslfipskey Get data. .EXAMPLE PS C:\>Invoke-ADCGetSslfipskey -GetAll Get all sslfipskey data. .EXAMPLE PS C:\>Invoke-ADCGetSslfipskey -Count Get the number of sslfipskey objects. .EXAMPLE PS C:\>Invoke-ADCGetSslfipskey -name <string> Get sslfipskey object by specifying for example the name. .EXAMPLE PS C:\>Invoke-ADCGetSslfipskey -Filter @{ 'name'='<value>' } Get sslfipskey data with a filter. .NOTES File Name : Invoke-ADCGetSslfipskey Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslfipskey/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(DefaultParameterSetName = "GetAll")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(ParameterSetName = 'GetByResource')] [ValidateScript({ $_.Length -gt 1 })] [ValidatePattern('^(([a-zA-Z0-9]|[_])+([a-zA-Z0-9]|[_])+)$')] [string]$Fipskeyname, [Parameter(ParameterSetName = 'Count', Mandatory)] [Switch]$Count, [hashtable]$Filter = @{ }, [Parameter(ParameterSetName = 'GetAll')] [Switch]$GetAll, [Parameter(ParameterSetName = 'GetAll')] [Parameter(ParameterSetName = 'Get')] [Switch]$ViewSummary ) begin { Write-Verbose "Invoke-ADCGetSslfipskey: Beginning" } process { try { if ( $PsCmdlet.ParameterSetName -eq 'GetAll' ) { $query = @{ } Write-Verbose "Retrieving all sslfipskey objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslfipskey -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'Count' ) { if ( $PSBoundParameters.ContainsKey('Count') ) { $query = @{ 'count' = 'yes' } } Write-Verbose "Retrieving total count for sslfipskey objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslfipskey -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByArgument' ) { Write-Verbose "Retrieving sslfipskey objects by arguments" $arguments = @{ } $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslfipskey -NitroPath nitro/v1/config -Arguments $arguments -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByResource' ) { Write-Verbose "Retrieving sslfipskey configuration for property 'fipskeyname'" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslfipskey -NitroPath nitro/v1/config -Resource $fipskeyname -Summary:$ViewSummary -Filter $Filter -GetWarning } else { Write-Verbose "Retrieving sslfipskey configuration objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslfipskey -NitroPath nitro/v1/config -Summary:$ViewSummary -Query $query -Filter $Filter -GetWarning } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" $response = $null } Write-Output $response } end { Write-Verbose "Invoke-ADCGetSslfipskey: Ended" } } function Invoke-ADCEnableSslfipssimsource { <# .SYNOPSIS Enable SSL configuration Object. .DESCRIPTION Configuration for FIPsSIM source resource. .PARAMETER Targetsecret Name of and, optionally, path to the target FIPS appliance's secret data. /nsconfig/ssl/ is the default path. .PARAMETER Sourcesecret Name for and, optionally, path to the source FIPS appliance's secret data. /nsconfig/ssl/ is the default path. .EXAMPLE PS C:\>Invoke-ADCEnableSslfipssimsource -targetsecret <string> -sourcesecret <string> An example how to enable sslfipssimsource configuration Object(s). .NOTES File Name : Invoke-ADCEnableSslfipssimsource Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslfipssimsource/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(Mandatory)] [ValidateScript({ $_.Length -gt 1 })] [string]$Targetsecret, [Parameter(Mandatory)] [ValidateScript({ $_.Length -gt 1 })] [string]$Sourcesecret ) begin { Write-Verbose "Invoke-ADCEnableSslfipssimsource: Starting" } process { try { $payload = @{ targetsecret = $targetsecret sourcesecret = $sourcesecret } if ( $PSCmdlet.ShouldProcess($Name, "Enable SSL configuration Object") ) { $result = Invoke-ADCNitroApi -ADCSession $ADCSession -Method POST -NitroPath nitro/v1/config -Type sslfipssimsource -Action enable -Payload $payload -GetWarning #HTTP Status Code on Success: 200 OK #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error Write-Output $result } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCEnableSslfipssimsource: Finished" } } function Invoke-ADCInitSslfipssimsource { <# .SYNOPSIS Init SSL configuration Object. .DESCRIPTION Configuration for FIPsSIM source resource. .PARAMETER Certfile Name for and, optionally, path to the source FIPS appliance's certificate file. /nsconfig/ssl/ is the default path. .EXAMPLE PS C:\>Invoke-ADCInitSslfipssimsource -certfile <string> An example how to init sslfipssimsource configuration Object(s). .NOTES File Name : Invoke-ADCInitSslfipssimsource Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslfipssimsource/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(Mandatory)] [ValidateScript({ $_.Length -gt 1 })] [string]$Certfile ) begin { Write-Verbose "Invoke-ADCInitSslfipssimsource: Starting" } process { try { $payload = @{ certfile = $certfile } if ( $PSCmdlet.ShouldProcess($Name, "Init SSL configuration Object") ) { $result = Invoke-ADCNitroApi -ADCSession $ADCSession -Method POST -NitroPath nitro/v1/config -Type sslfipssimsource -Action init -Payload $payload -GetWarning #HTTP Status Code on Success: 200 OK #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error Write-Output $result } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCInitSslfipssimsource: Finished" } } function Invoke-ADCEnableSslfipssimtarget { <# .SYNOPSIS Enable SSL configuration Object. .DESCRIPTION Configuration for FIPS SIM Target resource. .PARAMETER Keyvector Name of and, optionally, path to the target FIPS appliance's key vector. /nsconfig/ssl/ is the default path. .PARAMETER Sourcesecret Name of and, optionally, path to the source FIPS appliance's secret data. /nsconfig/ssl/ is the default path. .EXAMPLE PS C:\>Invoke-ADCEnableSslfipssimtarget -keyvector <string> -sourcesecret <string> An example how to enable sslfipssimtarget configuration Object(s). .NOTES File Name : Invoke-ADCEnableSslfipssimtarget Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslfipssimtarget/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(Mandatory)] [ValidateScript({ $_.Length -gt 1 })] [string]$Keyvector, [Parameter(Mandatory)] [ValidateScript({ $_.Length -gt 1 })] [string]$Sourcesecret ) begin { Write-Verbose "Invoke-ADCEnableSslfipssimtarget: Starting" } process { try { $payload = @{ keyvector = $keyvector sourcesecret = $sourcesecret } if ( $PSCmdlet.ShouldProcess($Name, "Enable SSL configuration Object") ) { $result = Invoke-ADCNitroApi -ADCSession $ADCSession -Method POST -NitroPath nitro/v1/config -Type sslfipssimtarget -Action enable -Payload $payload -GetWarning #HTTP Status Code on Success: 200 OK #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error Write-Output $result } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCEnableSslfipssimtarget: Finished" } } function Invoke-ADCInitSslfipssimtarget { <# .SYNOPSIS Init SSL configuration Object. .DESCRIPTION Configuration for FIPS SIM Target resource. .PARAMETER Certfile Name of and, optionally, path to the source FIPS appliance's certificate file. /nsconfig/ssl/ is the default path. .PARAMETER Keyvector Name of and, optionally, path to the target FIPS appliance's key vector. /nsconfig/ssl/ is the default path. .PARAMETER Targetsecret Name for and, optionally, path to the target FIPS appliance's secret data. The default input path for the secret data is /nsconfig/ssl/. .EXAMPLE PS C:\>Invoke-ADCInitSslfipssimtarget -certfile <string> -keyvector <string> -targetsecret <string> An example how to init sslfipssimtarget configuration Object(s). .NOTES File Name : Invoke-ADCInitSslfipssimtarget Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslfipssimtarget/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(Mandatory)] [ValidateScript({ $_.Length -gt 1 })] [string]$Certfile, [Parameter(Mandatory)] [ValidateScript({ $_.Length -gt 1 })] [string]$Keyvector, [Parameter(Mandatory)] [ValidateScript({ $_.Length -gt 1 })] [string]$Targetsecret ) begin { Write-Verbose "Invoke-ADCInitSslfipssimtarget: Starting" } process { try { $payload = @{ certfile = $certfile keyvector = $keyvector targetsecret = $targetsecret } if ( $PSCmdlet.ShouldProcess($Name, "Init SSL configuration Object") ) { $result = Invoke-ADCNitroApi -ADCSession $ADCSession -Method POST -NitroPath nitro/v1/config -Type sslfipssimtarget -Action init -Payload $payload -GetWarning #HTTP Status Code on Success: 200 OK #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error Write-Output $result } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCInitSslfipssimtarget: Finished" } } function Invoke-ADCGetSslglobalbinding { <# .SYNOPSIS Get SSL configuration object(s). .DESCRIPTION Binding object which returns the resources bound to sslglobal. .PARAMETER GetAll Retrieve all sslglobal_binding object(s). .PARAMETER Count If specified, the count of the sslglobal_binding object(s) will be returned. .PARAMETER Filter Specify a filter. -Filter @{ 'name'='<value>' } .PARAMETER ViewSummary When specified, only a summary of information is returned. .EXAMPLE PS C:\>Invoke-ADCGetSslglobalbinding Get data. .EXAMPLE PS C:\>Invoke-ADCGetSslglobalbinding -GetAll Get all sslglobal_binding data. .EXAMPLE PS C:\>Invoke-ADCGetSslglobalbinding -name <string> Get sslglobal_binding object by specifying for example the name. .EXAMPLE PS C:\>Invoke-ADCGetSslglobalbinding -Filter @{ 'name'='<value>' } Get sslglobal_binding data with a filter. .NOTES File Name : Invoke-ADCGetSslglobalbinding Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslglobal_binding/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(DefaultParameterSetName = "GetAll")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [hashtable]$Filter = @{ }, [Parameter(ParameterSetName = 'GetAll')] [Switch]$GetAll ) begin { Write-Verbose "Invoke-ADCGetSslglobalbinding: Beginning" } process { try { if ( $PsCmdlet.ParameterSetName -eq 'GetAll' ) { $query = @{ bulkbindings = 'yes' } Write-Verbose "Retrieving all sslglobal_binding objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslglobal_binding -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'Count' ) { if ( $PSBoundParameters.ContainsKey('Count') ) { $query = @{ 'count' = 'yes' } } Write-Verbose "Retrieving total count for sslglobal_binding objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslglobal_binding -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByArgument' ) { Write-Verbose "Retrieving sslglobal_binding objects by arguments" $arguments = @{ } $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslglobal_binding -NitroPath nitro/v1/config -Arguments $arguments -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByResource' ) { Write-Verbose "Retrieving sslglobal_binding configuration for property ''" } else { Write-Verbose "Retrieving sslglobal_binding configuration objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslglobal_binding -NitroPath nitro/v1/config -Summary:$ViewSummary -Query $query -Filter $Filter -GetWarning } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" $response = $null } Write-Output $response } end { Write-Verbose "Invoke-ADCGetSslglobalbinding: Ended" } } function Invoke-ADCAddSslglobalsslpolicybinding { <# .SYNOPSIS Add SSL configuration Object. .DESCRIPTION Binding object showing the sslpolicy that can be bound to sslglobal. .PARAMETER Policyname The name for the SSL policy. .PARAMETER Priority The priority of the policy binding. .PARAMETER Gotopriorityexpression Expression or other value specifying the next policy to be evaluated if the current policy evaluates to TRUE. Specify one of the following values: * NEXT - Evaluate the policy with the next higher priority number. * END - End policy evaluation. * USE_INVOCATION_RESULT - Applicable if this policy invokes another policy label. If the final goto in the invoked policy label has a value of END, the evaluation stops. If the final goto is anything other than END, the current policy label performs a NEXT. * An expression that evaluates to a number. If you specify an expression, the number to which it evaluates determines the next policy to evaluate, as follows: * If the expression evaluates to a higher numbered priority, the policy with that priority is evaluated next. * If the expression evaluates to the priority of the current policy, the policy with the next higher numbered priority is evaluated next. * If the expression evaluates to a number that is larger than the largest numbered priority, policy evaluation ends. An UNDEF event is triggered if: * The expression is invalid. * The expression evaluates to a priority number that is numerically lower than the current policy's priority. * The expression evaluates to a priority number that is between the current policy's priority number (say, 30) and the highest priority number (say, 100), but does not match any configured priority number (for example, the expression evaluates to the number 85). This example assumes that the priority number increments by 10 for every successive policy, and therefore a priority number of 85 does not exist in the policy label. .PARAMETER Type Global bind point to which the policy is bound. Possible values = CONTROL_OVERRIDE, CONTROL_DEFAULT, DATA_OVERRIDE, DATA_DEFAULT, HTTPQUIC_CONTROL_OVERRIDE, HTTPQUIC_CONTROL_DEFAULT, HTTPQUIC_DATA_OVERRIDE, HTTPQUIC_DATA_DEFAULT .PARAMETER Invoke Invoke policies bound to a virtual server, service, or policy label. After the invoked policies are evaluated, the flow returns to the policy with the next priority. .PARAMETER Labeltype Type of policy label to invoke. Specify virtual server for a policy label associated with a virtual server, or policy label for a user-defined policy label. Possible values = vserver, service, policylabel .PARAMETER Labelname Name of the virtual server or user-defined policy label to invoke if the policy evaluates to TRUE. .PARAMETER PassThru Return details about the created sslglobal_sslpolicy_binding item. .EXAMPLE PS C:\>Invoke-ADCAddSslglobalsslpolicybinding An example how to add sslglobal_sslpolicy_binding configuration Object(s). .NOTES File Name : Invoke-ADCAddSslglobalsslpolicybinding Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslglobal_sslpolicy_binding/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [string]$Policyname, [double]$Priority, [string]$Gotopriorityexpression = '"END"', [ValidateSet('CONTROL_OVERRIDE', 'CONTROL_DEFAULT', 'DATA_OVERRIDE', 'DATA_DEFAULT', 'HTTPQUIC_CONTROL_OVERRIDE', 'HTTPQUIC_CONTROL_DEFAULT', 'HTTPQUIC_DATA_OVERRIDE', 'HTTPQUIC_DATA_DEFAULT')] [string]$Type, [boolean]$Invoke, [ValidateSet('vserver', 'service', 'policylabel')] [string]$Labeltype, [string]$Labelname, [Switch]$PassThru ) begin { Write-Verbose "Invoke-ADCAddSslglobalsslpolicybinding: Starting" } process { try { $payload = @{ } if ( $PSBoundParameters.ContainsKey('policyname') ) { $payload.Add('policyname', $policyname) } if ( $PSBoundParameters.ContainsKey('priority') ) { $payload.Add('priority', $priority) } if ( $PSBoundParameters.ContainsKey('gotopriorityexpression') ) { $payload.Add('gotopriorityexpression', $gotopriorityexpression) } if ( $PSBoundParameters.ContainsKey('type') ) { $payload.Add('type', $type) } if ( $PSBoundParameters.ContainsKey('invoke') ) { $payload.Add('invoke', $invoke) } if ( $PSBoundParameters.ContainsKey('labeltype') ) { $payload.Add('labeltype', $labeltype) } if ( $PSBoundParameters.ContainsKey('labelname') ) { $payload.Add('labelname', $labelname) } if ( $PSCmdlet.ShouldProcess("sslglobal_sslpolicy_binding", "Add SSL configuration Object") ) { $result = Invoke-ADCNitroApi -ADCSession $ADCSession -Method PUT -NitroPath nitro/v1/config -Type sslglobal_sslpolicy_binding -Payload $payload -GetWarning #HTTP Status Code on Success: 201 Created #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error if ( $PSBoundParameters.ContainsKey('PassThru') ) { Write-Output (Invoke-ADCGetSslglobalsslpolicybinding -Filter $payload) } else { Write-Output $result } } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCAddSslglobalsslpolicybinding: Finished" } } function Invoke-ADCDeleteSslglobalsslpolicybinding { <# .SYNOPSIS Delete SSL configuration Object. .DESCRIPTION Binding object showing the sslpolicy that can be bound to sslglobal. .PARAMETER Policyname The name for the SSL policy. .PARAMETER Type Global bind point to which the policy is bound. Possible values = CONTROL_OVERRIDE, CONTROL_DEFAULT, DATA_OVERRIDE, DATA_DEFAULT, HTTPQUIC_CONTROL_OVERRIDE, HTTPQUIC_CONTROL_DEFAULT, HTTPQUIC_DATA_OVERRIDE, HTTPQUIC_DATA_DEFAULT .PARAMETER Priority The priority of the policy binding. .EXAMPLE PS C:\>Invoke-ADCDeleteSslglobalsslpolicybinding An example how to delete sslglobal_sslpolicy_binding configuration Object(s). .NOTES File Name : Invoke-ADCDeleteSslglobalsslpolicybinding Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslglobal_sslpolicy_binding/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [string]$Policyname, [string]$Type, [double]$Priority ) begin { Write-Verbose "Invoke-ADCDeleteSslglobalsslpolicybinding: Starting" } process { try { $arguments = @{ } if ( $PSBoundParameters.ContainsKey('Policyname') ) { $arguments.Add('policyname', $Policyname) } if ( $PSBoundParameters.ContainsKey('Type') ) { $arguments.Add('type', $Type) } if ( $PSBoundParameters.ContainsKey('Priority') ) { $arguments.Add('priority', $Priority) } if ( $PSCmdlet.ShouldProcess("sslglobal_sslpolicy_binding", "Delete SSL configuration Object") ) { $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method DELETE -Type sslglobal_sslpolicy_binding -NitroPath nitro/v1/config -Resource $ -Arguments $arguments #HTTP Status Code on Success: 200 OK #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error Write-Output $response } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCDeleteSslglobalsslpolicybinding: Finished" } } function Invoke-ADCGetSslglobalsslpolicybinding { <# .SYNOPSIS Get SSL configuration object(s). .DESCRIPTION Binding object showing the sslpolicy that can be bound to sslglobal. .PARAMETER GetAll Retrieve all sslglobal_sslpolicy_binding object(s). .PARAMETER Count If specified, the count of the sslglobal_sslpolicy_binding object(s) will be returned. .PARAMETER Filter Specify a filter. -Filter @{ 'name'='<value>' } .PARAMETER ViewSummary When specified, only a summary of information is returned. .EXAMPLE PS C:\>Invoke-ADCGetSslglobalsslpolicybinding Get data. .EXAMPLE PS C:\>Invoke-ADCGetSslglobalsslpolicybinding -GetAll Get all sslglobal_sslpolicy_binding data. .EXAMPLE PS C:\>Invoke-ADCGetSslglobalsslpolicybinding -Count Get the number of sslglobal_sslpolicy_binding objects. .EXAMPLE PS C:\>Invoke-ADCGetSslglobalsslpolicybinding -name <string> Get sslglobal_sslpolicy_binding object by specifying for example the name. .EXAMPLE PS C:\>Invoke-ADCGetSslglobalsslpolicybinding -Filter @{ 'name'='<value>' } Get sslglobal_sslpolicy_binding data with a filter. .NOTES File Name : Invoke-ADCGetSslglobalsslpolicybinding Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslglobal_sslpolicy_binding/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(DefaultParameterSetName = "GetAll")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(ParameterSetName = 'Count', Mandatory)] [Switch]$Count, [hashtable]$Filter = @{ }, [Parameter(ParameterSetName = 'GetAll')] [Switch]$GetAll ) begin { Write-Verbose "Invoke-ADCGetSslglobalsslpolicybinding: Beginning" } process { try { if ( $PsCmdlet.ParameterSetName -eq 'GetAll' ) { $query = @{ bulkbindings = 'yes' } Write-Verbose "Retrieving all sslglobal_sslpolicy_binding objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslglobal_sslpolicy_binding -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'Count' ) { if ( $PSBoundParameters.ContainsKey('Count') ) { $query = @{ 'count' = 'yes' } } Write-Verbose "Retrieving total count for sslglobal_sslpolicy_binding objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslglobal_sslpolicy_binding -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByArgument' ) { Write-Verbose "Retrieving sslglobal_sslpolicy_binding objects by arguments" $arguments = @{ } $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslglobal_sslpolicy_binding -NitroPath nitro/v1/config -Arguments $arguments -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByResource' ) { Write-Verbose "Retrieving sslglobal_sslpolicy_binding configuration for property ''" } else { Write-Verbose "Retrieving sslglobal_sslpolicy_binding configuration objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslglobal_sslpolicy_binding -NitroPath nitro/v1/config -Summary:$ViewSummary -Query $query -Filter $Filter -GetWarning } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" $response = $null } Write-Output $response } end { Write-Verbose "Invoke-ADCGetSslglobalsslpolicybinding: Ended" } } function Invoke-ADCAddSslhsmkey { <# .SYNOPSIS Add SSL configuration Object. .DESCRIPTION Configuration for HSM key resource. .PARAMETER Hsmkeyname . .PARAMETER Hsmtype Type of HSM. Possible values = THALES, SAFENET, KEYVAULT .PARAMETER Key Name of the key. optionally, for Thales, path to the HSM key file; /var/opt/nfast/kmdata/local/ is the default path. Applies when HSMTYPE is THALES or KEYVAULT. .PARAMETER Serialnum Serial number of the partition on which the key is present. Applies only to SafeNet HSM. .PARAMETER Password Password for a partition. Applies only to SafeNet HSM. .PARAMETER Keystore Name of keystore object representing HSM where key is stored. For example, name of keyvault object or azurekeyvault authentication object. Applies only to KEYVAULT type HSM. .PARAMETER PassThru Return details about the created sslhsmkey item. .EXAMPLE PS C:\>Invoke-ADCAddSslhsmkey -hsmkeyname <string> An example how to add sslhsmkey configuration Object(s). .NOTES File Name : Invoke-ADCAddSslhsmkey Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslhsmkey/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(Mandatory)] [ValidateScript({ $_.Length -gt 1 })] [string]$Hsmkeyname, [ValidateSet('THALES', 'SAFENET', 'KEYVAULT')] [string]$Hsmtype = 'THALES', [string]$Key, [string]$Serialnum, [ValidateScript({ $_.Length -gt 1 })] [string]$Password, [ValidateScript({ $_.Length -gt 1 })] [string]$Keystore, [Switch]$PassThru ) begin { Write-Verbose "Invoke-ADCAddSslhsmkey: Starting" } process { try { $payload = @{ hsmkeyname = $hsmkeyname } if ( $PSBoundParameters.ContainsKey('hsmtype') ) { $payload.Add('hsmtype', $hsmtype) } if ( $PSBoundParameters.ContainsKey('key') ) { $payload.Add('key', $key) } if ( $PSBoundParameters.ContainsKey('serialnum') ) { $payload.Add('serialnum', $serialnum) } if ( $PSBoundParameters.ContainsKey('password') ) { $payload.Add('password', $password) } if ( $PSBoundParameters.ContainsKey('keystore') ) { $payload.Add('keystore', $keystore) } if ( $PSCmdlet.ShouldProcess("sslhsmkey", "Add SSL configuration Object") ) { $result = Invoke-ADCNitroApi -ADCSession $ADCSession -Method POST -NitroPath nitro/v1/config -Type sslhsmkey -Payload $payload -GetWarning #HTTP Status Code on Success: 201 Created #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error if ( $PSBoundParameters.ContainsKey('PassThru') ) { Write-Output (Invoke-ADCGetSslhsmkey -Filter $payload) } else { Write-Output $result } } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCAddSslhsmkey: Finished" } } function Invoke-ADCDeleteSslhsmkey { <# .SYNOPSIS Delete SSL configuration Object. .DESCRIPTION Configuration for HSM key resource. .PARAMETER Hsmkeyname . .PARAMETER Hsmtype Type of HSM. Possible values = THALES, SAFENET, KEYVAULT .PARAMETER Serialnum Serial number of the partition on which the key is present. Applies only to SafeNet HSM. .PARAMETER Password Password for a partition. Applies only to SafeNet HSM. .EXAMPLE PS C:\>Invoke-ADCDeleteSslhsmkey -Hsmkeyname <string> An example how to delete sslhsmkey configuration Object(s). .NOTES File Name : Invoke-ADCDeleteSslhsmkey Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslhsmkey/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(Mandatory)] [string]$Hsmkeyname, [string]$Hsmtype, [string]$Serialnum, [string]$Password ) begin { Write-Verbose "Invoke-ADCDeleteSslhsmkey: Starting" } process { try { $arguments = @{ } if ( $PSBoundParameters.ContainsKey('Hsmtype') ) { $arguments.Add('hsmtype', $Hsmtype) } if ( $PSBoundParameters.ContainsKey('Serialnum') ) { $arguments.Add('serialnum', $Serialnum) } if ( $PSBoundParameters.ContainsKey('Password') ) { $arguments.Add('password', $Password) } if ( $PSCmdlet.ShouldProcess("$hsmkeyname", "Delete SSL configuration Object") ) { $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method DELETE -Type sslhsmkey -NitroPath nitro/v1/config -Resource $hsmkeyname -Arguments $arguments #HTTP Status Code on Success: 200 OK #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error Write-Output $response } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCDeleteSslhsmkey: Finished" } } function Invoke-ADCGetSslhsmkey { <# .SYNOPSIS Get SSL configuration object(s). .DESCRIPTION Configuration for HSM key resource. .PARAMETER Hsmkeyname . .PARAMETER GetAll Retrieve all sslhsmkey object(s). .PARAMETER Count If specified, the count of the sslhsmkey object(s) will be returned. .PARAMETER Filter Specify a filter. -Filter @{ 'name'='<value>' } .PARAMETER ViewSummary When specified, only a summary of information is returned. .EXAMPLE PS C:\>Invoke-ADCGetSslhsmkey Get data. .EXAMPLE PS C:\>Invoke-ADCGetSslhsmkey -GetAll Get all sslhsmkey data. .EXAMPLE PS C:\>Invoke-ADCGetSslhsmkey -Count Get the number of sslhsmkey objects. .EXAMPLE PS C:\>Invoke-ADCGetSslhsmkey -name <string> Get sslhsmkey object by specifying for example the name. .EXAMPLE PS C:\>Invoke-ADCGetSslhsmkey -Filter @{ 'name'='<value>' } Get sslhsmkey data with a filter. .NOTES File Name : Invoke-ADCGetSslhsmkey Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslhsmkey/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(DefaultParameterSetName = "GetAll")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(ParameterSetName = 'GetByResource')] [ValidateScript({ $_.Length -gt 1 })] [string]$Hsmkeyname, [Parameter(ParameterSetName = 'Count', Mandatory)] [Switch]$Count, [hashtable]$Filter = @{ }, [Parameter(ParameterSetName = 'GetAll')] [Switch]$GetAll, [Parameter(ParameterSetName = 'GetAll')] [Parameter(ParameterSetName = 'Get')] [Switch]$ViewSummary ) begin { Write-Verbose "Invoke-ADCGetSslhsmkey: Beginning" } process { try { if ( $PsCmdlet.ParameterSetName -eq 'GetAll' ) { $query = @{ } Write-Verbose "Retrieving all sslhsmkey objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslhsmkey -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'Count' ) { if ( $PSBoundParameters.ContainsKey('Count') ) { $query = @{ 'count' = 'yes' } } Write-Verbose "Retrieving total count for sslhsmkey objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslhsmkey -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByArgument' ) { Write-Verbose "Retrieving sslhsmkey objects by arguments" $arguments = @{ } $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslhsmkey -NitroPath nitro/v1/config -Arguments $arguments -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByResource' ) { Write-Verbose "Retrieving sslhsmkey configuration for property 'hsmkeyname'" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslhsmkey -NitroPath nitro/v1/config -Resource $hsmkeyname -Summary:$ViewSummary -Filter $Filter -GetWarning } else { Write-Verbose "Retrieving sslhsmkey configuration objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslhsmkey -NitroPath nitro/v1/config -Summary:$ViewSummary -Query $query -Filter $Filter -GetWarning } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" $response = $null } Write-Output $response } end { Write-Verbose "Invoke-ADCGetSslhsmkey: Ended" } } function Invoke-ADCImportSslkeyfile { <# .SYNOPSIS Import SSL configuration Object. .DESCRIPTION Configuration for Imported ssl key files resource. .PARAMETER Name Name to assign to the imported key file. Must begin with an ASCII alphanumeric or underscore(_) character, and must contain only ASCII alphanumeric, underscore, hash (#), period (.), space, colon (:), at (@),equals (=), and hyphen (-) characters. .PARAMETER Src URL specifying the protocol, host, and path, including file name, to the key file to be imported. For example, http://www.example.com/key_file. NOTE: The import fails if the object to be imported is on an HTTPS server that requires client certificate authentication for access. .PARAMETER Password . .EXAMPLE PS C:\>Invoke-ADCImportSslkeyfile -name <string> -src <string> An example how to import sslkeyfile configuration Object(s). .NOTES File Name : Invoke-ADCImportSslkeyfile Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslkeyfile/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(Mandatory)] [ValidatePattern('^(([a-zA-Z0-9]|[_])+([a-zA-Z0-9]|[_])+)$')] [ValidateLength(1, 31)] [string]$Name, [Parameter(Mandatory)] [ValidateLength(1, 2047)] [string]$Src, [string]$Password ) begin { Write-Verbose "Invoke-ADCImportSslkeyfile: Starting" } process { try { $payload = @{ name = $name src = $src } if ( $PSBoundParameters.ContainsKey('password') ) { $payload.Add('password', $password) } if ( $PSCmdlet.ShouldProcess($Name, "Import SSL configuration Object") ) { $result = Invoke-ADCNitroApi -ADCSession $ADCSession -Method POST -NitroPath nitro/v1/config -Type sslkeyfile -Action import -Payload $payload -GetWarning #HTTP Status Code on Success: 200 OK #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error Write-Output $result } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCImportSslkeyfile: Finished" } } function Invoke-ADCDeleteSslkeyfile { <# .SYNOPSIS Delete SSL configuration Object. .DESCRIPTION Configuration for Imported ssl key files resource. .PARAMETER Name Name to assign to the imported key file. Must begin with an ASCII alphanumeric or underscore(_) character, and must contain only ASCII alphanumeric, underscore, hash (#), period (.), space, colon (:), at (@),equals (=), and hyphen (-) characters. .EXAMPLE PS C:\>Invoke-ADCDeleteSslkeyfile An example how to delete sslkeyfile configuration Object(s). .NOTES File Name : Invoke-ADCDeleteSslkeyfile Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslkeyfile/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [string]$Name ) begin { Write-Verbose "Invoke-ADCDeleteSslkeyfile: Starting" } process { try { $arguments = @{ } if ( $PSBoundParameters.ContainsKey('Name') ) { $arguments.Add('name', $Name) } if ( $PSCmdlet.ShouldProcess("sslkeyfile", "Delete SSL configuration Object") ) { $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method DELETE -Type sslkeyfile -NitroPath nitro/v1/config -Resource $ -Arguments $arguments #HTTP Status Code on Success: 200 OK #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error Write-Output $response } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCDeleteSslkeyfile: Finished" } } function Invoke-ADCGetSslkeyfile { <# .SYNOPSIS Get SSL configuration object(s). .DESCRIPTION Configuration for Imported ssl key files resource. .PARAMETER GetAll Retrieve all sslkeyfile object(s). .PARAMETER Count If specified, the count of the sslkeyfile object(s) will be returned. .PARAMETER Filter Specify a filter. -Filter @{ 'name'='<value>' } .PARAMETER ViewSummary When specified, only a summary of information is returned. .EXAMPLE PS C:\>Invoke-ADCGetSslkeyfile Get data. .EXAMPLE PS C:\>Invoke-ADCGetSslkeyfile -GetAll Get all sslkeyfile data. .EXAMPLE PS C:\>Invoke-ADCGetSslkeyfile -Count Get the number of sslkeyfile objects. .EXAMPLE PS C:\>Invoke-ADCGetSslkeyfile -name <string> Get sslkeyfile object by specifying for example the name. .EXAMPLE PS C:\>Invoke-ADCGetSslkeyfile -Filter @{ 'name'='<value>' } Get sslkeyfile data with a filter. .NOTES File Name : Invoke-ADCGetSslkeyfile Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslkeyfile/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(DefaultParameterSetName = "GetAll")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(ParameterSetName = 'Count', Mandatory)] [Switch]$Count, [hashtable]$Filter = @{ }, [Parameter(ParameterSetName = 'GetAll')] [Switch]$GetAll, [Parameter(ParameterSetName = 'GetAll')] [Switch]$ViewSummary ) begin { Write-Verbose "Invoke-ADCGetSslkeyfile: Beginning" } process { try { if ( $PsCmdlet.ParameterSetName -eq 'GetAll' ) { $query = @{ } Write-Verbose "Retrieving all sslkeyfile objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslkeyfile -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'Count' ) { if ( $PSBoundParameters.ContainsKey('Count') ) { $query = @{ 'count' = 'yes' } } Write-Verbose "Retrieving total count for sslkeyfile objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslkeyfile -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByArgument' ) { Write-Verbose "Retrieving sslkeyfile objects by arguments" $arguments = @{ } $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslkeyfile -NitroPath nitro/v1/config -Arguments $arguments -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByResource' ) { Write-Verbose "Retrieving sslkeyfile configuration for property ''" } else { Write-Verbose "Retrieving sslkeyfile configuration objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslkeyfile -NitroPath nitro/v1/config -Summary:$ViewSummary -Query $query -Filter $Filter -GetWarning } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" $response = $null } Write-Output $response } end { Write-Verbose "Invoke-ADCGetSslkeyfile: Ended" } } function Invoke-ADCAddSsllogprofile { <# .SYNOPSIS Add SSL configuration Object. .DESCRIPTION Configuration for SSL logging Profile resource. .PARAMETER Name The name of the ssllogprofile. .PARAMETER Ssllogclauth log all SSL ClAuth events. Possible values = ENABLED, DISABLED .PARAMETER Ssllogclauthfailures log all SSL ClAuth error events. Possible values = ENABLED, DISABLED .PARAMETER Sslloghs log all SSL HS events. Possible values = ENABLED, DISABLED .PARAMETER Sslloghsfailures log all SSL HS error events. Possible values = ENABLED, DISABLED .PARAMETER PassThru Return details about the created ssllogprofile item. .EXAMPLE PS C:\>Invoke-ADCAddSsllogprofile -name <string> An example how to add ssllogprofile configuration Object(s). .NOTES File Name : Invoke-ADCAddSsllogprofile Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/ssllogprofile/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(Mandatory)] [ValidateLength(1, 127)] [string]$Name, [ValidateSet('ENABLED', 'DISABLED')] [string]$Ssllogclauth = 'DISABLED', [ValidateSet('ENABLED', 'DISABLED')] [string]$Ssllogclauthfailures = 'DISABLED', [ValidateSet('ENABLED', 'DISABLED')] [string]$Sslloghs = 'DISABLED', [ValidateSet('ENABLED', 'DISABLED')] [string]$Sslloghsfailures = 'DISABLED', [Switch]$PassThru ) begin { Write-Verbose "Invoke-ADCAddSsllogprofile: Starting" } process { try { $payload = @{ name = $name } if ( $PSBoundParameters.ContainsKey('ssllogclauth') ) { $payload.Add('ssllogclauth', $ssllogclauth) } if ( $PSBoundParameters.ContainsKey('ssllogclauthfailures') ) { $payload.Add('ssllogclauthfailures', $ssllogclauthfailures) } if ( $PSBoundParameters.ContainsKey('sslloghs') ) { $payload.Add('sslloghs', $sslloghs) } if ( $PSBoundParameters.ContainsKey('sslloghsfailures') ) { $payload.Add('sslloghsfailures', $sslloghsfailures) } if ( $PSCmdlet.ShouldProcess("ssllogprofile", "Add SSL configuration Object") ) { $result = Invoke-ADCNitroApi -ADCSession $ADCSession -Method POST -NitroPath nitro/v1/config -Type ssllogprofile -Payload $payload -GetWarning #HTTP Status Code on Success: 201 Created #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error if ( $PSBoundParameters.ContainsKey('PassThru') ) { Write-Output (Invoke-ADCGetSsllogprofile -Filter $payload) } else { Write-Output $result } } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCAddSsllogprofile: Finished" } } function Invoke-ADCUpdateSsllogprofile { <# .SYNOPSIS Update SSL configuration Object. .DESCRIPTION Configuration for SSL logging Profile resource. .PARAMETER Name The name of the ssllogprofile. .PARAMETER Ssllogclauth log all SSL ClAuth events. Possible values = ENABLED, DISABLED .PARAMETER Ssllogclauthfailures log all SSL ClAuth error events. Possible values = ENABLED, DISABLED .PARAMETER Sslloghs log all SSL HS events. Possible values = ENABLED, DISABLED .PARAMETER Sslloghsfailures log all SSL HS error events. Possible values = ENABLED, DISABLED .PARAMETER PassThru Return details about the created ssllogprofile item. .EXAMPLE PS C:\>Invoke-ADCUpdateSsllogprofile -name <string> An example how to update ssllogprofile configuration Object(s). .NOTES File Name : Invoke-ADCUpdateSsllogprofile Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/ssllogprofile/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(Mandatory)] [ValidateLength(1, 127)] [string]$Name, [ValidateSet('ENABLED', 'DISABLED')] [string]$Ssllogclauth, [ValidateSet('ENABLED', 'DISABLED')] [string]$Ssllogclauthfailures, [ValidateSet('ENABLED', 'DISABLED')] [string]$Sslloghs, [ValidateSet('ENABLED', 'DISABLED')] [string]$Sslloghsfailures, [Switch]$PassThru ) begin { Write-Verbose "Invoke-ADCUpdateSsllogprofile: Starting" } process { try { $payload = @{ name = $name } if ( $PSBoundParameters.ContainsKey('ssllogclauth') ) { $payload.Add('ssllogclauth', $ssllogclauth) } if ( $PSBoundParameters.ContainsKey('ssllogclauthfailures') ) { $payload.Add('ssllogclauthfailures', $ssllogclauthfailures) } if ( $PSBoundParameters.ContainsKey('sslloghs') ) { $payload.Add('sslloghs', $sslloghs) } if ( $PSBoundParameters.ContainsKey('sslloghsfailures') ) { $payload.Add('sslloghsfailures', $sslloghsfailures) } if ( $PSCmdlet.ShouldProcess("ssllogprofile", "Update SSL configuration Object") ) { $result = Invoke-ADCNitroApi -ADCSession $ADCSession -Method PUT -NitroPath nitro/v1/config -Type ssllogprofile -Payload $payload -GetWarning #HTTP Status Code on Success: 200 OK #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error if ( $PSBoundParameters.ContainsKey('PassThru') ) { Write-Output (Invoke-ADCGetSsllogprofile -Filter $payload) } else { Write-Output $result } } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCUpdateSsllogprofile: Finished" } } function Invoke-ADCUnsetSsllogprofile { <# .SYNOPSIS Unset SSL configuration Object. .DESCRIPTION Configuration for SSL logging Profile resource. .PARAMETER Name The name of the ssllogprofile. .PARAMETER Ssllogclauth log all SSL ClAuth events. Possible values = ENABLED, DISABLED .PARAMETER Ssllogclauthfailures log all SSL ClAuth error events. Possible values = ENABLED, DISABLED .PARAMETER Sslloghs log all SSL HS events. Possible values = ENABLED, DISABLED .PARAMETER Sslloghsfailures log all SSL HS error events. Possible values = ENABLED, DISABLED .EXAMPLE PS C:\>Invoke-ADCUnsetSsllogprofile -name <string> An example how to unset ssllogprofile configuration Object(s). .NOTES File Name : Invoke-ADCUnsetSsllogprofile Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/ssllogprofile Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [ValidateLength(1, 127)] [string]$Name, [Boolean]$ssllogclauth, [Boolean]$ssllogclauthfailures, [Boolean]$sslloghs, [Boolean]$sslloghsfailures ) begin { Write-Verbose "Invoke-ADCUnsetSsllogprofile: Starting" } process { try { $payload = @{ name = $name } if ( $PSBoundParameters.ContainsKey('ssllogclauth') ) { $payload.Add('ssllogclauth', $ssllogclauth) } if ( $PSBoundParameters.ContainsKey('ssllogclauthfailures') ) { $payload.Add('ssllogclauthfailures', $ssllogclauthfailures) } if ( $PSBoundParameters.ContainsKey('sslloghs') ) { $payload.Add('sslloghs', $sslloghs) } if ( $PSBoundParameters.ContainsKey('sslloghsfailures') ) { $payload.Add('sslloghsfailures', $sslloghsfailures) } if ( $PSCmdlet.ShouldProcess("$name", "Unset SSL configuration Object") ) { $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method POST -Type ssllogprofile -NitroPath nitro/v1/config -Action unset -Payload $payload -GetWarning #HTTP Status Code on Success: 200 OK #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error Write-Output $response } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCUnsetSsllogprofile: Finished" } } function Invoke-ADCDeleteSsllogprofile { <# .SYNOPSIS Delete SSL configuration Object. .DESCRIPTION Configuration for SSL logging Profile resource. .PARAMETER Name The name of the ssllogprofile. .EXAMPLE PS C:\>Invoke-ADCDeleteSsllogprofile -Name <string> An example how to delete ssllogprofile configuration Object(s). .NOTES File Name : Invoke-ADCDeleteSsllogprofile Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/ssllogprofile/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(Mandatory)] [string]$Name ) begin { Write-Verbose "Invoke-ADCDeleteSsllogprofile: Starting" } process { try { $arguments = @{ } if ( $PSCmdlet.ShouldProcess("$name", "Delete SSL configuration Object") ) { $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method DELETE -Type ssllogprofile -NitroPath nitro/v1/config -Resource $name -Arguments $arguments #HTTP Status Code on Success: 200 OK #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error Write-Output $response } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCDeleteSsllogprofile: Finished" } } function Invoke-ADCGetSsllogprofile { <# .SYNOPSIS Get SSL configuration object(s). .DESCRIPTION Configuration for SSL logging Profile resource. .PARAMETER Name The name of the ssllogprofile. .PARAMETER GetAll Retrieve all ssllogprofile object(s). .PARAMETER Count If specified, the count of the ssllogprofile object(s) will be returned. .PARAMETER Filter Specify a filter. -Filter @{ 'name'='<value>' } .PARAMETER ViewSummary When specified, only a summary of information is returned. .EXAMPLE PS C:\>Invoke-ADCGetSsllogprofile Get data. .EXAMPLE PS C:\>Invoke-ADCGetSsllogprofile -GetAll Get all ssllogprofile data. .EXAMPLE PS C:\>Invoke-ADCGetSsllogprofile -Count Get the number of ssllogprofile objects. .EXAMPLE PS C:\>Invoke-ADCGetSsllogprofile -name <string> Get ssllogprofile object by specifying for example the name. .EXAMPLE PS C:\>Invoke-ADCGetSsllogprofile -Filter @{ 'name'='<value>' } Get ssllogprofile data with a filter. .NOTES File Name : Invoke-ADCGetSsllogprofile Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/ssllogprofile/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(DefaultParameterSetName = "GetAll")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(ParameterSetName = 'GetByResource')] [ValidateLength(1, 127)] [string]$Name, [Parameter(ParameterSetName = 'Count', Mandatory)] [Switch]$Count, [hashtable]$Filter = @{ }, [Parameter(ParameterSetName = 'GetAll')] [Switch]$GetAll, [Parameter(ParameterSetName = 'GetAll')] [Parameter(ParameterSetName = 'Get')] [Switch]$ViewSummary ) begin { Write-Verbose "Invoke-ADCGetSsllogprofile: Beginning" } process { try { if ( $PsCmdlet.ParameterSetName -eq 'GetAll' ) { $query = @{ } Write-Verbose "Retrieving all ssllogprofile objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type ssllogprofile -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'Count' ) { if ( $PSBoundParameters.ContainsKey('Count') ) { $query = @{ 'count' = 'yes' } } Write-Verbose "Retrieving total count for ssllogprofile objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type ssllogprofile -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByArgument' ) { Write-Verbose "Retrieving ssllogprofile objects by arguments" $arguments = @{ } $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type ssllogprofile -NitroPath nitro/v1/config -Arguments $arguments -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByResource' ) { Write-Verbose "Retrieving ssllogprofile configuration for property 'name'" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type ssllogprofile -NitroPath nitro/v1/config -Resource $name -Summary:$ViewSummary -Filter $Filter -GetWarning } else { Write-Verbose "Retrieving ssllogprofile configuration objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type ssllogprofile -NitroPath nitro/v1/config -Summary:$ViewSummary -Query $query -Filter $Filter -GetWarning } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" $response = $null } Write-Output $response } end { Write-Verbose "Invoke-ADCGetSsllogprofile: Ended" } } function Invoke-ADCAddSslocspresponder { <# .SYNOPSIS Add SSL configuration Object. .DESCRIPTION Configuration for OCSP responser resource. .PARAMETER Name Name for the OCSP responder. Cannot begin with a hash (#) or space character and must contain only ASCII alphanumeric, underscore (_), hash (#), period (.), space, colon (:), at (@), equals (=), and hyphen (-) characters. Cannot be changed after the responder is created. .PARAMETER Url URL of the OCSP responder. .PARAMETER Cache Enable caching of responses. Caching of responses received from the OCSP responder enables faster responses to the clients and reduces the load on the OCSP responder. Possible values = ENABLED, DISABLED .PARAMETER Cachetimeout Timeout for caching the OCSP response. After the timeout, the Citrix ADC sends a fresh request to the OCSP responder for the certificate status. If a timeout is not specified, the timeout provided in the OCSP response applies. .PARAMETER Batchingdepth Number of client certificates to batch together into one OCSP request. Batching avoids overloading the OCSP responder. A value of 1 signifies that each request is queried independently. For a value greater than 1, specify a timeout (batching delay) to avoid inordinately delaying the processing of a single certificate. .PARAMETER Batchingdelay Maximum time, in milliseconds, to wait to accumulate OCSP requests to batch. Does not apply if the Batching Depth is 1. .PARAMETER Resptimeout Time, in milliseconds, to wait for an OCSP response. When this time elapses, an error message appears or the transaction is forwarded, depending on the settings on the virtual server. Includes Batching Delay time. .PARAMETER Ocspurlresolvetimeout Time, in milliseconds, to wait for an OCSP URL Resolution. When this time elapses, an error message appears or the transaction is forwarded, depending on the settings on the virtual server. .PARAMETER Respondercert . .PARAMETER Trustresponder A certificate to use to validate OCSP responses. Alternatively, if -trustResponder is specified, no verification will be done on the reponse. If both are omitted, only the response times (producedAt, lastUpdate, nextUpdate) will be verified. .PARAMETER Producedattimeskew Time, in seconds, for which the Citrix ADC waits before considering the response as invalid. The response is considered invalid if the Produced At time stamp in the OCSP response exceeds or precedes the current Citrix ADC clock time by the amount of time specified. .PARAMETER Signingcert Certificate-key pair that is used to sign OCSP requests. If this parameter is not set, the requests are not signed. .PARAMETER Usenonce Enable the OCSP nonce extension, which is designed to prevent replay attacks. Possible values = YES, NO .PARAMETER Insertclientcert Include the complete client certificate in the OCSP request. Possible values = YES, NO .PARAMETER Httpmethod HTTP method used to send ocsp request. POST is the default httpmethod. If request length is > 255, POST wil be used even if GET is set as httpMethod. Possible values = GET, POST .PARAMETER PassThru Return details about the created sslocspresponder item. .EXAMPLE PS C:\>Invoke-ADCAddSslocspresponder -name <string> -url <string> An example how to add sslocspresponder configuration Object(s). .NOTES File Name : Invoke-ADCAddSslocspresponder Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslocspresponder/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(Mandatory)] [ValidateLength(1, 127)] [string]$Name, [Parameter(Mandatory)] [ValidateLength(1, 127)] [string]$Url, [ValidateSet('ENABLED', 'DISABLED')] [string]$Cache = 'DISABLED', [ValidateRange(1, 43200)] [double]$Cachetimeout = '1', [ValidateRange(1, 8)] [double]$Batchingdepth, [ValidateRange(1, 10000)] [double]$Batchingdelay, [ValidateRange(100, 120000)] [double]$Resptimeout, [ValidateRange(100, 2000)] [double]$Ocspurlresolvetimeout, [ValidateScript({ $_.Length -gt 1 })] [string]$Respondercert, [boolean]$Trustresponder, [ValidateRange(0, 86400)] [double]$Producedattimeskew = '300', [ValidateScript({ $_.Length -gt 1 })] [string]$Signingcert, [ValidateSet('YES', 'NO')] [string]$Usenonce, [ValidateSet('YES', 'NO')] [string]$Insertclientcert, [ValidateSet('GET', 'POST')] [string]$Httpmethod = 'POST', [Switch]$PassThru ) begin { Write-Verbose "Invoke-ADCAddSslocspresponder: Starting" } process { try { $payload = @{ name = $name url = $url } if ( $PSBoundParameters.ContainsKey('cache') ) { $payload.Add('cache', $cache) } if ( $PSBoundParameters.ContainsKey('cachetimeout') ) { $payload.Add('cachetimeout', $cachetimeout) } if ( $PSBoundParameters.ContainsKey('batchingdepth') ) { $payload.Add('batchingdepth', $batchingdepth) } if ( $PSBoundParameters.ContainsKey('batchingdelay') ) { $payload.Add('batchingdelay', $batchingdelay) } if ( $PSBoundParameters.ContainsKey('resptimeout') ) { $payload.Add('resptimeout', $resptimeout) } if ( $PSBoundParameters.ContainsKey('ocspurlresolvetimeout') ) { $payload.Add('ocspurlresolvetimeout', $ocspurlresolvetimeout) } if ( $PSBoundParameters.ContainsKey('respondercert') ) { $payload.Add('respondercert', $respondercert) } if ( $PSBoundParameters.ContainsKey('trustresponder') ) { $payload.Add('trustresponder', $trustresponder) } if ( $PSBoundParameters.ContainsKey('producedattimeskew') ) { $payload.Add('producedattimeskew', $producedattimeskew) } if ( $PSBoundParameters.ContainsKey('signingcert') ) { $payload.Add('signingcert', $signingcert) } if ( $PSBoundParameters.ContainsKey('usenonce') ) { $payload.Add('usenonce', $usenonce) } if ( $PSBoundParameters.ContainsKey('insertclientcert') ) { $payload.Add('insertclientcert', $insertclientcert) } if ( $PSBoundParameters.ContainsKey('httpmethod') ) { $payload.Add('httpmethod', $httpmethod) } if ( $PSCmdlet.ShouldProcess("sslocspresponder", "Add SSL configuration Object") ) { $result = Invoke-ADCNitroApi -ADCSession $ADCSession -Method POST -NitroPath nitro/v1/config -Type sslocspresponder -Payload $payload -GetWarning #HTTP Status Code on Success: 201 Created #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error if ( $PSBoundParameters.ContainsKey('PassThru') ) { Write-Output (Invoke-ADCGetSslocspresponder -Filter $payload) } else { Write-Output $result } } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCAddSslocspresponder: Finished" } } function Invoke-ADCDeleteSslocspresponder { <# .SYNOPSIS Delete SSL configuration Object. .DESCRIPTION Configuration for OCSP responser resource. .PARAMETER Name Name for the OCSP responder. Cannot begin with a hash (#) or space character and must contain only ASCII alphanumeric, underscore (_), hash (#), period (.), space, colon (:), at (@), equals (=), and hyphen (-) characters. Cannot be changed after the responder is created. .EXAMPLE PS C:\>Invoke-ADCDeleteSslocspresponder -Name <string> An example how to delete sslocspresponder configuration Object(s). .NOTES File Name : Invoke-ADCDeleteSslocspresponder Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslocspresponder/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(Mandatory)] [string]$Name ) begin { Write-Verbose "Invoke-ADCDeleteSslocspresponder: Starting" } process { try { $arguments = @{ } if ( $PSCmdlet.ShouldProcess("$name", "Delete SSL configuration Object") ) { $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method DELETE -Type sslocspresponder -NitroPath nitro/v1/config -Resource $name -Arguments $arguments #HTTP Status Code on Success: 200 OK #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error Write-Output $response } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCDeleteSslocspresponder: Finished" } } function Invoke-ADCUpdateSslocspresponder { <# .SYNOPSIS Update SSL configuration Object. .DESCRIPTION Configuration for OCSP responser resource. .PARAMETER Name Name for the OCSP responder. Cannot begin with a hash (#) or space character and must contain only ASCII alphanumeric, underscore (_), hash (#), period (.), space, colon (:), at (@), equals (=), and hyphen (-) characters. Cannot be changed after the responder is created. .PARAMETER Url URL of the OCSP responder. .PARAMETER Cache Enable caching of responses. Caching of responses received from the OCSP responder enables faster responses to the clients and reduces the load on the OCSP responder. Possible values = ENABLED, DISABLED .PARAMETER Cachetimeout Timeout for caching the OCSP response. After the timeout, the Citrix ADC sends a fresh request to the OCSP responder for the certificate status. If a timeout is not specified, the timeout provided in the OCSP response applies. .PARAMETER Batchingdepth Number of client certificates to batch together into one OCSP request. Batching avoids overloading the OCSP responder. A value of 1 signifies that each request is queried independently. For a value greater than 1, specify a timeout (batching delay) to avoid inordinately delaying the processing of a single certificate. .PARAMETER Batchingdelay Maximum time, in milliseconds, to wait to accumulate OCSP requests to batch. Does not apply if the Batching Depth is 1. .PARAMETER Resptimeout Time, in milliseconds, to wait for an OCSP response. When this time elapses, an error message appears or the transaction is forwarded, depending on the settings on the virtual server. Includes Batching Delay time. .PARAMETER Ocspurlresolvetimeout Time, in milliseconds, to wait for an OCSP URL Resolution. When this time elapses, an error message appears or the transaction is forwarded, depending on the settings on the virtual server. .PARAMETER Respondercert . .PARAMETER Trustresponder A certificate to use to validate OCSP responses. Alternatively, if -trustResponder is specified, no verification will be done on the reponse. If both are omitted, only the response times (producedAt, lastUpdate, nextUpdate) will be verified. .PARAMETER Producedattimeskew Time, in seconds, for which the Citrix ADC waits before considering the response as invalid. The response is considered invalid if the Produced At time stamp in the OCSP response exceeds or precedes the current Citrix ADC clock time by the amount of time specified. .PARAMETER Signingcert Certificate-key pair that is used to sign OCSP requests. If this parameter is not set, the requests are not signed. .PARAMETER Usenonce Enable the OCSP nonce extension, which is designed to prevent replay attacks. Possible values = YES, NO .PARAMETER Insertclientcert Include the complete client certificate in the OCSP request. Possible values = YES, NO .PARAMETER Httpmethod HTTP method used to send ocsp request. POST is the default httpmethod. If request length is > 255, POST wil be used even if GET is set as httpMethod. Possible values = GET, POST .PARAMETER PassThru Return details about the created sslocspresponder item. .EXAMPLE PS C:\>Invoke-ADCUpdateSslocspresponder -name <string> An example how to update sslocspresponder configuration Object(s). .NOTES File Name : Invoke-ADCUpdateSslocspresponder Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslocspresponder/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(Mandatory)] [ValidateLength(1, 127)] [string]$Name, [ValidateLength(1, 127)] [string]$Url, [ValidateSet('ENABLED', 'DISABLED')] [string]$Cache, [ValidateRange(1, 43200)] [double]$Cachetimeout, [ValidateRange(1, 8)] [double]$Batchingdepth, [ValidateRange(1, 10000)] [double]$Batchingdelay, [ValidateRange(100, 120000)] [double]$Resptimeout, [ValidateRange(100, 2000)] [double]$Ocspurlresolvetimeout, [ValidateScript({ $_.Length -gt 1 })] [string]$Respondercert, [boolean]$Trustresponder, [ValidateRange(0, 86400)] [double]$Producedattimeskew, [ValidateScript({ $_.Length -gt 1 })] [string]$Signingcert, [ValidateSet('YES', 'NO')] [string]$Usenonce, [ValidateSet('YES', 'NO')] [string]$Insertclientcert, [ValidateSet('GET', 'POST')] [string]$Httpmethod, [Switch]$PassThru ) begin { Write-Verbose "Invoke-ADCUpdateSslocspresponder: Starting" } process { try { $payload = @{ name = $name } if ( $PSBoundParameters.ContainsKey('url') ) { $payload.Add('url', $url) } if ( $PSBoundParameters.ContainsKey('cache') ) { $payload.Add('cache', $cache) } if ( $PSBoundParameters.ContainsKey('cachetimeout') ) { $payload.Add('cachetimeout', $cachetimeout) } if ( $PSBoundParameters.ContainsKey('batchingdepth') ) { $payload.Add('batchingdepth', $batchingdepth) } if ( $PSBoundParameters.ContainsKey('batchingdelay') ) { $payload.Add('batchingdelay', $batchingdelay) } if ( $PSBoundParameters.ContainsKey('resptimeout') ) { $payload.Add('resptimeout', $resptimeout) } if ( $PSBoundParameters.ContainsKey('ocspurlresolvetimeout') ) { $payload.Add('ocspurlresolvetimeout', $ocspurlresolvetimeout) } if ( $PSBoundParameters.ContainsKey('respondercert') ) { $payload.Add('respondercert', $respondercert) } if ( $PSBoundParameters.ContainsKey('trustresponder') ) { $payload.Add('trustresponder', $trustresponder) } if ( $PSBoundParameters.ContainsKey('producedattimeskew') ) { $payload.Add('producedattimeskew', $producedattimeskew) } if ( $PSBoundParameters.ContainsKey('signingcert') ) { $payload.Add('signingcert', $signingcert) } if ( $PSBoundParameters.ContainsKey('usenonce') ) { $payload.Add('usenonce', $usenonce) } if ( $PSBoundParameters.ContainsKey('insertclientcert') ) { $payload.Add('insertclientcert', $insertclientcert) } if ( $PSBoundParameters.ContainsKey('httpmethod') ) { $payload.Add('httpmethod', $httpmethod) } if ( $PSCmdlet.ShouldProcess("sslocspresponder", "Update SSL configuration Object") ) { $result = Invoke-ADCNitroApi -ADCSession $ADCSession -Method PUT -NitroPath nitro/v1/config -Type sslocspresponder -Payload $payload -GetWarning #HTTP Status Code on Success: 200 OK #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error if ( $PSBoundParameters.ContainsKey('PassThru') ) { Write-Output (Invoke-ADCGetSslocspresponder -Filter $payload) } else { Write-Output $result } } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCUpdateSslocspresponder: Finished" } } function Invoke-ADCUnsetSslocspresponder { <# .SYNOPSIS Unset SSL configuration Object. .DESCRIPTION Configuration for OCSP responser resource. .PARAMETER Name Name for the OCSP responder. Cannot begin with a hash (#) or space character and must contain only ASCII alphanumeric, underscore (_), hash (#), period (.), space, colon (:), at (@), equals (=), and hyphen (-) characters. Cannot be changed after the responder is created. .PARAMETER Trustresponder A certificate to use to validate OCSP responses. Alternatively, if -trustResponder is specified, no verification will be done on the reponse. If both are omitted, only the response times (producedAt, lastUpdate, nextUpdate) will be verified. .PARAMETER Insertclientcert Include the complete client certificate in the OCSP request. Possible values = YES, NO .PARAMETER Cache Enable caching of responses. Caching of responses received from the OCSP responder enables faster responses to the clients and reduces the load on the OCSP responder. Possible values = ENABLED, DISABLED .PARAMETER Cachetimeout Timeout for caching the OCSP response. After the timeout, the Citrix ADC sends a fresh request to the OCSP responder for the certificate status. If a timeout is not specified, the timeout provided in the OCSP response applies. .PARAMETER Batchingdepth Number of client certificates to batch together into one OCSP request. Batching avoids overloading the OCSP responder. A value of 1 signifies that each request is queried independently. For a value greater than 1, specify a timeout (batching delay) to avoid inordinately delaying the processing of a single certificate. .PARAMETER Batchingdelay Maximum time, in milliseconds, to wait to accumulate OCSP requests to batch. Does not apply if the Batching Depth is 1. .PARAMETER Resptimeout Time, in milliseconds, to wait for an OCSP response. When this time elapses, an error message appears or the transaction is forwarded, depending on the settings on the virtual server. Includes Batching Delay time. .PARAMETER Ocspurlresolvetimeout Time, in milliseconds, to wait for an OCSP URL Resolution. When this time elapses, an error message appears or the transaction is forwarded, depending on the settings on the virtual server. .PARAMETER Respondercert . .PARAMETER Producedattimeskew Time, in seconds, for which the Citrix ADC waits before considering the response as invalid. The response is considered invalid if the Produced At time stamp in the OCSP response exceeds or precedes the current Citrix ADC clock time by the amount of time specified. .PARAMETER Signingcert Certificate-key pair that is used to sign OCSP requests. If this parameter is not set, the requests are not signed. .PARAMETER Usenonce Enable the OCSP nonce extension, which is designed to prevent replay attacks. Possible values = YES, NO .PARAMETER Httpmethod HTTP method used to send ocsp request. POST is the default httpmethod. If request length is > 255, POST wil be used even if GET is set as httpMethod. Possible values = GET, POST .EXAMPLE PS C:\>Invoke-ADCUnsetSslocspresponder -name <string> An example how to unset sslocspresponder configuration Object(s). .NOTES File Name : Invoke-ADCUnsetSslocspresponder Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslocspresponder Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [ValidateLength(1, 127)] [string]$Name, [Boolean]$trustresponder, [Boolean]$insertclientcert, [Boolean]$cache, [Boolean]$cachetimeout, [Boolean]$batchingdepth, [Boolean]$batchingdelay, [Boolean]$resptimeout, [Boolean]$ocspurlresolvetimeout, [Boolean]$respondercert, [Boolean]$producedattimeskew, [Boolean]$signingcert, [Boolean]$usenonce, [Boolean]$httpmethod ) begin { Write-Verbose "Invoke-ADCUnsetSslocspresponder: Starting" } process { try { $payload = @{ name = $name } if ( $PSBoundParameters.ContainsKey('trustresponder') ) { $payload.Add('trustresponder', $trustresponder) } if ( $PSBoundParameters.ContainsKey('insertclientcert') ) { $payload.Add('insertclientcert', $insertclientcert) } if ( $PSBoundParameters.ContainsKey('cache') ) { $payload.Add('cache', $cache) } if ( $PSBoundParameters.ContainsKey('cachetimeout') ) { $payload.Add('cachetimeout', $cachetimeout) } if ( $PSBoundParameters.ContainsKey('batchingdepth') ) { $payload.Add('batchingdepth', $batchingdepth) } if ( $PSBoundParameters.ContainsKey('batchingdelay') ) { $payload.Add('batchingdelay', $batchingdelay) } if ( $PSBoundParameters.ContainsKey('resptimeout') ) { $payload.Add('resptimeout', $resptimeout) } if ( $PSBoundParameters.ContainsKey('ocspurlresolvetimeout') ) { $payload.Add('ocspurlresolvetimeout', $ocspurlresolvetimeout) } if ( $PSBoundParameters.ContainsKey('respondercert') ) { $payload.Add('respondercert', $respondercert) } if ( $PSBoundParameters.ContainsKey('producedattimeskew') ) { $payload.Add('producedattimeskew', $producedattimeskew) } if ( $PSBoundParameters.ContainsKey('signingcert') ) { $payload.Add('signingcert', $signingcert) } if ( $PSBoundParameters.ContainsKey('usenonce') ) { $payload.Add('usenonce', $usenonce) } if ( $PSBoundParameters.ContainsKey('httpmethod') ) { $payload.Add('httpmethod', $httpmethod) } if ( $PSCmdlet.ShouldProcess("$name", "Unset SSL configuration Object") ) { $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method POST -Type sslocspresponder -NitroPath nitro/v1/config -Action unset -Payload $payload -GetWarning #HTTP Status Code on Success: 200 OK #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error Write-Output $response } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCUnsetSslocspresponder: Finished" } } function Invoke-ADCGetSslocspresponder { <# .SYNOPSIS Get SSL configuration object(s). .DESCRIPTION Configuration for OCSP responser resource. .PARAMETER Name Name for the OCSP responder. Cannot begin with a hash (#) or space character and must contain only ASCII alphanumeric, underscore (_), hash (#), period (.), space, colon (:), at (@), equals (=), and hyphen (-) characters. Cannot be changed after the responder is created. .PARAMETER GetAll Retrieve all sslocspresponder object(s). .PARAMETER Count If specified, the count of the sslocspresponder object(s) will be returned. .PARAMETER Filter Specify a filter. -Filter @{ 'name'='<value>' } .PARAMETER ViewSummary When specified, only a summary of information is returned. .EXAMPLE PS C:\>Invoke-ADCGetSslocspresponder Get data. .EXAMPLE PS C:\>Invoke-ADCGetSslocspresponder -GetAll Get all sslocspresponder data. .EXAMPLE PS C:\>Invoke-ADCGetSslocspresponder -Count Get the number of sslocspresponder objects. .EXAMPLE PS C:\>Invoke-ADCGetSslocspresponder -name <string> Get sslocspresponder object by specifying for example the name. .EXAMPLE PS C:\>Invoke-ADCGetSslocspresponder -Filter @{ 'name'='<value>' } Get sslocspresponder data with a filter. .NOTES File Name : Invoke-ADCGetSslocspresponder Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslocspresponder/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(DefaultParameterSetName = "GetAll")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(ParameterSetName = 'GetByResource')] [ValidateLength(1, 127)] [string]$Name, [Parameter(ParameterSetName = 'Count', Mandatory)] [Switch]$Count, [hashtable]$Filter = @{ }, [Parameter(ParameterSetName = 'GetAll')] [Switch]$GetAll, [Parameter(ParameterSetName = 'GetAll')] [Parameter(ParameterSetName = 'Get')] [Switch]$ViewSummary ) begin { Write-Verbose "Invoke-ADCGetSslocspresponder: Beginning" } process { try { if ( $PsCmdlet.ParameterSetName -eq 'GetAll' ) { $query = @{ } Write-Verbose "Retrieving all sslocspresponder objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslocspresponder -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'Count' ) { if ( $PSBoundParameters.ContainsKey('Count') ) { $query = @{ 'count' = 'yes' } } Write-Verbose "Retrieving total count for sslocspresponder objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslocspresponder -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByArgument' ) { Write-Verbose "Retrieving sslocspresponder objects by arguments" $arguments = @{ } $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslocspresponder -NitroPath nitro/v1/config -Arguments $arguments -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByResource' ) { Write-Verbose "Retrieving sslocspresponder configuration for property 'name'" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslocspresponder -NitroPath nitro/v1/config -Resource $name -Summary:$ViewSummary -Filter $Filter -GetWarning } else { Write-Verbose "Retrieving sslocspresponder configuration objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslocspresponder -NitroPath nitro/v1/config -Summary:$ViewSummary -Query $query -Filter $Filter -GetWarning } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" $response = $null } Write-Output $response } end { Write-Verbose "Invoke-ADCGetSslocspresponder: Ended" } } function Invoke-ADCUpdateSslparameter { <# .SYNOPSIS Update SSL configuration Object. .DESCRIPTION Configuration for SSL parameter resource. .PARAMETER Quantumsize Amount of data to collect before the data is pushed to the crypto hardware for encryption. For large downloads, a larger quantum size better utilizes the crypto resources. Possible values = 4096, 8192, 16384 .PARAMETER Crlmemorysizemb Maximum memory size to use for certificate revocation lists (CRLs). This parameter reserves memory for a CRL but sets a limit to the maximum memory that the CRLs loaded on the appliance can consume. .PARAMETER Strictcachecks Enable strict CA certificate checks on the appliance. Possible values = YES, NO .PARAMETER Ssltriggertimeout Time, in milliseconds, after which encryption is triggered for transactions that are not tracked on the Citrix ADC because their length is not known. There can be a delay of up to 10ms from the specified timeout value before the packet is pushed into the queue. .PARAMETER Sendclosenotify Send an SSL Close-Notify message to the client at the end of a transaction. Possible values = YES, NO .PARAMETER Encrypttriggerpktcount Maximum number of queued packets after which encryption is triggered. Use this setting for SSL transactions that send small packets from server to Citrix ADC. .PARAMETER Denysslreneg Deny renegotiation in specified circumstances. Available settings function as follows: * NO - Allow SSL renegotiation. * FRONTEND_CLIENT - Deny secure and nonsecure SSL renegotiation initiated by the client. * FRONTEND_CLIENTSERVER - Deny secure and nonsecure SSL renegotiation initiated by the client or the Citrix ADC during policy-based client authentication. * ALL - Deny all secure and nonsecure SSL renegotiation. * NONSECURE - Deny nonsecure SSL renegotiation. Allows only clients that support RFC 5746. Possible values = NO, FRONTEND_CLIENT, FRONTEND_CLIENTSERVER, ALL, NONSECURE .PARAMETER Insertionencoding Encoding method used to insert the subject or issuer's name in HTTP requests to servers. Possible values = Unicode, UTF-8 .PARAMETER Ocspcachesize Size, per packet engine, in megabytes, of the OCSP cache. A maximum of 10% of the packet engine memory can be assigned. Because the maximum allowed packet engine memory is 4GB, the maximum value that can be assigned to the OCSP cache is approximately 410 MB. .PARAMETER Pushflag Insert PUSH flag into decrypted, encrypted, or all records. If the PUSH flag is set to a value other than 0, the buffered records are forwarded on the basis of the value of the PUSH flag. Available settings function as follows: 0 - Auto (PUSH flag is not set.) 1 - Insert PUSH flag into every decrypted record. 2 -Insert PUSH flag into every encrypted record. 3 - Insert PUSH flag into every decrypted and encrypted record. .PARAMETER Dropreqwithnohostheader Host header check for SNI enabled sessions. If this check is enabled and the HTTP request does not contain the host header for SNI enabled sessions(i.e vserver or profile bound to vserver has SNI enabled and 'Client Hello' arrived with SNI extension), the request is dropped. Possible values = YES, NO .PARAMETER Snihttphostmatch Controls how the HTTP 'Host' header value is validated. These checks are performed only if the session is SNI enabled (i.e when vserver or profile bound to vserver has SNI enabled and 'Client Hello' arrived with SNI extension) and HTTP request contains 'Host' header. Available settings function as follows: CERT - Request is forwarded if the 'Host' value is covered by the certificate used to establish this SSL session. Note: 'CERT' matching mode cannot be applied in TLS 1.3 connections established by resuming from a previous TLS 1.3 session. On these connections, 'STRICT' matching mode will be used instead. STRICT - Request is forwarded only if value of 'Host' header in HTTP is identical to the 'Server name' value passed in 'Client Hello' of the SSL connection. NO - No validation is performed on the HTTP 'Host' header value. Possible values = NO, CERT, STRICT .PARAMETER Pushenctriggertimeout PUSH encryption trigger timeout value. The timeout value is applied only if you set the Push Encryption Trigger parameter to Timer in the SSL virtual server settings. .PARAMETER Cryptodevdisablelimit Limit to the number of disabled SSL chips after which the ADC restarts. A value of zero implies that the ADC does not automatically restart. .PARAMETER Undefactioncontrol Name of the undefined built-in control action: CLIENTAUTH, NOCLIENTAUTH, NOOP, RESET, or DROP. .PARAMETER Undefactiondata Name of the undefined built-in data action: NOOP, RESET or DROP. .PARAMETER Defaultprofile Global parameter used to enable default profile feature. Possible values = ENABLED, DISABLED .PARAMETER Softwarecryptothreshold Citrix ADC CPU utilization threshold (in percentage) beyond which crypto operations are not done in software. A value of zero implies that CPU is not utilized for doing crypto in software. .PARAMETER Hybridfipsmode When this mode is enabled, system will use additional crypto hardware to accelerate symmetric crypto operations. Possible values = ENABLED, DISABLED .PARAMETER Sigdigesttype Signature Digest Algorithms that are supported by appliance. Default value is "ALL" and it will enable the following algorithms depending on the platform. On VPX: ECDSA-SHA1 ECDSA-SHA224 ECDSA-SHA256 ECDSA-SHA384 ECDSA-SHA512 RSA-SHA1 RSA-SHA224 RSA-SHA256 RSA-SHA384 RSA-SHA512 DSA-SHA1 DSA-SHA224 DSA-SHA256 DSA-SHA384 DSA-SHA512 On MPX with Nitrox-III and coleto cards: RSA-SHA1 RSA-SHA224 RSA-SHA256 RSA-SHA384 RSA-SHA512 ECDSA-SHA1 ECDSA-SHA224 ECDSA-SHA256 ECDSA-SHA384 ECDSA-SHA512 Others: RSA-SHA1 RSA-SHA224 RSA-SHA256 RSA-SHA384 RSA-SHA512. Note:ALL doesnot include RSA-MD5 for any platform. Possible values = ALL, RSA-MD5, RSA-SHA1, RSA-SHA224, RSA-SHA256, RSA-SHA384, RSA-SHA512, DSA-SHA1, DSA-SHA224, DSA-SHA256, DSA-SHA384, DSA-SHA512, ECDSA-SHA1, ECDSA-SHA224, ECDSA-SHA256, ECDSA-SHA384, ECDSA-SHA512 .PARAMETER Sslierrorcache Enable or disable dynamically learning and caching the learned information to make the subsequent interception or bypass decision. When enabled, NS does the lookup of this cached data to do early bypass. Possible values = ENABLED, DISABLED .PARAMETER Sslimaxerrorcachemem Specify the maximum memory that can be used for caching the learned data. This memory is used as a LRU cache so that the old entries gets replaced with new entry once the set memory limit is fully utilised. A value of 0 decides the limit automatically. .PARAMETER Insertcertspace To insert space between lines in the certificate header of request. Possible values = YES, NO .PARAMETER Ndcppcompliancecertcheck Applies when the Citrix ADC appliance acts as a client (back-end connection). Settings apply as follows: YES - During certificate verification, ignore the common name if SAN is present in the certificate. NO - Do not ignore common name. Possible values = YES, NO .PARAMETER Heterogeneoussslhw To support both cavium and coleto based platforms in cluster environment, this mode has to be enabled. Possible values = ENABLED, DISABLED .PARAMETER Operationqueuelimit Limit in percentage of capacity of the crypto operations queue beyond which new SSL connections are not accepted until the queue is reduced. .EXAMPLE PS C:\>Invoke-ADCUpdateSslparameter An example how to update sslparameter configuration Object(s). .NOTES File Name : Invoke-ADCUpdateSslparameter Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslparameter/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [ValidateSet('4096', '8192', '16384')] [string]$Quantumsize, [ValidateRange(10, 1024)] [double]$Crlmemorysizemb, [ValidateSet('YES', 'NO')] [string]$Strictcachecks, [ValidateRange(1, 200)] [double]$Ssltriggertimeout, [ValidateSet('YES', 'NO')] [string]$Sendclosenotify, [ValidateRange(10, 50)] [double]$Encrypttriggerpktcount, [ValidateSet('NO', 'FRONTEND_CLIENT', 'FRONTEND_CLIENTSERVER', 'ALL', 'NONSECURE')] [string]$Denysslreneg, [ValidateSet('Unicode', 'UTF-8')] [string]$Insertionencoding, [ValidateRange(0, 512)] [double]$Ocspcachesize, [ValidateRange(0, 3)] [double]$Pushflag, [ValidateSet('YES', 'NO')] [string]$Dropreqwithnohostheader, [ValidateSet('NO', 'CERT', 'STRICT')] [string]$Snihttphostmatch, [ValidateRange(1, 200)] [double]$Pushenctriggertimeout, [double]$Cryptodevdisablelimit, [string]$Undefactioncontrol, [string]$Undefactiondata, [ValidateSet('ENABLED', 'DISABLED')] [string]$Defaultprofile, [ValidateRange(0, 100)] [double]$Softwarecryptothreshold, [ValidateSet('ENABLED', 'DISABLED')] [string]$Hybridfipsmode, [ValidateSet('ALL', 'RSA-MD5', 'RSA-SHA1', 'RSA-SHA224', 'RSA-SHA256', 'RSA-SHA384', 'RSA-SHA512', 'DSA-SHA1', 'DSA-SHA224', 'DSA-SHA256', 'DSA-SHA384', 'DSA-SHA512', 'ECDSA-SHA1', 'ECDSA-SHA224', 'ECDSA-SHA256', 'ECDSA-SHA384', 'ECDSA-SHA512')] [string[]]$Sigdigesttype, [ValidateSet('ENABLED', 'DISABLED')] [string]$Sslierrorcache, [ValidateRange(0, 4294967294)] [double]$Sslimaxerrorcachemem, [ValidateSet('YES', 'NO')] [string]$Insertcertspace, [ValidateSet('YES', 'NO')] [string]$Ndcppcompliancecertcheck, [ValidateSet('ENABLED', 'DISABLED')] [string]$Heterogeneoussslhw, [ValidateRange(0, 10000)] [double]$Operationqueuelimit ) begin { Write-Verbose "Invoke-ADCUpdateSslparameter: Starting" } process { try { $payload = @{ } if ( $PSBoundParameters.ContainsKey('quantumsize') ) { $payload.Add('quantumsize', $quantumsize) } if ( $PSBoundParameters.ContainsKey('crlmemorysizemb') ) { $payload.Add('crlmemorysizemb', $crlmemorysizemb) } if ( $PSBoundParameters.ContainsKey('strictcachecks') ) { $payload.Add('strictcachecks', $strictcachecks) } if ( $PSBoundParameters.ContainsKey('ssltriggertimeout') ) { $payload.Add('ssltriggertimeout', $ssltriggertimeout) } if ( $PSBoundParameters.ContainsKey('sendclosenotify') ) { $payload.Add('sendclosenotify', $sendclosenotify) } if ( $PSBoundParameters.ContainsKey('encrypttriggerpktcount') ) { $payload.Add('encrypttriggerpktcount', $encrypttriggerpktcount) } if ( $PSBoundParameters.ContainsKey('denysslreneg') ) { $payload.Add('denysslreneg', $denysslreneg) } if ( $PSBoundParameters.ContainsKey('insertionencoding') ) { $payload.Add('insertionencoding', $insertionencoding) } if ( $PSBoundParameters.ContainsKey('ocspcachesize') ) { $payload.Add('ocspcachesize', $ocspcachesize) } if ( $PSBoundParameters.ContainsKey('pushflag') ) { $payload.Add('pushflag', $pushflag) } if ( $PSBoundParameters.ContainsKey('dropreqwithnohostheader') ) { $payload.Add('dropreqwithnohostheader', $dropreqwithnohostheader) } if ( $PSBoundParameters.ContainsKey('snihttphostmatch') ) { $payload.Add('snihttphostmatch', $snihttphostmatch) } if ( $PSBoundParameters.ContainsKey('pushenctriggertimeout') ) { $payload.Add('pushenctriggertimeout', $pushenctriggertimeout) } if ( $PSBoundParameters.ContainsKey('cryptodevdisablelimit') ) { $payload.Add('cryptodevdisablelimit', $cryptodevdisablelimit) } if ( $PSBoundParameters.ContainsKey('undefactioncontrol') ) { $payload.Add('undefactioncontrol', $undefactioncontrol) } if ( $PSBoundParameters.ContainsKey('undefactiondata') ) { $payload.Add('undefactiondata', $undefactiondata) } if ( $PSBoundParameters.ContainsKey('defaultprofile') ) { $payload.Add('defaultprofile', $defaultprofile) } if ( $PSBoundParameters.ContainsKey('softwarecryptothreshold') ) { $payload.Add('softwarecryptothreshold', $softwarecryptothreshold) } if ( $PSBoundParameters.ContainsKey('hybridfipsmode') ) { $payload.Add('hybridfipsmode', $hybridfipsmode) } if ( $PSBoundParameters.ContainsKey('sigdigesttype') ) { $payload.Add('sigdigesttype', $sigdigesttype) } if ( $PSBoundParameters.ContainsKey('sslierrorcache') ) { $payload.Add('sslierrorcache', $sslierrorcache) } if ( $PSBoundParameters.ContainsKey('sslimaxerrorcachemem') ) { $payload.Add('sslimaxerrorcachemem', $sslimaxerrorcachemem) } if ( $PSBoundParameters.ContainsKey('insertcertspace') ) { $payload.Add('insertcertspace', $insertcertspace) } if ( $PSBoundParameters.ContainsKey('ndcppcompliancecertcheck') ) { $payload.Add('ndcppcompliancecertcheck', $ndcppcompliancecertcheck) } if ( $PSBoundParameters.ContainsKey('heterogeneoussslhw') ) { $payload.Add('heterogeneoussslhw', $heterogeneoussslhw) } if ( $PSBoundParameters.ContainsKey('operationqueuelimit') ) { $payload.Add('operationqueuelimit', $operationqueuelimit) } if ( $PSCmdlet.ShouldProcess("sslparameter", "Update SSL configuration Object") ) { $result = Invoke-ADCNitroApi -ADCSession $ADCSession -Method PUT -NitroPath nitro/v1/config -Type sslparameter -Payload $payload -GetWarning #HTTP Status Code on Success: 200 OK #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error Write-Output $result } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCUpdateSslparameter: Finished" } } function Invoke-ADCUnsetSslparameter { <# .SYNOPSIS Unset SSL configuration Object. .DESCRIPTION Configuration for SSL parameter resource. .PARAMETER Quantumsize Amount of data to collect before the data is pushed to the crypto hardware for encryption. For large downloads, a larger quantum size better utilizes the crypto resources. Possible values = 4096, 8192, 16384 .PARAMETER Crlmemorysizemb Maximum memory size to use for certificate revocation lists (CRLs). This parameter reserves memory for a CRL but sets a limit to the maximum memory that the CRLs loaded on the appliance can consume. .PARAMETER Strictcachecks Enable strict CA certificate checks on the appliance. Possible values = YES, NO .PARAMETER Ssltriggertimeout Time, in milliseconds, after which encryption is triggered for transactions that are not tracked on the Citrix ADC because their length is not known. There can be a delay of up to 10ms from the specified timeout value before the packet is pushed into the queue. .PARAMETER Sendclosenotify Send an SSL Close-Notify message to the client at the end of a transaction. Possible values = YES, NO .PARAMETER Encrypttriggerpktcount Maximum number of queued packets after which encryption is triggered. Use this setting for SSL transactions that send small packets from server to Citrix ADC. .PARAMETER Denysslreneg Deny renegotiation in specified circumstances. Available settings function as follows: * NO - Allow SSL renegotiation. * FRONTEND_CLIENT - Deny secure and nonsecure SSL renegotiation initiated by the client. * FRONTEND_CLIENTSERVER - Deny secure and nonsecure SSL renegotiation initiated by the client or the Citrix ADC during policy-based client authentication. * ALL - Deny all secure and nonsecure SSL renegotiation. * NONSECURE - Deny nonsecure SSL renegotiation. Allows only clients that support RFC 5746. Possible values = NO, FRONTEND_CLIENT, FRONTEND_CLIENTSERVER, ALL, NONSECURE .PARAMETER Insertionencoding Encoding method used to insert the subject or issuer's name in HTTP requests to servers. Possible values = Unicode, UTF-8 .PARAMETER Ocspcachesize Size, per packet engine, in megabytes, of the OCSP cache. A maximum of 10% of the packet engine memory can be assigned. Because the maximum allowed packet engine memory is 4GB, the maximum value that can be assigned to the OCSP cache is approximately 410 MB. .PARAMETER Pushflag Insert PUSH flag into decrypted, encrypted, or all records. If the PUSH flag is set to a value other than 0, the buffered records are forwarded on the basis of the value of the PUSH flag. Available settings function as follows: 0 - Auto (PUSH flag is not set.) 1 - Insert PUSH flag into every decrypted record. 2 -Insert PUSH flag into every encrypted record. 3 - Insert PUSH flag into every decrypted and encrypted record. .PARAMETER Dropreqwithnohostheader Host header check for SNI enabled sessions. If this check is enabled and the HTTP request does not contain the host header for SNI enabled sessions(i.e vserver or profile bound to vserver has SNI enabled and 'Client Hello' arrived with SNI extension), the request is dropped. Possible values = YES, NO .PARAMETER Snihttphostmatch Controls how the HTTP 'Host' header value is validated. These checks are performed only if the session is SNI enabled (i.e when vserver or profile bound to vserver has SNI enabled and 'Client Hello' arrived with SNI extension) and HTTP request contains 'Host' header. Available settings function as follows: CERT - Request is forwarded if the 'Host' value is covered by the certificate used to establish this SSL session. Note: 'CERT' matching mode cannot be applied in TLS 1.3 connections established by resuming from a previous TLS 1.3 session. On these connections, 'STRICT' matching mode will be used instead. STRICT - Request is forwarded only if value of 'Host' header in HTTP is identical to the 'Server name' value passed in 'Client Hello' of the SSL connection. NO - No validation is performed on the HTTP 'Host' header value. Possible values = NO, CERT, STRICT .PARAMETER Pushenctriggertimeout PUSH encryption trigger timeout value. The timeout value is applied only if you set the Push Encryption Trigger parameter to Timer in the SSL virtual server settings. .PARAMETER Cryptodevdisablelimit Limit to the number of disabled SSL chips after which the ADC restarts. A value of zero implies that the ADC does not automatically restart. .PARAMETER Undefactioncontrol Name of the undefined built-in control action: CLIENTAUTH, NOCLIENTAUTH, NOOP, RESET, or DROP. .PARAMETER Undefactiondata Name of the undefined built-in data action: NOOP, RESET or DROP. .PARAMETER Defaultprofile Global parameter used to enable default profile feature. Possible values = ENABLED, DISABLED .PARAMETER Softwarecryptothreshold Citrix ADC CPU utilization threshold (in percentage) beyond which crypto operations are not done in software. A value of zero implies that CPU is not utilized for doing crypto in software. .PARAMETER Hybridfipsmode When this mode is enabled, system will use additional crypto hardware to accelerate symmetric crypto operations. Possible values = ENABLED, DISABLED .PARAMETER Sigdigesttype Signature Digest Algorithms that are supported by appliance. Default value is "ALL" and it will enable the following algorithms depending on the platform. On VPX: ECDSA-SHA1 ECDSA-SHA224 ECDSA-SHA256 ECDSA-SHA384 ECDSA-SHA512 RSA-SHA1 RSA-SHA224 RSA-SHA256 RSA-SHA384 RSA-SHA512 DSA-SHA1 DSA-SHA224 DSA-SHA256 DSA-SHA384 DSA-SHA512 On MPX with Nitrox-III and coleto cards: RSA-SHA1 RSA-SHA224 RSA-SHA256 RSA-SHA384 RSA-SHA512 ECDSA-SHA1 ECDSA-SHA224 ECDSA-SHA256 ECDSA-SHA384 ECDSA-SHA512 Others: RSA-SHA1 RSA-SHA224 RSA-SHA256 RSA-SHA384 RSA-SHA512. Note:ALL doesnot include RSA-MD5 for any platform. Possible values = ALL, RSA-MD5, RSA-SHA1, RSA-SHA224, RSA-SHA256, RSA-SHA384, RSA-SHA512, DSA-SHA1, DSA-SHA224, DSA-SHA256, DSA-SHA384, DSA-SHA512, ECDSA-SHA1, ECDSA-SHA224, ECDSA-SHA256, ECDSA-SHA384, ECDSA-SHA512 .PARAMETER Sslierrorcache Enable or disable dynamically learning and caching the learned information to make the subsequent interception or bypass decision. When enabled, NS does the lookup of this cached data to do early bypass. Possible values = ENABLED, DISABLED .PARAMETER Sslimaxerrorcachemem Specify the maximum memory that can be used for caching the learned data. This memory is used as a LRU cache so that the old entries gets replaced with new entry once the set memory limit is fully utilised. A value of 0 decides the limit automatically. .PARAMETER Insertcertspace To insert space between lines in the certificate header of request. Possible values = YES, NO .PARAMETER Ndcppcompliancecertcheck Applies when the Citrix ADC appliance acts as a client (back-end connection). Settings apply as follows: YES - During certificate verification, ignore the common name if SAN is present in the certificate. NO - Do not ignore common name. Possible values = YES, NO .PARAMETER Heterogeneoussslhw To support both cavium and coleto based platforms in cluster environment, this mode has to be enabled. Possible values = ENABLED, DISABLED .PARAMETER Operationqueuelimit Limit in percentage of capacity of the crypto operations queue beyond which new SSL connections are not accepted until the queue is reduced. .EXAMPLE PS C:\>Invoke-ADCUnsetSslparameter An example how to unset sslparameter configuration Object(s). .NOTES File Name : Invoke-ADCUnsetSslparameter Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslparameter Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Boolean]$quantumsize, [Boolean]$crlmemorysizemb, [Boolean]$strictcachecks, [Boolean]$ssltriggertimeout, [Boolean]$sendclosenotify, [Boolean]$encrypttriggerpktcount, [Boolean]$denysslreneg, [Boolean]$insertionencoding, [Boolean]$ocspcachesize, [Boolean]$pushflag, [Boolean]$dropreqwithnohostheader, [Boolean]$snihttphostmatch, [Boolean]$pushenctriggertimeout, [Boolean]$cryptodevdisablelimit, [Boolean]$undefactioncontrol, [Boolean]$undefactiondata, [Boolean]$defaultprofile, [Boolean]$softwarecryptothreshold, [Boolean]$hybridfipsmode, [Boolean]$sigdigesttype, [Boolean]$sslierrorcache, [Boolean]$sslimaxerrorcachemem, [Boolean]$insertcertspace, [Boolean]$ndcppcompliancecertcheck, [Boolean]$heterogeneoussslhw, [Boolean]$operationqueuelimit ) begin { Write-Verbose "Invoke-ADCUnsetSslparameter: Starting" } process { try { $payload = @{ } if ( $PSBoundParameters.ContainsKey('quantumsize') ) { $payload.Add('quantumsize', $quantumsize) } if ( $PSBoundParameters.ContainsKey('crlmemorysizemb') ) { $payload.Add('crlmemorysizemb', $crlmemorysizemb) } if ( $PSBoundParameters.ContainsKey('strictcachecks') ) { $payload.Add('strictcachecks', $strictcachecks) } if ( $PSBoundParameters.ContainsKey('ssltriggertimeout') ) { $payload.Add('ssltriggertimeout', $ssltriggertimeout) } if ( $PSBoundParameters.ContainsKey('sendclosenotify') ) { $payload.Add('sendclosenotify', $sendclosenotify) } if ( $PSBoundParameters.ContainsKey('encrypttriggerpktcount') ) { $payload.Add('encrypttriggerpktcount', $encrypttriggerpktcount) } if ( $PSBoundParameters.ContainsKey('denysslreneg') ) { $payload.Add('denysslreneg', $denysslreneg) } if ( $PSBoundParameters.ContainsKey('insertionencoding') ) { $payload.Add('insertionencoding', $insertionencoding) } if ( $PSBoundParameters.ContainsKey('ocspcachesize') ) { $payload.Add('ocspcachesize', $ocspcachesize) } if ( $PSBoundParameters.ContainsKey('pushflag') ) { $payload.Add('pushflag', $pushflag) } if ( $PSBoundParameters.ContainsKey('dropreqwithnohostheader') ) { $payload.Add('dropreqwithnohostheader', $dropreqwithnohostheader) } if ( $PSBoundParameters.ContainsKey('snihttphostmatch') ) { $payload.Add('snihttphostmatch', $snihttphostmatch) } if ( $PSBoundParameters.ContainsKey('pushenctriggertimeout') ) { $payload.Add('pushenctriggertimeout', $pushenctriggertimeout) } if ( $PSBoundParameters.ContainsKey('cryptodevdisablelimit') ) { $payload.Add('cryptodevdisablelimit', $cryptodevdisablelimit) } if ( $PSBoundParameters.ContainsKey('undefactioncontrol') ) { $payload.Add('undefactioncontrol', $undefactioncontrol) } if ( $PSBoundParameters.ContainsKey('undefactiondata') ) { $payload.Add('undefactiondata', $undefactiondata) } if ( $PSBoundParameters.ContainsKey('defaultprofile') ) { $payload.Add('defaultprofile', $defaultprofile) } if ( $PSBoundParameters.ContainsKey('softwarecryptothreshold') ) { $payload.Add('softwarecryptothreshold', $softwarecryptothreshold) } if ( $PSBoundParameters.ContainsKey('hybridfipsmode') ) { $payload.Add('hybridfipsmode', $hybridfipsmode) } if ( $PSBoundParameters.ContainsKey('sigdigesttype') ) { $payload.Add('sigdigesttype', $sigdigesttype) } if ( $PSBoundParameters.ContainsKey('sslierrorcache') ) { $payload.Add('sslierrorcache', $sslierrorcache) } if ( $PSBoundParameters.ContainsKey('sslimaxerrorcachemem') ) { $payload.Add('sslimaxerrorcachemem', $sslimaxerrorcachemem) } if ( $PSBoundParameters.ContainsKey('insertcertspace') ) { $payload.Add('insertcertspace', $insertcertspace) } if ( $PSBoundParameters.ContainsKey('ndcppcompliancecertcheck') ) { $payload.Add('ndcppcompliancecertcheck', $ndcppcompliancecertcheck) } if ( $PSBoundParameters.ContainsKey('heterogeneoussslhw') ) { $payload.Add('heterogeneoussslhw', $heterogeneoussslhw) } if ( $PSBoundParameters.ContainsKey('operationqueuelimit') ) { $payload.Add('operationqueuelimit', $operationqueuelimit) } if ( $PSCmdlet.ShouldProcess("sslparameter", "Unset SSL configuration Object") ) { $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method POST -Type sslparameter -NitroPath nitro/v1/config -Action unset -Payload $payload -GetWarning #HTTP Status Code on Success: 200 OK #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error Write-Output $response } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCUnsetSslparameter: Finished" } } function Invoke-ADCGetSslparameter { <# .SYNOPSIS Get SSL configuration object(s). .DESCRIPTION Configuration for SSL parameter resource. .PARAMETER GetAll Retrieve all sslparameter object(s). .PARAMETER Count If specified, the count of the sslparameter object(s) will be returned. .PARAMETER Filter Specify a filter. -Filter @{ 'name'='<value>' } .PARAMETER ViewSummary When specified, only a summary of information is returned. .EXAMPLE PS C:\>Invoke-ADCGetSslparameter Get data. .EXAMPLE PS C:\>Invoke-ADCGetSslparameter -GetAll Get all sslparameter data. .EXAMPLE PS C:\>Invoke-ADCGetSslparameter -name <string> Get sslparameter object by specifying for example the name. .EXAMPLE PS C:\>Invoke-ADCGetSslparameter -Filter @{ 'name'='<value>' } Get sslparameter data with a filter. .NOTES File Name : Invoke-ADCGetSslparameter Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslparameter/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(DefaultParameterSetName = "GetAll")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [hashtable]$Filter = @{ }, [Parameter(ParameterSetName = 'GetAll')] [Switch]$GetAll ) begin { Write-Verbose "Invoke-ADCGetSslparameter: Beginning" } process { try { if ( $PsCmdlet.ParameterSetName -eq 'GetAll' ) { $query = @{ } Write-Verbose "Retrieving all sslparameter objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslparameter -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'Count' ) { if ( $PSBoundParameters.ContainsKey('Count') ) { $query = @{ 'count' = 'yes' } } Write-Verbose "Retrieving total count for sslparameter objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslparameter -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByArgument' ) { Write-Verbose "Retrieving sslparameter objects by arguments" $arguments = @{ } $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslparameter -NitroPath nitro/v1/config -Arguments $arguments -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByResource' ) { Write-Verbose "Retrieving sslparameter configuration for property ''" } else { Write-Verbose "Retrieving sslparameter configuration objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslparameter -NitroPath nitro/v1/config -Summary:$ViewSummary -Query $query -Filter $Filter -GetWarning } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" $response = $null } Write-Output $response } end { Write-Verbose "Invoke-ADCGetSslparameter: Ended" } } function Invoke-ADCConvertSslpkcs12 { <# .SYNOPSIS Convert SSL configuration Object. .DESCRIPTION Configuration for pkcs12 resource. .PARAMETER Outfile Name for and, optionally, path to, the output file that contains the certificate and the private key after converting from PKCS#12 to PEM format. /nsconfig/ssl/ is the default path. If importing, the certificate-key pair is stored in PEM format. If exporting, the certificate-key pair is stored in PKCS#12 format. .PARAMETER Import Convert the certificate and private-key from PKCS#12 format to PEM format. .PARAMETER Pkcs12file Name for and, optionally, path to, the PKCS#12 file. If importing, specify the input file name that contains the certificate and the private key in PKCS#12 format. If exporting, specify the output file name that contains the certificate and the private key after converting from PEM to PKCS#12 format. /nsconfig/ssl/ is the default path. During the import operation, if the key is encrypted, you are prompted to enter the pass phrase used for encrypting the key. .PARAMETER Des Encrypt the private key by using the DES algorithm in CBC mode during the import operation. On the command line, you are prompted to enter the pass phrase. .PARAMETER Des3 Encrypt the private key by using the Triple-DES algorithm in EDE CBC mode (168-bit key) during the import operation. On the command line, you are prompted to enter the pass phrase. .PARAMETER Aes256 Encrypt the private key by using the AES algorithm (256-bit key) during the import operation. On the command line, you are prompted to enter the pass phrase. .PARAMETER Export Convert the certificate and private key from PEM format to PKCS#12 format. On the command line, you are prompted to enter the pass phrase. .PARAMETER Certfile Certificate file to be converted from PEM to PKCS#12 format. .PARAMETER Keyfile Name of the private key file to be converted from PEM to PKCS#12 format. If the key file is encrypted, you are prompted to enter the pass phrase used for encrypting the key. .PARAMETER Password . .PARAMETER Pempassphrase . .EXAMPLE PS C:\>Invoke-ADCConvertSslpkcs12 -outfile <string> -password <string> An example how to convert sslpkcs12 configuration Object(s). .NOTES File Name : Invoke-ADCConvertSslpkcs12 Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslpkcs12/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(Mandatory)] [string]$Outfile, [boolean]$Import, [string]$Pkcs12file, [boolean]$Des, [boolean]$Des3, [boolean]$Aes256, [boolean]$Export, [string]$Certfile, [string]$Keyfile, [Parameter(Mandatory)] [ValidateLength(1, 31)] [string]$Password, [ValidateLength(1, 31)] [string]$Pempassphrase ) begin { Write-Verbose "Invoke-ADCConvertSslpkcs12: Starting" } process { try { $payload = @{ outfile = $outfile password = $password } if ( $PSBoundParameters.ContainsKey('Import') ) { $payload.Add('Import', $Import) } if ( $PSBoundParameters.ContainsKey('pkcs12file') ) { $payload.Add('pkcs12file', $pkcs12file) } if ( $PSBoundParameters.ContainsKey('des') ) { $payload.Add('des', $des) } if ( $PSBoundParameters.ContainsKey('des3') ) { $payload.Add('des3', $des3) } if ( $PSBoundParameters.ContainsKey('aes256') ) { $payload.Add('aes256', $aes256) } if ( $PSBoundParameters.ContainsKey('export') ) { $payload.Add('export', $export) } if ( $PSBoundParameters.ContainsKey('certfile') ) { $payload.Add('certfile', $certfile) } if ( $PSBoundParameters.ContainsKey('keyfile') ) { $payload.Add('keyfile', $keyfile) } if ( $PSBoundParameters.ContainsKey('pempassphrase') ) { $payload.Add('pempassphrase', $pempassphrase) } if ( $PSCmdlet.ShouldProcess($Name, "Convert SSL configuration Object") ) { $result = Invoke-ADCNitroApi -ADCSession $ADCSession -Method POST -NitroPath nitro/v1/config -Type sslpkcs12 -Action convert -Payload $payload -GetWarning #HTTP Status Code on Success: 200 OK #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error Write-Output $result } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCConvertSslpkcs12: Finished" } } function Invoke-ADCConvertSslpkcs8 { <# .SYNOPSIS Convert SSL configuration Object. .DESCRIPTION Configuration for pkcs8 resource. .PARAMETER Pkcs8file Name for and, optionally, path to, the output file where the PKCS#8 format key file is stored. /nsconfig/ssl/ is the default path. .PARAMETER Keyfile Name of and, optionally, path to the input key file to be converted from PEM or DER format to PKCS#8 format. /nsconfig/ssl/ is the default path. .PARAMETER Keyform Format in which the key file is stored on the appliance. Possible values = DER, PEM .PARAMETER Password Password to assign to the file if the key is encrypted. Applies only for PEM format files. .EXAMPLE PS C:\>Invoke-ADCConvertSslpkcs8 -pkcs8file <string> -keyfile <string> An example how to convert sslpkcs8 configuration Object(s). .NOTES File Name : Invoke-ADCConvertSslpkcs8 Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslpkcs8/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(Mandatory)] [string]$Pkcs8file, [Parameter(Mandatory)] [string]$Keyfile, [ValidateSet('DER', 'PEM')] [string]$Keyform, [ValidateLength(1, 31)] [string]$Password ) begin { Write-Verbose "Invoke-ADCConvertSslpkcs8: Starting" } process { try { $payload = @{ pkcs8file = $pkcs8file keyfile = $keyfile } if ( $PSBoundParameters.ContainsKey('keyform') ) { $payload.Add('keyform', $keyform) } if ( $PSBoundParameters.ContainsKey('password') ) { $payload.Add('password', $password) } if ( $PSCmdlet.ShouldProcess($Name, "Convert SSL configuration Object") ) { $result = Invoke-ADCNitroApi -ADCSession $ADCSession -Method POST -NitroPath nitro/v1/config -Type sslpkcs8 -Action convert -Payload $payload -GetWarning #HTTP Status Code on Success: 200 OK #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error Write-Output $result } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCConvertSslpkcs8: Finished" } } function Invoke-ADCAddSslpolicy { <# .SYNOPSIS Add SSL configuration Object. .DESCRIPTION Configuration for SSL policy resource. .PARAMETER Name Name for the new SSL policy. Must begin with an ASCII alphanumeric or underscore (_) character, and must contain only ASCII alphanumeric, underscore, hash (#), period (.), space, colon (:), at (@), equals (=), and hyphen (-) characters. Cannot be changed after the policy is created. .PARAMETER Rule Expression, against which traffic is evaluated. The following requirements apply only to the Citrix ADC CLI: * If the expression includes one or more spaces, enclose the entire expression in double quotation marks. * If the expression itself includes double quotation marks, escape the quotations by using the character. * Alternatively, you can use single quotation marks to enclose the rule, in which case you do not have to escape the double quotation marks. .PARAMETER Reqaction The name of the action to be performed on the request. Refer to 'add ssl action' command to add a new action. Builtin actions like NOOP, RESET, DROP, CLIENTAUTH and NOCLIENTAUTH are also allowed. .PARAMETER Action Name of the built-in or user-defined action to perform on the request. Available built-in actions are NOOP, RESET, DROP, CLIENTAUTH, NOCLIENTAUTH, INTERCEPT AND BYPASS. .PARAMETER Undefaction Name of the action to be performed when the result of rule evaluation is undefined. Possible values for control policies: CLIENTAUTH, NOCLIENTAUTH, NOOP, RESET, DROP. Possible values for data policies: NOOP, RESET, DROP and BYPASS. .PARAMETER Comment Any comments associated with this policy. .PARAMETER PassThru Return details about the created sslpolicy item. .EXAMPLE PS C:\>Invoke-ADCAddSslpolicy -name <string> -rule <string> An example how to add sslpolicy configuration Object(s). .NOTES File Name : Invoke-ADCAddSslpolicy Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslpolicy/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(Mandatory)] [ValidateScript({ $_.Length -gt 1 })] [ValidatePattern('^(([a-zA-Z0-9]|[_])+([a-zA-Z0-9]|[_])+)$')] [string]$Name, [Parameter(Mandatory)] [string]$Rule, [ValidateScript({ $_.Length -gt 1 })] [string]$Reqaction, [string]$Action, [string]$Undefaction, [string]$Comment, [Switch]$PassThru ) begin { Write-Verbose "Invoke-ADCAddSslpolicy: Starting" } process { try { $payload = @{ name = $name rule = $rule } if ( $PSBoundParameters.ContainsKey('reqaction') ) { $payload.Add('reqaction', $reqaction) } if ( $PSBoundParameters.ContainsKey('action') ) { $payload.Add('action', $action) } if ( $PSBoundParameters.ContainsKey('undefaction') ) { $payload.Add('undefaction', $undefaction) } if ( $PSBoundParameters.ContainsKey('comment') ) { $payload.Add('comment', $comment) } if ( $PSCmdlet.ShouldProcess("sslpolicy", "Add SSL configuration Object") ) { $result = Invoke-ADCNitroApi -ADCSession $ADCSession -Method POST -NitroPath nitro/v1/config -Type sslpolicy -Payload $payload -GetWarning #HTTP Status Code on Success: 201 Created #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error if ( $PSBoundParameters.ContainsKey('PassThru') ) { Write-Output (Invoke-ADCGetSslpolicy -Filter $payload) } else { Write-Output $result } } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCAddSslpolicy: Finished" } } function Invoke-ADCDeleteSslpolicy { <# .SYNOPSIS Delete SSL configuration Object. .DESCRIPTION Configuration for SSL policy resource. .PARAMETER Name Name for the new SSL policy. Must begin with an ASCII alphanumeric or underscore (_) character, and must contain only ASCII alphanumeric, underscore, hash (#), period (.), space, colon (:), at (@), equals (=), and hyphen (-) characters. Cannot be changed after the policy is created. .EXAMPLE PS C:\>Invoke-ADCDeleteSslpolicy -Name <string> An example how to delete sslpolicy configuration Object(s). .NOTES File Name : Invoke-ADCDeleteSslpolicy Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslpolicy/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(Mandatory)] [string]$Name ) begin { Write-Verbose "Invoke-ADCDeleteSslpolicy: Starting" } process { try { $arguments = @{ } if ( $PSCmdlet.ShouldProcess("$name", "Delete SSL configuration Object") ) { $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method DELETE -Type sslpolicy -NitroPath nitro/v1/config -Resource $name -Arguments $arguments #HTTP Status Code on Success: 200 OK #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error Write-Output $response } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCDeleteSslpolicy: Finished" } } function Invoke-ADCUpdateSslpolicy { <# .SYNOPSIS Update SSL configuration Object. .DESCRIPTION Configuration for SSL policy resource. .PARAMETER Name Name for the new SSL policy. Must begin with an ASCII alphanumeric or underscore (_) character, and must contain only ASCII alphanumeric, underscore, hash (#), period (.), space, colon (:), at (@), equals (=), and hyphen (-) characters. Cannot be changed after the policy is created. .PARAMETER Rule Expression, against which traffic is evaluated. The following requirements apply only to the Citrix ADC CLI: * If the expression includes one or more spaces, enclose the entire expression in double quotation marks. * If the expression itself includes double quotation marks, escape the quotations by using the character. * Alternatively, you can use single quotation marks to enclose the rule, in which case you do not have to escape the double quotation marks. .PARAMETER Action Name of the built-in or user-defined action to perform on the request. Available built-in actions are NOOP, RESET, DROP, CLIENTAUTH, NOCLIENTAUTH, INTERCEPT AND BYPASS. .PARAMETER Undefaction Name of the action to be performed when the result of rule evaluation is undefined. Possible values for control policies: CLIENTAUTH, NOCLIENTAUTH, NOOP, RESET, DROP. Possible values for data policies: NOOP, RESET, DROP and BYPASS. .PARAMETER Comment Any comments associated with this policy. .PARAMETER PassThru Return details about the created sslpolicy item. .EXAMPLE PS C:\>Invoke-ADCUpdateSslpolicy -name <string> An example how to update sslpolicy configuration Object(s). .NOTES File Name : Invoke-ADCUpdateSslpolicy Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslpolicy/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(Mandatory)] [ValidateScript({ $_.Length -gt 1 })] [ValidatePattern('^(([a-zA-Z0-9]|[_])+([a-zA-Z0-9]|[_])+)$')] [string]$Name, [string]$Rule, [string]$Action, [string]$Undefaction, [string]$Comment, [Switch]$PassThru ) begin { Write-Verbose "Invoke-ADCUpdateSslpolicy: Starting" } process { try { $payload = @{ name = $name } if ( $PSBoundParameters.ContainsKey('rule') ) { $payload.Add('rule', $rule) } if ( $PSBoundParameters.ContainsKey('action') ) { $payload.Add('action', $action) } if ( $PSBoundParameters.ContainsKey('undefaction') ) { $payload.Add('undefaction', $undefaction) } if ( $PSBoundParameters.ContainsKey('comment') ) { $payload.Add('comment', $comment) } if ( $PSCmdlet.ShouldProcess("sslpolicy", "Update SSL configuration Object") ) { $result = Invoke-ADCNitroApi -ADCSession $ADCSession -Method PUT -NitroPath nitro/v1/config -Type sslpolicy -Payload $payload -GetWarning #HTTP Status Code on Success: 200 OK #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error if ( $PSBoundParameters.ContainsKey('PassThru') ) { Write-Output (Invoke-ADCGetSslpolicy -Filter $payload) } else { Write-Output $result } } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCUpdateSslpolicy: Finished" } } function Invoke-ADCUnsetSslpolicy { <# .SYNOPSIS Unset SSL configuration Object. .DESCRIPTION Configuration for SSL policy resource. .PARAMETER Name Name for the new SSL policy. Must begin with an ASCII alphanumeric or underscore (_) character, and must contain only ASCII alphanumeric, underscore, hash (#), period (.), space, colon (:), at (@), equals (=), and hyphen (-) characters. Cannot be changed after the policy is created. .PARAMETER Undefaction Name of the action to be performed when the result of rule evaluation is undefined. Possible values for control policies: CLIENTAUTH, NOCLIENTAUTH, NOOP, RESET, DROP. Possible values for data policies: NOOP, RESET, DROP and BYPASS. .PARAMETER Comment Any comments associated with this policy. .EXAMPLE PS C:\>Invoke-ADCUnsetSslpolicy -name <string> An example how to unset sslpolicy configuration Object(s). .NOTES File Name : Invoke-ADCUnsetSslpolicy Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslpolicy Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [ValidateScript({ $_.Length -gt 1 })] [ValidatePattern('^(([a-zA-Z0-9]|[_])+([a-zA-Z0-9]|[_])+)$')] [string]$Name, [Boolean]$undefaction, [Boolean]$comment ) begin { Write-Verbose "Invoke-ADCUnsetSslpolicy: Starting" } process { try { $payload = @{ name = $name } if ( $PSBoundParameters.ContainsKey('undefaction') ) { $payload.Add('undefaction', $undefaction) } if ( $PSBoundParameters.ContainsKey('comment') ) { $payload.Add('comment', $comment) } if ( $PSCmdlet.ShouldProcess("$name", "Unset SSL configuration Object") ) { $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method POST -Type sslpolicy -NitroPath nitro/v1/config -Action unset -Payload $payload -GetWarning #HTTP Status Code on Success: 200 OK #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error Write-Output $response } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCUnsetSslpolicy: Finished" } } function Invoke-ADCGetSslpolicy { <# .SYNOPSIS Get SSL configuration object(s). .DESCRIPTION Configuration for SSL policy resource. .PARAMETER Name Name for the new SSL policy. Must begin with an ASCII alphanumeric or underscore (_) character, and must contain only ASCII alphanumeric, underscore, hash (#), period (.), space, colon (:), at (@), equals (=), and hyphen (-) characters. Cannot be changed after the policy is created. .PARAMETER GetAll Retrieve all sslpolicy object(s). .PARAMETER Count If specified, the count of the sslpolicy object(s) will be returned. .PARAMETER Filter Specify a filter. -Filter @{ 'name'='<value>' } .PARAMETER ViewSummary When specified, only a summary of information is returned. .EXAMPLE PS C:\>Invoke-ADCGetSslpolicy Get data. .EXAMPLE PS C:\>Invoke-ADCGetSslpolicy -GetAll Get all sslpolicy data. .EXAMPLE PS C:\>Invoke-ADCGetSslpolicy -Count Get the number of sslpolicy objects. .EXAMPLE PS C:\>Invoke-ADCGetSslpolicy -name <string> Get sslpolicy object by specifying for example the name. .EXAMPLE PS C:\>Invoke-ADCGetSslpolicy -Filter @{ 'name'='<value>' } Get sslpolicy data with a filter. .NOTES File Name : Invoke-ADCGetSslpolicy Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslpolicy/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(DefaultParameterSetName = "GetAll")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(ParameterSetName = 'GetByResource')] [ValidateScript({ $_.Length -gt 1 })] [ValidatePattern('^(([a-zA-Z0-9]|[_])+([a-zA-Z0-9]|[_])+)$')] [string]$Name, [Parameter(ParameterSetName = 'Count', Mandatory)] [Switch]$Count, [hashtable]$Filter = @{ }, [Parameter(ParameterSetName = 'GetAll')] [Switch]$GetAll, [Parameter(ParameterSetName = 'GetAll')] [Parameter(ParameterSetName = 'Get')] [Switch]$ViewSummary ) begin { Write-Verbose "Invoke-ADCGetSslpolicy: Beginning" } process { try { if ( $PsCmdlet.ParameterSetName -eq 'GetAll' ) { $query = @{ } Write-Verbose "Retrieving all sslpolicy objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslpolicy -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'Count' ) { if ( $PSBoundParameters.ContainsKey('Count') ) { $query = @{ 'count' = 'yes' } } Write-Verbose "Retrieving total count for sslpolicy objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslpolicy -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByArgument' ) { Write-Verbose "Retrieving sslpolicy objects by arguments" $arguments = @{ } $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslpolicy -NitroPath nitro/v1/config -Arguments $arguments -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByResource' ) { Write-Verbose "Retrieving sslpolicy configuration for property 'name'" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslpolicy -NitroPath nitro/v1/config -Resource $name -Summary:$ViewSummary -Filter $Filter -GetWarning } else { Write-Verbose "Retrieving sslpolicy configuration objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslpolicy -NitroPath nitro/v1/config -Summary:$ViewSummary -Query $query -Filter $Filter -GetWarning } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" $response = $null } Write-Output $response } end { Write-Verbose "Invoke-ADCGetSslpolicy: Ended" } } function Invoke-ADCAddSslpolicylabel { <# .SYNOPSIS Add SSL configuration Object. .DESCRIPTION Configuration for SSL policy label resource. .PARAMETER Labelname Name for the SSL policy label. Must begin with an ASCII alphanumeric or underscore (_) character, and must contain only ASCII alphanumeric, underscore, hash (#), period (.), space, colon (:), at (@), equals (=), and hyphen (-) characters. Cannot be changed after the policy label is created. .PARAMETER Type Type of policies that the policy label can contain. Possible values = CONTROL, DATA, HTTPQUIC_CONTROL, HTTPQUIC_DATA .PARAMETER PassThru Return details about the created sslpolicylabel item. .EXAMPLE PS C:\>Invoke-ADCAddSslpolicylabel -labelname <string> -type <string> An example how to add sslpolicylabel configuration Object(s). .NOTES File Name : Invoke-ADCAddSslpolicylabel Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslpolicylabel/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(Mandatory)] [ValidatePattern('^(([a-zA-Z0-9]|[_])+([a-zA-Z0-9]|[_])+)$')] [string]$Labelname, [Parameter(Mandatory)] [ValidateSet('CONTROL', 'DATA', 'HTTPQUIC_CONTROL', 'HTTPQUIC_DATA')] [string]$Type, [Switch]$PassThru ) begin { Write-Verbose "Invoke-ADCAddSslpolicylabel: Starting" } process { try { $payload = @{ labelname = $labelname type = $type } if ( $PSCmdlet.ShouldProcess("sslpolicylabel", "Add SSL configuration Object") ) { $result = Invoke-ADCNitroApi -ADCSession $ADCSession -Method POST -NitroPath nitro/v1/config -Type sslpolicylabel -Payload $payload -GetWarning #HTTP Status Code on Success: 201 Created #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error if ( $PSBoundParameters.ContainsKey('PassThru') ) { Write-Output (Invoke-ADCGetSslpolicylabel -Filter $payload) } else { Write-Output $result } } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCAddSslpolicylabel: Finished" } } function Invoke-ADCDeleteSslpolicylabel { <# .SYNOPSIS Delete SSL configuration Object. .DESCRIPTION Configuration for SSL policy label resource. .PARAMETER Labelname Name for the SSL policy label. Must begin with an ASCII alphanumeric or underscore (_) character, and must contain only ASCII alphanumeric, underscore, hash (#), period (.), space, colon (:), at (@), equals (=), and hyphen (-) characters. Cannot be changed after the policy label is created. .EXAMPLE PS C:\>Invoke-ADCDeleteSslpolicylabel -Labelname <string> An example how to delete sslpolicylabel configuration Object(s). .NOTES File Name : Invoke-ADCDeleteSslpolicylabel Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslpolicylabel/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(Mandatory)] [string]$Labelname ) begin { Write-Verbose "Invoke-ADCDeleteSslpolicylabel: Starting" } process { try { $arguments = @{ } if ( $PSCmdlet.ShouldProcess("$labelname", "Delete SSL configuration Object") ) { $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method DELETE -Type sslpolicylabel -NitroPath nitro/v1/config -Resource $labelname -Arguments $arguments #HTTP Status Code on Success: 200 OK #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error Write-Output $response } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCDeleteSslpolicylabel: Finished" } } function Invoke-ADCGetSslpolicylabel { <# .SYNOPSIS Get SSL configuration object(s). .DESCRIPTION Configuration for SSL policy label resource. .PARAMETER Labelname Name for the SSL policy label. Must begin with an ASCII alphanumeric or underscore (_) character, and must contain only ASCII alphanumeric, underscore, hash (#), period (.), space, colon (:), at (@), equals (=), and hyphen (-) characters. Cannot be changed after the policy label is created. .PARAMETER GetAll Retrieve all sslpolicylabel object(s). .PARAMETER Count If specified, the count of the sslpolicylabel object(s) will be returned. .PARAMETER Filter Specify a filter. -Filter @{ 'name'='<value>' } .PARAMETER ViewSummary When specified, only a summary of information is returned. .EXAMPLE PS C:\>Invoke-ADCGetSslpolicylabel Get data. .EXAMPLE PS C:\>Invoke-ADCGetSslpolicylabel -GetAll Get all sslpolicylabel data. .EXAMPLE PS C:\>Invoke-ADCGetSslpolicylabel -Count Get the number of sslpolicylabel objects. .EXAMPLE PS C:\>Invoke-ADCGetSslpolicylabel -name <string> Get sslpolicylabel object by specifying for example the name. .EXAMPLE PS C:\>Invoke-ADCGetSslpolicylabel -Filter @{ 'name'='<value>' } Get sslpolicylabel data with a filter. .NOTES File Name : Invoke-ADCGetSslpolicylabel Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslpolicylabel/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(DefaultParameterSetName = "GetAll")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(ParameterSetName = 'GetByResource')] [ValidatePattern('^(([a-zA-Z0-9]|[_])+([a-zA-Z0-9]|[_])+)$')] [string]$Labelname, [Parameter(ParameterSetName = 'Count', Mandatory)] [Switch]$Count, [hashtable]$Filter = @{ }, [Parameter(ParameterSetName = 'GetAll')] [Switch]$GetAll, [Parameter(ParameterSetName = 'GetAll')] [Parameter(ParameterSetName = 'Get')] [Switch]$ViewSummary ) begin { Write-Verbose "Invoke-ADCGetSslpolicylabel: Beginning" } process { try { if ( $PsCmdlet.ParameterSetName -eq 'GetAll' ) { $query = @{ } Write-Verbose "Retrieving all sslpolicylabel objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslpolicylabel -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'Count' ) { if ( $PSBoundParameters.ContainsKey('Count') ) { $query = @{ 'count' = 'yes' } } Write-Verbose "Retrieving total count for sslpolicylabel objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslpolicylabel -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByArgument' ) { Write-Verbose "Retrieving sslpolicylabel objects by arguments" $arguments = @{ } $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslpolicylabel -NitroPath nitro/v1/config -Arguments $arguments -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByResource' ) { Write-Verbose "Retrieving sslpolicylabel configuration for property 'labelname'" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslpolicylabel -NitroPath nitro/v1/config -Resource $labelname -Summary:$ViewSummary -Filter $Filter -GetWarning } else { Write-Verbose "Retrieving sslpolicylabel configuration objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslpolicylabel -NitroPath nitro/v1/config -Summary:$ViewSummary -Query $query -Filter $Filter -GetWarning } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" $response = $null } Write-Output $response } end { Write-Verbose "Invoke-ADCGetSslpolicylabel: Ended" } } function Invoke-ADCGetSslpolicylabelbinding { <# .SYNOPSIS Get SSL configuration object(s). .DESCRIPTION Binding object which returns the resources bound to sslpolicylabel. .PARAMETER Labelname Name of the SSL policy label for which to show detailed information. .PARAMETER GetAll Retrieve all sslpolicylabel_binding object(s). .PARAMETER Count If specified, the count of the sslpolicylabel_binding object(s) will be returned. .PARAMETER Filter Specify a filter. -Filter @{ 'name'='<value>' } .PARAMETER ViewSummary When specified, only a summary of information is returned. .EXAMPLE PS C:\>Invoke-ADCGetSslpolicylabelbinding Get data. .EXAMPLE PS C:\>Invoke-ADCGetSslpolicylabelbinding -GetAll Get all sslpolicylabel_binding data. .EXAMPLE PS C:\>Invoke-ADCGetSslpolicylabelbinding -name <string> Get sslpolicylabel_binding object by specifying for example the name. .EXAMPLE PS C:\>Invoke-ADCGetSslpolicylabelbinding -Filter @{ 'name'='<value>' } Get sslpolicylabel_binding data with a filter. .NOTES File Name : Invoke-ADCGetSslpolicylabelbinding Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslpolicylabel_binding/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(DefaultParameterSetName = "GetAll")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(ParameterSetName = 'GetByResource')] [string]$Labelname, [hashtable]$Filter = @{ }, [Parameter(ParameterSetName = 'GetAll')] [Switch]$GetAll ) begin { Write-Verbose "Invoke-ADCGetSslpolicylabelbinding: Beginning" } process { try { if ( $PsCmdlet.ParameterSetName -eq 'GetAll' ) { $query = @{ bulkbindings = 'yes' } Write-Verbose "Retrieving all sslpolicylabel_binding objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslpolicylabel_binding -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'Count' ) { if ( $PSBoundParameters.ContainsKey('Count') ) { $query = @{ 'count' = 'yes' } } Write-Verbose "Retrieving total count for sslpolicylabel_binding objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslpolicylabel_binding -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByArgument' ) { Write-Verbose "Retrieving sslpolicylabel_binding objects by arguments" $arguments = @{ } $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslpolicylabel_binding -NitroPath nitro/v1/config -Arguments $arguments -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByResource' ) { Write-Verbose "Retrieving sslpolicylabel_binding configuration for property 'labelname'" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslpolicylabel_binding -NitroPath nitro/v1/config -Resource $labelname -Summary:$ViewSummary -Filter $Filter -GetWarning } else { Write-Verbose "Retrieving sslpolicylabel_binding configuration objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslpolicylabel_binding -NitroPath nitro/v1/config -Summary:$ViewSummary -Query $query -Filter $Filter -GetWarning } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" $response = $null } Write-Output $response } end { Write-Verbose "Invoke-ADCGetSslpolicylabelbinding: Ended" } } function Invoke-ADCAddSslpolicylabelsslpolicybinding { <# .SYNOPSIS Add SSL configuration Object. .DESCRIPTION Binding object showing the sslpolicy that can be bound to sslpolicylabel. .PARAMETER Labelname Name of the SSL policy label to which to bind policies. .PARAMETER Policyname Name of the SSL policy to bind to the policy label. .PARAMETER Priority Specifies the priority of the policy. .PARAMETER Gotopriorityexpression Expression specifying the priority of the next policy which will get evaluated if the current policy rule evaluates to TRUE. .PARAMETER Invoke Invoke policies bound to a policy label. After the invoked policies are evaluated, the flow returns to the policy with the next priority. .PARAMETER Labeltype Type of policy label invocation. Possible values = vserver, service, policylabel .PARAMETER Invoke_labelname Name of the label to invoke if the current policy rule evaluates to TRUE. .PARAMETER PassThru Return details about the created sslpolicylabel_sslpolicy_binding item. .EXAMPLE PS C:\>Invoke-ADCAddSslpolicylabelsslpolicybinding -labelname <string> -policyname <string> -priority <double> An example how to add sslpolicylabel_sslpolicy_binding configuration Object(s). .NOTES File Name : Invoke-ADCAddSslpolicylabelsslpolicybinding Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslpolicylabel_sslpolicy_binding/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(Mandatory)] [string]$Labelname, [Parameter(Mandatory)] [string]$Policyname, [Parameter(Mandatory)] [double]$Priority, [string]$Gotopriorityexpression, [boolean]$Invoke, [ValidateSet('vserver', 'service', 'policylabel')] [string]$Labeltype, [string]$Invoke_labelname, [Switch]$PassThru ) begin { Write-Verbose "Invoke-ADCAddSslpolicylabelsslpolicybinding: Starting" } process { try { $payload = @{ labelname = $labelname policyname = $policyname priority = $priority } if ( $PSBoundParameters.ContainsKey('gotopriorityexpression') ) { $payload.Add('gotopriorityexpression', $gotopriorityexpression) } if ( $PSBoundParameters.ContainsKey('invoke') ) { $payload.Add('invoke', $invoke) } if ( $PSBoundParameters.ContainsKey('labeltype') ) { $payload.Add('labeltype', $labeltype) } if ( $PSBoundParameters.ContainsKey('invoke_labelname') ) { $payload.Add('invoke_labelname', $invoke_labelname) } if ( $PSCmdlet.ShouldProcess("sslpolicylabel_sslpolicy_binding", "Add SSL configuration Object") ) { $result = Invoke-ADCNitroApi -ADCSession $ADCSession -Method PUT -NitroPath nitro/v1/config -Type sslpolicylabel_sslpolicy_binding -Payload $payload -GetWarning #HTTP Status Code on Success: 201 Created #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error if ( $PSBoundParameters.ContainsKey('PassThru') ) { Write-Output (Invoke-ADCGetSslpolicylabelsslpolicybinding -Filter $payload) } else { Write-Output $result } } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCAddSslpolicylabelsslpolicybinding: Finished" } } function Invoke-ADCDeleteSslpolicylabelsslpolicybinding { <# .SYNOPSIS Delete SSL configuration Object. .DESCRIPTION Binding object showing the sslpolicy that can be bound to sslpolicylabel. .PARAMETER Labelname Name of the SSL policy label to which to bind policies. .PARAMETER Policyname Name of the SSL policy to bind to the policy label. .PARAMETER Priority Specifies the priority of the policy. .EXAMPLE PS C:\>Invoke-ADCDeleteSslpolicylabelsslpolicybinding -Labelname <string> An example how to delete sslpolicylabel_sslpolicy_binding configuration Object(s). .NOTES File Name : Invoke-ADCDeleteSslpolicylabelsslpolicybinding Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslpolicylabel_sslpolicy_binding/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(Mandatory)] [string]$Labelname, [string]$Policyname, [double]$Priority ) begin { Write-Verbose "Invoke-ADCDeleteSslpolicylabelsslpolicybinding: Starting" } process { try { $arguments = @{ } if ( $PSBoundParameters.ContainsKey('Policyname') ) { $arguments.Add('policyname', $Policyname) } if ( $PSBoundParameters.ContainsKey('Priority') ) { $arguments.Add('priority', $Priority) } if ( $PSCmdlet.ShouldProcess("$labelname", "Delete SSL configuration Object") ) { $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method DELETE -Type sslpolicylabel_sslpolicy_binding -NitroPath nitro/v1/config -Resource $labelname -Arguments $arguments #HTTP Status Code on Success: 200 OK #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error Write-Output $response } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCDeleteSslpolicylabelsslpolicybinding: Finished" } } function Invoke-ADCGetSslpolicylabelsslpolicybinding { <# .SYNOPSIS Get SSL configuration object(s). .DESCRIPTION Binding object showing the sslpolicy that can be bound to sslpolicylabel. .PARAMETER Labelname Name of the SSL policy label to which to bind policies. .PARAMETER GetAll Retrieve all sslpolicylabel_sslpolicy_binding object(s). .PARAMETER Count If specified, the count of the sslpolicylabel_sslpolicy_binding object(s) will be returned. .PARAMETER Filter Specify a filter. -Filter @{ 'name'='<value>' } .PARAMETER ViewSummary When specified, only a summary of information is returned. .EXAMPLE PS C:\>Invoke-ADCGetSslpolicylabelsslpolicybinding Get data. .EXAMPLE PS C:\>Invoke-ADCGetSslpolicylabelsslpolicybinding -GetAll Get all sslpolicylabel_sslpolicy_binding data. .EXAMPLE PS C:\>Invoke-ADCGetSslpolicylabelsslpolicybinding -Count Get the number of sslpolicylabel_sslpolicy_binding objects. .EXAMPLE PS C:\>Invoke-ADCGetSslpolicylabelsslpolicybinding -name <string> Get sslpolicylabel_sslpolicy_binding object by specifying for example the name. .EXAMPLE PS C:\>Invoke-ADCGetSslpolicylabelsslpolicybinding -Filter @{ 'name'='<value>' } Get sslpolicylabel_sslpolicy_binding data with a filter. .NOTES File Name : Invoke-ADCGetSslpolicylabelsslpolicybinding Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslpolicylabel_sslpolicy_binding/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(DefaultParameterSetName = "GetAll")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(ParameterSetName = 'GetByResource')] [string]$Labelname, [Parameter(ParameterSetName = 'Count', Mandatory)] [Switch]$Count, [hashtable]$Filter = @{ }, [Parameter(ParameterSetName = 'GetAll')] [Switch]$GetAll ) begin { Write-Verbose "Invoke-ADCGetSslpolicylabelsslpolicybinding: Beginning" } process { try { if ( $PsCmdlet.ParameterSetName -eq 'GetAll' ) { $query = @{ bulkbindings = 'yes' } Write-Verbose "Retrieving all sslpolicylabel_sslpolicy_binding objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslpolicylabel_sslpolicy_binding -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'Count' ) { if ( $PSBoundParameters.ContainsKey('Count') ) { $query = @{ 'count' = 'yes' } } Write-Verbose "Retrieving total count for sslpolicylabel_sslpolicy_binding objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslpolicylabel_sslpolicy_binding -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByArgument' ) { Write-Verbose "Retrieving sslpolicylabel_sslpolicy_binding objects by arguments" $arguments = @{ } $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslpolicylabel_sslpolicy_binding -NitroPath nitro/v1/config -Arguments $arguments -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByResource' ) { Write-Verbose "Retrieving sslpolicylabel_sslpolicy_binding configuration for property 'labelname'" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslpolicylabel_sslpolicy_binding -NitroPath nitro/v1/config -Resource $labelname -Summary:$ViewSummary -Filter $Filter -GetWarning } else { Write-Verbose "Retrieving sslpolicylabel_sslpolicy_binding configuration objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslpolicylabel_sslpolicy_binding -NitroPath nitro/v1/config -Summary:$ViewSummary -Query $query -Filter $Filter -GetWarning } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" $response = $null } Write-Output $response } end { Write-Verbose "Invoke-ADCGetSslpolicylabelsslpolicybinding: Ended" } } function Invoke-ADCGetSslpolicybinding { <# .SYNOPSIS Get SSL configuration object(s). .DESCRIPTION Binding object which returns the resources bound to sslpolicy. .PARAMETER Name Name of the SSL policy for which to display detailed information. .PARAMETER GetAll Retrieve all sslpolicy_binding object(s). .PARAMETER Count If specified, the count of the sslpolicy_binding object(s) will be returned. .PARAMETER Filter Specify a filter. -Filter @{ 'name'='<value>' } .PARAMETER ViewSummary When specified, only a summary of information is returned. .EXAMPLE PS C:\>Invoke-ADCGetSslpolicybinding Get data. .EXAMPLE PS C:\>Invoke-ADCGetSslpolicybinding -GetAll Get all sslpolicy_binding data. .EXAMPLE PS C:\>Invoke-ADCGetSslpolicybinding -name <string> Get sslpolicy_binding object by specifying for example the name. .EXAMPLE PS C:\>Invoke-ADCGetSslpolicybinding -Filter @{ 'name'='<value>' } Get sslpolicy_binding data with a filter. .NOTES File Name : Invoke-ADCGetSslpolicybinding Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslpolicy_binding/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(DefaultParameterSetName = "GetAll")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(ParameterSetName = 'GetByResource')] [ValidateScript({ $_.Length -gt 1 })] [string]$Name, [hashtable]$Filter = @{ }, [Parameter(ParameterSetName = 'GetAll')] [Switch]$GetAll ) begin { Write-Verbose "Invoke-ADCGetSslpolicybinding: Beginning" } process { try { if ( $PsCmdlet.ParameterSetName -eq 'GetAll' ) { $query = @{ bulkbindings = 'yes' } Write-Verbose "Retrieving all sslpolicy_binding objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslpolicy_binding -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'Count' ) { if ( $PSBoundParameters.ContainsKey('Count') ) { $query = @{ 'count' = 'yes' } } Write-Verbose "Retrieving total count for sslpolicy_binding objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslpolicy_binding -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByArgument' ) { Write-Verbose "Retrieving sslpolicy_binding objects by arguments" $arguments = @{ } $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslpolicy_binding -NitroPath nitro/v1/config -Arguments $arguments -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByResource' ) { Write-Verbose "Retrieving sslpolicy_binding configuration for property 'name'" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslpolicy_binding -NitroPath nitro/v1/config -Resource $name -Summary:$ViewSummary -Filter $Filter -GetWarning } else { Write-Verbose "Retrieving sslpolicy_binding configuration objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslpolicy_binding -NitroPath nitro/v1/config -Summary:$ViewSummary -Query $query -Filter $Filter -GetWarning } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" $response = $null } Write-Output $response } end { Write-Verbose "Invoke-ADCGetSslpolicybinding: Ended" } } function Invoke-ADCGetSslpolicycsvserverbinding { <# .SYNOPSIS Get SSL configuration object(s). .DESCRIPTION Binding object showing the csvserver that can be bound to sslpolicy. .PARAMETER Name Name of the SSL policy for which to display detailed information. .PARAMETER GetAll Retrieve all sslpolicy_csvserver_binding object(s). .PARAMETER Count If specified, the count of the sslpolicy_csvserver_binding object(s) will be returned. .PARAMETER Filter Specify a filter. -Filter @{ 'name'='<value>' } .PARAMETER ViewSummary When specified, only a summary of information is returned. .EXAMPLE PS C:\>Invoke-ADCGetSslpolicycsvserverbinding Get data. .EXAMPLE PS C:\>Invoke-ADCGetSslpolicycsvserverbinding -GetAll Get all sslpolicy_csvserver_binding data. .EXAMPLE PS C:\>Invoke-ADCGetSslpolicycsvserverbinding -Count Get the number of sslpolicy_csvserver_binding objects. .EXAMPLE PS C:\>Invoke-ADCGetSslpolicycsvserverbinding -name <string> Get sslpolicy_csvserver_binding object by specifying for example the name. .EXAMPLE PS C:\>Invoke-ADCGetSslpolicycsvserverbinding -Filter @{ 'name'='<value>' } Get sslpolicy_csvserver_binding data with a filter. .NOTES File Name : Invoke-ADCGetSslpolicycsvserverbinding Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslpolicy_csvserver_binding/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(DefaultParameterSetName = "GetAll")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(ParameterSetName = 'GetByResource')] [ValidateScript({ $_.Length -gt 1 })] [string]$Name, [Parameter(ParameterSetName = 'Count', Mandatory)] [Switch]$Count, [hashtable]$Filter = @{ }, [Parameter(ParameterSetName = 'GetAll')] [Switch]$GetAll ) begin { Write-Verbose "Invoke-ADCGetSslpolicycsvserverbinding: Beginning" } process { try { if ( $PsCmdlet.ParameterSetName -eq 'GetAll' ) { $query = @{ bulkbindings = 'yes' } Write-Verbose "Retrieving all sslpolicy_csvserver_binding objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslpolicy_csvserver_binding -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'Count' ) { if ( $PSBoundParameters.ContainsKey('Count') ) { $query = @{ 'count' = 'yes' } } Write-Verbose "Retrieving total count for sslpolicy_csvserver_binding objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslpolicy_csvserver_binding -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByArgument' ) { Write-Verbose "Retrieving sslpolicy_csvserver_binding objects by arguments" $arguments = @{ } $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslpolicy_csvserver_binding -NitroPath nitro/v1/config -Arguments $arguments -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByResource' ) { Write-Verbose "Retrieving sslpolicy_csvserver_binding configuration for property 'name'" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslpolicy_csvserver_binding -NitroPath nitro/v1/config -Resource $name -Summary:$ViewSummary -Filter $Filter -GetWarning } else { Write-Verbose "Retrieving sslpolicy_csvserver_binding configuration objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslpolicy_csvserver_binding -NitroPath nitro/v1/config -Summary:$ViewSummary -Query $query -Filter $Filter -GetWarning } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" $response = $null } Write-Output $response } end { Write-Verbose "Invoke-ADCGetSslpolicycsvserverbinding: Ended" } } function Invoke-ADCGetSslpolicylbvserverbinding { <# .SYNOPSIS Get SSL configuration object(s). .DESCRIPTION Binding object showing the lbvserver that can be bound to sslpolicy. .PARAMETER Name Name of the SSL policy for which to display detailed information. .PARAMETER GetAll Retrieve all sslpolicy_lbvserver_binding object(s). .PARAMETER Count If specified, the count of the sslpolicy_lbvserver_binding object(s) will be returned. .PARAMETER Filter Specify a filter. -Filter @{ 'name'='<value>' } .PARAMETER ViewSummary When specified, only a summary of information is returned. .EXAMPLE PS C:\>Invoke-ADCGetSslpolicylbvserverbinding Get data. .EXAMPLE PS C:\>Invoke-ADCGetSslpolicylbvserverbinding -GetAll Get all sslpolicy_lbvserver_binding data. .EXAMPLE PS C:\>Invoke-ADCGetSslpolicylbvserverbinding -Count Get the number of sslpolicy_lbvserver_binding objects. .EXAMPLE PS C:\>Invoke-ADCGetSslpolicylbvserverbinding -name <string> Get sslpolicy_lbvserver_binding object by specifying for example the name. .EXAMPLE PS C:\>Invoke-ADCGetSslpolicylbvserverbinding -Filter @{ 'name'='<value>' } Get sslpolicy_lbvserver_binding data with a filter. .NOTES File Name : Invoke-ADCGetSslpolicylbvserverbinding Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslpolicy_lbvserver_binding/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(DefaultParameterSetName = "GetAll")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(ParameterSetName = 'GetByResource')] [ValidateScript({ $_.Length -gt 1 })] [string]$Name, [Parameter(ParameterSetName = 'Count', Mandatory)] [Switch]$Count, [hashtable]$Filter = @{ }, [Parameter(ParameterSetName = 'GetAll')] [Switch]$GetAll ) begin { Write-Verbose "Invoke-ADCGetSslpolicylbvserverbinding: Beginning" } process { try { if ( $PsCmdlet.ParameterSetName -eq 'GetAll' ) { $query = @{ bulkbindings = 'yes' } Write-Verbose "Retrieving all sslpolicy_lbvserver_binding objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslpolicy_lbvserver_binding -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'Count' ) { if ( $PSBoundParameters.ContainsKey('Count') ) { $query = @{ 'count' = 'yes' } } Write-Verbose "Retrieving total count for sslpolicy_lbvserver_binding objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslpolicy_lbvserver_binding -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByArgument' ) { Write-Verbose "Retrieving sslpolicy_lbvserver_binding objects by arguments" $arguments = @{ } $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslpolicy_lbvserver_binding -NitroPath nitro/v1/config -Arguments $arguments -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByResource' ) { Write-Verbose "Retrieving sslpolicy_lbvserver_binding configuration for property 'name'" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslpolicy_lbvserver_binding -NitroPath nitro/v1/config -Resource $name -Summary:$ViewSummary -Filter $Filter -GetWarning } else { Write-Verbose "Retrieving sslpolicy_lbvserver_binding configuration objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslpolicy_lbvserver_binding -NitroPath nitro/v1/config -Summary:$ViewSummary -Query $query -Filter $Filter -GetWarning } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" $response = $null } Write-Output $response } end { Write-Verbose "Invoke-ADCGetSslpolicylbvserverbinding: Ended" } } function Invoke-ADCGetSslpolicysslglobalbinding { <# .SYNOPSIS Get SSL configuration object(s). .DESCRIPTION Binding object showing the sslglobal that can be bound to sslpolicy. .PARAMETER Name Name of the SSL policy for which to display detailed information. .PARAMETER GetAll Retrieve all sslpolicy_sslglobal_binding object(s). .PARAMETER Count If specified, the count of the sslpolicy_sslglobal_binding object(s) will be returned. .PARAMETER Filter Specify a filter. -Filter @{ 'name'='<value>' } .PARAMETER ViewSummary When specified, only a summary of information is returned. .EXAMPLE PS C:\>Invoke-ADCGetSslpolicysslglobalbinding Get data. .EXAMPLE PS C:\>Invoke-ADCGetSslpolicysslglobalbinding -GetAll Get all sslpolicy_sslglobal_binding data. .EXAMPLE PS C:\>Invoke-ADCGetSslpolicysslglobalbinding -Count Get the number of sslpolicy_sslglobal_binding objects. .EXAMPLE PS C:\>Invoke-ADCGetSslpolicysslglobalbinding -name <string> Get sslpolicy_sslglobal_binding object by specifying for example the name. .EXAMPLE PS C:\>Invoke-ADCGetSslpolicysslglobalbinding -Filter @{ 'name'='<value>' } Get sslpolicy_sslglobal_binding data with a filter. .NOTES File Name : Invoke-ADCGetSslpolicysslglobalbinding Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslpolicy_sslglobal_binding/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(DefaultParameterSetName = "GetAll")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(ParameterSetName = 'GetByResource')] [ValidateScript({ $_.Length -gt 1 })] [string]$Name, [Parameter(ParameterSetName = 'Count', Mandatory)] [Switch]$Count, [hashtable]$Filter = @{ }, [Parameter(ParameterSetName = 'GetAll')] [Switch]$GetAll ) begin { Write-Verbose "Invoke-ADCGetSslpolicysslglobalbinding: Beginning" } process { try { if ( $PsCmdlet.ParameterSetName -eq 'GetAll' ) { $query = @{ bulkbindings = 'yes' } Write-Verbose "Retrieving all sslpolicy_sslglobal_binding objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslpolicy_sslglobal_binding -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'Count' ) { if ( $PSBoundParameters.ContainsKey('Count') ) { $query = @{ 'count' = 'yes' } } Write-Verbose "Retrieving total count for sslpolicy_sslglobal_binding objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslpolicy_sslglobal_binding -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByArgument' ) { Write-Verbose "Retrieving sslpolicy_sslglobal_binding objects by arguments" $arguments = @{ } $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslpolicy_sslglobal_binding -NitroPath nitro/v1/config -Arguments $arguments -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByResource' ) { Write-Verbose "Retrieving sslpolicy_sslglobal_binding configuration for property 'name'" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslpolicy_sslglobal_binding -NitroPath nitro/v1/config -Resource $name -Summary:$ViewSummary -Filter $Filter -GetWarning } else { Write-Verbose "Retrieving sslpolicy_sslglobal_binding configuration objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslpolicy_sslglobal_binding -NitroPath nitro/v1/config -Summary:$ViewSummary -Query $query -Filter $Filter -GetWarning } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" $response = $null } Write-Output $response } end { Write-Verbose "Invoke-ADCGetSslpolicysslglobalbinding: Ended" } } function Invoke-ADCGetSslpolicysslpolicylabelbinding { <# .SYNOPSIS Get SSL configuration object(s). .DESCRIPTION Binding object showing the sslpolicylabel that can be bound to sslpolicy. .PARAMETER Name Name of the SSL policy for which to display detailed information. .PARAMETER GetAll Retrieve all sslpolicy_sslpolicylabel_binding object(s). .PARAMETER Count If specified, the count of the sslpolicy_sslpolicylabel_binding object(s) will be returned. .PARAMETER Filter Specify a filter. -Filter @{ 'name'='<value>' } .PARAMETER ViewSummary When specified, only a summary of information is returned. .EXAMPLE PS C:\>Invoke-ADCGetSslpolicysslpolicylabelbinding Get data. .EXAMPLE PS C:\>Invoke-ADCGetSslpolicysslpolicylabelbinding -GetAll Get all sslpolicy_sslpolicylabel_binding data. .EXAMPLE PS C:\>Invoke-ADCGetSslpolicysslpolicylabelbinding -Count Get the number of sslpolicy_sslpolicylabel_binding objects. .EXAMPLE PS C:\>Invoke-ADCGetSslpolicysslpolicylabelbinding -name <string> Get sslpolicy_sslpolicylabel_binding object by specifying for example the name. .EXAMPLE PS C:\>Invoke-ADCGetSslpolicysslpolicylabelbinding -Filter @{ 'name'='<value>' } Get sslpolicy_sslpolicylabel_binding data with a filter. .NOTES File Name : Invoke-ADCGetSslpolicysslpolicylabelbinding Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslpolicy_sslpolicylabel_binding/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(DefaultParameterSetName = "GetAll")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(ParameterSetName = 'GetByResource')] [ValidateScript({ $_.Length -gt 1 })] [string]$Name, [Parameter(ParameterSetName = 'Count', Mandatory)] [Switch]$Count, [hashtable]$Filter = @{ }, [Parameter(ParameterSetName = 'GetAll')] [Switch]$GetAll ) begin { Write-Verbose "Invoke-ADCGetSslpolicysslpolicylabelbinding: Beginning" } process { try { if ( $PsCmdlet.ParameterSetName -eq 'GetAll' ) { $query = @{ bulkbindings = 'yes' } Write-Verbose "Retrieving all sslpolicy_sslpolicylabel_binding objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslpolicy_sslpolicylabel_binding -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'Count' ) { if ( $PSBoundParameters.ContainsKey('Count') ) { $query = @{ 'count' = 'yes' } } Write-Verbose "Retrieving total count for sslpolicy_sslpolicylabel_binding objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslpolicy_sslpolicylabel_binding -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByArgument' ) { Write-Verbose "Retrieving sslpolicy_sslpolicylabel_binding objects by arguments" $arguments = @{ } $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslpolicy_sslpolicylabel_binding -NitroPath nitro/v1/config -Arguments $arguments -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByResource' ) { Write-Verbose "Retrieving sslpolicy_sslpolicylabel_binding configuration for property 'name'" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslpolicy_sslpolicylabel_binding -NitroPath nitro/v1/config -Resource $name -Summary:$ViewSummary -Filter $Filter -GetWarning } else { Write-Verbose "Retrieving sslpolicy_sslpolicylabel_binding configuration objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslpolicy_sslpolicylabel_binding -NitroPath nitro/v1/config -Summary:$ViewSummary -Query $query -Filter $Filter -GetWarning } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" $response = $null } Write-Output $response } end { Write-Verbose "Invoke-ADCGetSslpolicysslpolicylabelbinding: Ended" } } function Invoke-ADCGetSslpolicysslservicebinding { <# .SYNOPSIS Get SSL configuration object(s). .DESCRIPTION Binding object showing the sslservice that can be bound to sslpolicy. .PARAMETER Name Name of the SSL policy for which to display detailed information. .PARAMETER GetAll Retrieve all sslpolicy_sslservice_binding object(s). .PARAMETER Count If specified, the count of the sslpolicy_sslservice_binding object(s) will be returned. .PARAMETER Filter Specify a filter. -Filter @{ 'name'='<value>' } .PARAMETER ViewSummary When specified, only a summary of information is returned. .EXAMPLE PS C:\>Invoke-ADCGetSslpolicysslservicebinding Get data. .EXAMPLE PS C:\>Invoke-ADCGetSslpolicysslservicebinding -GetAll Get all sslpolicy_sslservice_binding data. .EXAMPLE PS C:\>Invoke-ADCGetSslpolicysslservicebinding -Count Get the number of sslpolicy_sslservice_binding objects. .EXAMPLE PS C:\>Invoke-ADCGetSslpolicysslservicebinding -name <string> Get sslpolicy_sslservice_binding object by specifying for example the name. .EXAMPLE PS C:\>Invoke-ADCGetSslpolicysslservicebinding -Filter @{ 'name'='<value>' } Get sslpolicy_sslservice_binding data with a filter. .NOTES File Name : Invoke-ADCGetSslpolicysslservicebinding Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslpolicy_sslservice_binding/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(DefaultParameterSetName = "GetAll")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(ParameterSetName = 'GetByResource')] [ValidateScript({ $_.Length -gt 1 })] [string]$Name, [Parameter(ParameterSetName = 'Count', Mandatory)] [Switch]$Count, [hashtable]$Filter = @{ }, [Parameter(ParameterSetName = 'GetAll')] [Switch]$GetAll ) begin { Write-Verbose "Invoke-ADCGetSslpolicysslservicebinding: Beginning" } process { try { if ( $PsCmdlet.ParameterSetName -eq 'GetAll' ) { $query = @{ bulkbindings = 'yes' } Write-Verbose "Retrieving all sslpolicy_sslservice_binding objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslpolicy_sslservice_binding -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'Count' ) { if ( $PSBoundParameters.ContainsKey('Count') ) { $query = @{ 'count' = 'yes' } } Write-Verbose "Retrieving total count for sslpolicy_sslservice_binding objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslpolicy_sslservice_binding -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByArgument' ) { Write-Verbose "Retrieving sslpolicy_sslservice_binding objects by arguments" $arguments = @{ } $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslpolicy_sslservice_binding -NitroPath nitro/v1/config -Arguments $arguments -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByResource' ) { Write-Verbose "Retrieving sslpolicy_sslservice_binding configuration for property 'name'" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslpolicy_sslservice_binding -NitroPath nitro/v1/config -Resource $name -Summary:$ViewSummary -Filter $Filter -GetWarning } else { Write-Verbose "Retrieving sslpolicy_sslservice_binding configuration objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslpolicy_sslservice_binding -NitroPath nitro/v1/config -Summary:$ViewSummary -Query $query -Filter $Filter -GetWarning } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" $response = $null } Write-Output $response } end { Write-Verbose "Invoke-ADCGetSslpolicysslservicebinding: Ended" } } function Invoke-ADCGetSslpolicysslvserverbinding { <# .SYNOPSIS Get SSL configuration object(s). .DESCRIPTION Binding object showing the sslvserver that can be bound to sslpolicy. .PARAMETER Name Name of the SSL policy for which to display detailed information. .PARAMETER GetAll Retrieve all sslpolicy_sslvserver_binding object(s). .PARAMETER Count If specified, the count of the sslpolicy_sslvserver_binding object(s) will be returned. .PARAMETER Filter Specify a filter. -Filter @{ 'name'='<value>' } .PARAMETER ViewSummary When specified, only a summary of information is returned. .EXAMPLE PS C:\>Invoke-ADCGetSslpolicysslvserverbinding Get data. .EXAMPLE PS C:\>Invoke-ADCGetSslpolicysslvserverbinding -GetAll Get all sslpolicy_sslvserver_binding data. .EXAMPLE PS C:\>Invoke-ADCGetSslpolicysslvserverbinding -Count Get the number of sslpolicy_sslvserver_binding objects. .EXAMPLE PS C:\>Invoke-ADCGetSslpolicysslvserverbinding -name <string> Get sslpolicy_sslvserver_binding object by specifying for example the name. .EXAMPLE PS C:\>Invoke-ADCGetSslpolicysslvserverbinding -Filter @{ 'name'='<value>' } Get sslpolicy_sslvserver_binding data with a filter. .NOTES File Name : Invoke-ADCGetSslpolicysslvserverbinding Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslpolicy_sslvserver_binding/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(DefaultParameterSetName = "GetAll")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(ParameterSetName = 'GetByResource')] [ValidateScript({ $_.Length -gt 1 })] [string]$Name, [Parameter(ParameterSetName = 'Count', Mandatory)] [Switch]$Count, [hashtable]$Filter = @{ }, [Parameter(ParameterSetName = 'GetAll')] [Switch]$GetAll ) begin { Write-Verbose "Invoke-ADCGetSslpolicysslvserverbinding: Beginning" } process { try { if ( $PsCmdlet.ParameterSetName -eq 'GetAll' ) { $query = @{ bulkbindings = 'yes' } Write-Verbose "Retrieving all sslpolicy_sslvserver_binding objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslpolicy_sslvserver_binding -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'Count' ) { if ( $PSBoundParameters.ContainsKey('Count') ) { $query = @{ 'count' = 'yes' } } Write-Verbose "Retrieving total count for sslpolicy_sslvserver_binding objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslpolicy_sslvserver_binding -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByArgument' ) { Write-Verbose "Retrieving sslpolicy_sslvserver_binding objects by arguments" $arguments = @{ } $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslpolicy_sslvserver_binding -NitroPath nitro/v1/config -Arguments $arguments -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByResource' ) { Write-Verbose "Retrieving sslpolicy_sslvserver_binding configuration for property 'name'" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslpolicy_sslvserver_binding -NitroPath nitro/v1/config -Resource $name -Summary:$ViewSummary -Filter $Filter -GetWarning } else { Write-Verbose "Retrieving sslpolicy_sslvserver_binding configuration objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslpolicy_sslvserver_binding -NitroPath nitro/v1/config -Summary:$ViewSummary -Query $query -Filter $Filter -GetWarning } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" $response = $null } Write-Output $response } end { Write-Verbose "Invoke-ADCGetSslpolicysslvserverbinding: Ended" } } function Invoke-ADCAddSslprofile { <# .SYNOPSIS Add SSL configuration Object. .DESCRIPTION Configuration for SSL profile resource. .PARAMETER Name Name for the SSL profile. Must begin with an ASCII alphanumeric or underscore (_) character, and must contain only ASCII alphanumeric, underscore, hash (#), period (.), space, colon (:), at (@), equals (=), and hyphen (-) characters. Cannot be changed after the profile is created. .PARAMETER Sslprofiletype Type of profile. Front end profiles apply to the entity that receives requests from a client. Backend profiles apply to the entity that sends client requests to a server. Possible values = BackEnd, FrontEnd, QUIC-FrontEnd .PARAMETER Ssllogprofile The name of the ssllogprofile. .PARAMETER Dhcount Number of interactions, between the client and the Citrix ADC, after which the DH private-public pair is regenerated. A value of zero (0) specifies refresh every time. This parameter is not applicable when configuring a backend profile. Allowed DH count values are 0 and >= 500. .PARAMETER Dh State of Diffie-Hellman (DH) key exchange. This parameter is not applicable when configuring a backend profile. Possible values = ENABLED, DISABLED .PARAMETER Dhfile The file name and path for the DH parameter. .PARAMETER Ersa State of Ephemeral RSA (eRSA) key exchange. Ephemeral RSA allows clients that support only export ciphers to communicate with the secure server even if the server certificate does not support export clients. The ephemeral RSA key is automatically generated when you bind an export cipher to an SSL or TCP-based SSL virtual server or service. When you remove the export cipher, the eRSA key is not deleted. It is reused at a later date when another export cipher is bound to an SSL or TCP-based SSL virtual server or service. The eRSA key is deleted when the appliance restarts. This parameter is not applicable when configuring a backend profile. Possible values = ENABLED, DISABLED .PARAMETER Ersacount The refresh count for the re-generation of RSA public-key and private-key pair. .PARAMETER Sessreuse State of session reuse. Establishing the initial handshake requires CPU-intensive public key encryption operations. With the ENABLED setting, session key exchange is avoided for session resumption requests received from the client. Possible values = ENABLED, DISABLED .PARAMETER Sesstimeout The Session timeout value in seconds. .PARAMETER Cipherredirect State of Cipher Redirect. If this parameter is set to ENABLED, you can configure an SSL virtual server or service to display meaningful error messages if the SSL handshake fails because of a cipher mismatch between the virtual server or service and the client. This parameter is not applicable when configuring a backend profile. Possible values = ENABLED, DISABLED .PARAMETER Cipherurl The redirect URL to be used with the Cipher Redirect feature. .PARAMETER Clientauth State of client authentication. In service-based SSL offload, the service terminates the SSL handshake if the SSL client does not provide a valid certificate. This parameter is not applicable when configuring a backend profile. Possible values = ENABLED, DISABLED .PARAMETER Clientcert The rule for client certificate requirement in client authentication. Possible values = Mandatory, Optional .PARAMETER Dhkeyexpsizelimit This option enables the use of NIST recommended (NIST Special Publication 800-56A) bit size for private-key size. For example, for DH params of size 2048bit, the private-key size recommended is 224bits. This is rounded-up to 256bits. Possible values = ENABLED, DISABLED .PARAMETER Sslredirect State of HTTPS redirects for the SSL service. For an SSL session, if the client browser receives a redirect message, the browser tries to connect to the new location. However, the secure SSL session breaks if the object has moved from a secure site (https://) to an unsecure site (http://). Typically, a warning message appears on the screen, prompting the user to continue or disconnect. If SSL Redirect is ENABLED, the redirect message is automatically converted from http:// to https:// and the SSL session does not break. This parameter is not applicable when configuring a backend profile. Possible values = ENABLED, DISABLED .PARAMETER Redirectportrewrite State of the port rewrite while performing HTTPS redirect. If this parameter is set to ENABLED, and the URL from the server does not contain the standard port, the port is rewritten to the standard. Possible values = ENABLED, DISABLED .PARAMETER Ssl3 State of SSLv3 protocol support for the SSL profile. Note: On platforms with SSL acceleration chips, if the SSL chip does not support SSLv3, this parameter cannot be set to ENABLED. Possible values = ENABLED, DISABLED .PARAMETER Tls1 State of TLSv1.0 protocol support for the SSL profile. Possible values = ENABLED, DISABLED .PARAMETER Tls11 State of TLSv1.1 protocol support for the SSL profile. Possible values = ENABLED, DISABLED .PARAMETER Tls12 State of TLSv1.2 protocol support for the SSL profile. Possible values = ENABLED, DISABLED .PARAMETER Tls13 State of TLSv1.3 protocol support for the SSL profile. Possible values = ENABLED, DISABLED .PARAMETER Snienable State of the Server Name Indication (SNI) feature on the virtual server and service-based offload. SNI helps to enable SSL encryption on multiple domains on a single virtual server or service if the domains are controlled by the same organization and share the same second-level domain name. For example, *.sports.net can be used to secure domains such as login.sports.net and help.sports.net. Possible values = ENABLED, DISABLED .PARAMETER Ocspstapling State of OCSP stapling support on the SSL virtual server. Supported only if the protocol used is higher than SSLv3. Possible values: ENABLED: The appliance sends a request to the OCSP responder to check the status of the server certificate and caches the response for the specified time. If the response is valid at the time of SSL handshake with the client, the OCSP-based server certificate status is sent to the client during the handshake. DISABLED: The appliance does not check the status of the server certificate. . Possible values = ENABLED, DISABLED .PARAMETER Serverauth State of server authentication support for the SSL Backend profile. Possible values = ENABLED, DISABLED .PARAMETER Commonname Name to be checked against the CommonName (CN) field in the server certificate bound to the SSL server. .PARAMETER Pushenctrigger Trigger encryption on the basis of the PUSH flag value. Available settings function as follows: * ALWAYS - Any PUSH packet triggers encryption. * IGNORE - Ignore PUSH packet for triggering encryption. * MERGE - For a consecutive sequence of PUSH packets, the last PUSH packet triggers encryption. * TIMER - PUSH packet triggering encryption is delayed by the time defined in the set ssl parameter command or in the Change Advanced SSL Settings dialog box. Possible values = Always, Merge, Ignore, Timer .PARAMETER Sendclosenotify Enable sending SSL Close-Notify at the end of a transaction. Possible values = YES, NO .PARAMETER Cleartextport Port on which clear-text data is sent by the appliance to the server. Do not specify this parameter for SSL offloading with end-to-end encryption. * in CLI is represented as 65535 in NITRO API .PARAMETER Insertionencoding Encoding method used to insert the subject or issuer's name in HTTP requests to servers. Possible values = Unicode, UTF-8 .PARAMETER Denysslreneg Deny renegotiation in specified circumstances. Available settings function as follows: * NO - Allow SSL renegotiation. * FRONTEND_CLIENT - Deny secure and nonsecure SSL renegotiation initiated by the client. * FRONTEND_CLIENTSERVER - Deny secure and nonsecure SSL renegotiation initiated by the client or the Citrix ADC during policy-based client authentication. * ALL - Deny all secure and nonsecure SSL renegotiation. * NONSECURE - Deny nonsecure SSL renegotiation. Allows only clients that support RFC 5746. Possible values = NO, FRONTEND_CLIENT, FRONTEND_CLIENTSERVER, ALL, NONSECURE .PARAMETER Quantumsize Amount of data to collect before the data is pushed to the crypto hardware for encryption. For large downloads, a larger quantum size better utilizes the crypto resources. Possible values = 4096, 8192, 16384 .PARAMETER Strictcachecks Enable strict CA certificate checks on the appliance. Possible values = YES, NO .PARAMETER Encrypttriggerpktcount Maximum number of queued packets after which encryption is triggered. Use this setting for SSL transactions that send small packets from server to Citrix ADC. .PARAMETER Pushflag Insert PUSH flag into decrypted, encrypted, or all records. If the PUSH flag is set to a value other than 0, the buffered records are forwarded on the basis of the value of the PUSH flag. Available settings function as follows: 0 - Auto (PUSH flag is not set.) 1 - Insert PUSH flag into every decrypted record. 2 -Insert PUSH flag into every encrypted record. 3 - Insert PUSH flag into every decrypted and encrypted record. .PARAMETER Dropreqwithnohostheader Host header check for SNI enabled sessions. If this check is enabled and the HTTP request does not contain the host header for SNI enabled sessions(i.e vserver or profile bound to vserver has SNI enabled and 'Client Hello' arrived with SNI extension), the request is dropped. Possible values = YES, NO .PARAMETER Snihttphostmatch Controls how the HTTP 'Host' header value is validated. These checks are performed only if the session is SNI enabled (i.e when vserver or profile bound to vserver has SNI enabled and 'Client Hello' arrived with SNI extension) and HTTP request contains 'Host' header. Available settings function as follows: CERT - Request is forwarded if the 'Host' value is covered by the certificate used to establish this SSL session. Note: 'CERT' matching mode cannot be applied in TLS 1.3 connections established by resuming from a previous TLS 1.3 session. On these connections, 'STRICT' matching mode will be used instead. STRICT - Request is forwarded only if value of 'Host' header in HTTP is identical to the 'Server name' value passed in 'Client Hello' of the SSL connection. NO - No validation is performed on the HTTP 'Host' header value. Possible values = NO, CERT, STRICT .PARAMETER Pushenctriggertimeout PUSH encryption trigger timeout value. The timeout value is applied only if you set the Push Encryption Trigger parameter to Timer in the SSL virtual server settings. .PARAMETER Ssltriggertimeout Time, in milliseconds, after which encryption is triggered for transactions that are not tracked on the Citrix ADC because their length is not known. There can be a delay of up to 10ms from the specified timeout value before the packet is pushed into the queue. .PARAMETER Clientauthuseboundcachain Certficates bound on the VIP are used for validating the client cert. Certficates came along with client cert are not used for validating the client cert. Possible values = ENABLED, DISABLED .PARAMETER Sslinterception Enable or disable transparent interception of SSL sessions. Possible values = ENABLED, DISABLED .PARAMETER Sslireneg Enable or disable triggering the client renegotiation when renegotiation request is received from the origin server. Possible values = ENABLED, DISABLED .PARAMETER Ssliocspcheck Enable or disable OCSP check for origin server certificate. Possible values = ENABLED, DISABLED .PARAMETER Sslimaxsessperserver Maximum ssl session to be cached per dynamic origin server. A unique ssl session is created for each SNI received from the client on ClientHello and the matching session is used for server session reuse. .PARAMETER Sessionticket This option enables the use of session tickets, as per the RFC 5077. Possible values = ENABLED, DISABLED .PARAMETER Sessionticketlifetime This option sets the life time of session tickets issued by NS in secs. .PARAMETER Sessionticketkeyrefresh This option enables the use of session tickets, as per the RFC 5077. Possible values = ENABLED, DISABLED .PARAMETER Sessionticketkeydata Session ticket enc/dec key, admin can set it. .PARAMETER Sessionkeylifetime This option sets the life time of symm key used to generate session tickets issued by NS in secs. .PARAMETER Prevsessionkeylifetime This option sets the life time of symm key used to generate session tickets issued by NS in secs. .PARAMETER Hsts State of HSTS protocol support for the SSL profile. Using HSTS, a server can enforce the use of an HTTPS connection for all communication with a client. Possible values = ENABLED, DISABLED .PARAMETER Maxage Set the maximum time, in seconds, in the strict transport security (STS) header during which the client must send only HTTPS requests to the server. .PARAMETER Includesubdomains Enable HSTS for subdomains. If set to Yes, a client must send only HTTPS requests for subdomains. Possible values = YES, NO .PARAMETER Preload Flag indicates the consent of the site owner to have their domain preloaded. Possible values = YES, NO .PARAMETER Skipclientcertpolicycheck This flag controls the processing of X509 certificate policies. If this option is Enabled, then the policy check in Client authentication will be skipped. This option can be used only when Client Authentication is Enabled and ClientCert is set to Mandatory. Possible values = ENABLED, DISABLED .PARAMETER Zerorttearlydata State of TLS 1.3 0-RTT early data support for the SSL Virtual Server. This setting only has an effect if resumption is enabled, as early data cannot be sent along with an initial handshake. Early application data has significantly different security properties - in particular there is no guarantee that the data cannot be replayed. Possible values = ENABLED, DISABLED .PARAMETER Tls13sessionticketsperauthcontext Number of tickets the SSL Virtual Server will issue anytime TLS 1.3 is negotiated, ticket-based resumption is enabled, and either (1) a handshake completes or (2) post-handhsake client auth completes. This value can be increased to enable clients to open multiple parallel connections using a fresh ticket for each connection. No tickets are sent if resumption is disabled. .PARAMETER Dhekeyexchangewithpsk Whether or not the SSL Virtual Server will require a DHE key exchange to occur when a PSK is accepted during a TLS 1.3 resumption handshake. A DHE key exchange ensures forward secrecy even in the event that ticket keys are compromised, at the expense of an additional round trip and resources required to carry out the DHE key exchange. If disabled, a DHE key exchange will be performed when a PSK is accepted but only if requested by the client. If enabled, the server will require a DHE key exchange when a PSK is accepted regardless of whether the client supports combined PSK-DHE key exchange. This setting only has an effect when resumption is enabled. Possible values = YES, NO .PARAMETER Allowextendedmastersecret When set to YES, attempt to use the TLS Extended Master Secret (EMS, as described in RFC 7627) when negotiating TLS 1.0, TLS 1.1 and TLS 1.2 connection parameters. EMS must be supported by both the TLS client and server in order to be enabled during a handshake. This setting applies to both frontend and backend SSL profiles. Possible values = YES, NO .PARAMETER Alpnprotocol Application protocol supported by the server and used in negotiation of the protocol with the client. Possible values are HTTP1.1, HTTP2 and NONE. Default value is NONE which implies application protocol is not enabled hence remain unknown to the TLS layer. This parameter is relevant only if SSL connection is handled by the virtual server of the type SSL_TCP. Possible values = NONE, HTTP1.1, HTTP2 .PARAMETER PassThru Return details about the created sslprofile item. .EXAMPLE PS C:\>Invoke-ADCAddSslprofile -name <string> An example how to add sslprofile configuration Object(s). .NOTES File Name : Invoke-ADCAddSslprofile Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslprofile/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(Mandatory)] [ValidatePattern('^(([a-zA-Z0-9]|[_])+([a-zA-Z0-9]|[_])+)$')] [ValidateLength(1, 127)] [string]$Name, [ValidateSet('BackEnd', 'FrontEnd', 'QUIC-FrontEnd')] [string]$Sslprofiletype = 'FrontEnd', [ValidateLength(1, 127)] [string]$Ssllogprofile, [ValidateRange(0, 65534)] [double]$Dhcount, [ValidateSet('ENABLED', 'DISABLED')] [string]$Dh = 'DISABLED', [ValidateScript({ $_.Length -gt 1 })] [string]$Dhfile, [ValidateSet('ENABLED', 'DISABLED')] [string]$Ersa = 'ENABLED', [ValidateRange(0, 65534)] [double]$Ersacount, [ValidateSet('ENABLED', 'DISABLED')] [string]$Sessreuse = 'ENABLED', [ValidateRange(0, 4294967294)] [double]$Sesstimeout, [ValidateSet('ENABLED', 'DISABLED')] [string]$Cipherredirect = 'DISABLED', [string]$Cipherurl, [ValidateSet('ENABLED', 'DISABLED')] [string]$Clientauth = 'DISABLED', [ValidateSet('Mandatory', 'Optional')] [string]$Clientcert, [ValidateSet('ENABLED', 'DISABLED')] [string]$Dhkeyexpsizelimit = 'DISABLED', [ValidateSet('ENABLED', 'DISABLED')] [string]$Sslredirect = 'DISABLED', [ValidateSet('ENABLED', 'DISABLED')] [string]$Redirectportrewrite = 'DISABLED', [ValidateSet('ENABLED', 'DISABLED')] [string]$Ssl3 = 'DISABLED', [ValidateSet('ENABLED', 'DISABLED')] [string]$Tls1 = 'ENABLED', [ValidateSet('ENABLED', 'DISABLED')] [string]$Tls11 = 'ENABLED', [ValidateSet('ENABLED', 'DISABLED')] [string]$Tls12 = 'ENABLED', [ValidateSet('ENABLED', 'DISABLED')] [string]$Tls13 = 'DISABLED', [ValidateSet('ENABLED', 'DISABLED')] [string]$Snienable = 'DISABLED', [ValidateSet('ENABLED', 'DISABLED')] [string]$Ocspstapling = 'DISABLED', [ValidateSet('ENABLED', 'DISABLED')] [string]$Serverauth = 'DISABLED', [ValidateScript({ $_.Length -gt 1 })] [string]$Commonname, [ValidateSet('Always', 'Merge', 'Ignore', 'Timer')] [string]$Pushenctrigger, [ValidateSet('YES', 'NO')] [string]$Sendclosenotify = 'YES', [ValidateRange(1, 65535)] [int]$Cleartextport, [ValidateSet('Unicode', 'UTF-8')] [string]$Insertionencoding = 'Unicode', [ValidateSet('NO', 'FRONTEND_CLIENT', 'FRONTEND_CLIENTSERVER', 'ALL', 'NONSECURE')] [string]$Denysslreneg = 'ALL', [ValidateSet('4096', '8192', '16384')] [string]$Quantumsize = '8192', [ValidateSet('YES', 'NO')] [string]$Strictcachecks = 'NO', [ValidateRange(10, 50)] [double]$Encrypttriggerpktcount = '45', [ValidateRange(0, 3)] [double]$Pushflag, [ValidateSet('YES', 'NO')] [string]$Dropreqwithnohostheader = 'NO', [ValidateSet('NO', 'CERT', 'STRICT')] [string]$Snihttphostmatch = 'CERT', [ValidateRange(1, 200)] [double]$Pushenctriggertimeout = '1', [ValidateRange(1, 200)] [double]$Ssltriggertimeout = '100', [ValidateSet('ENABLED', 'DISABLED')] [string]$Clientauthuseboundcachain = 'DISABLED', [ValidateSet('ENABLED', 'DISABLED')] [string]$Sslinterception = 'DISABLED', [ValidateSet('ENABLED', 'DISABLED')] [string]$Sslireneg = 'ENABLED', [ValidateSet('ENABLED', 'DISABLED')] [string]$Ssliocspcheck = 'ENABLED', [ValidateRange(1, 1000)] [double]$Sslimaxsessperserver = '10', [ValidateSet('ENABLED', 'DISABLED')] [string]$Sessionticket = 'DISABLED', [ValidateRange(0, 172800)] [double]$Sessionticketlifetime = '300', [ValidateSet('ENABLED', 'DISABLED')] [string]$Sessionticketkeyrefresh = 'ENABLED', [string]$Sessionticketkeydata, [ValidateRange(600, 86400)] [double]$Sessionkeylifetime = '3000', [ValidateRange(0, 172800)] [double]$Prevsessionkeylifetime = '0', [ValidateSet('ENABLED', 'DISABLED')] [string]$Hsts = 'DISABLED', [ValidateRange(0, 4294967294)] [double]$Maxage = '0', [ValidateSet('YES', 'NO')] [string]$Includesubdomains = 'NO', [ValidateSet('YES', 'NO')] [string]$Preload = 'NO', [ValidateSet('ENABLED', 'DISABLED')] [string]$Skipclientcertpolicycheck = 'DISABLED', [ValidateSet('ENABLED', 'DISABLED')] [string]$Zerorttearlydata = 'DISABLED', [ValidateRange(1, 10)] [double]$Tls13sessionticketsperauthcontext = '1', [ValidateSet('YES', 'NO')] [string]$Dhekeyexchangewithpsk = 'NO', [ValidateSet('YES', 'NO')] [string]$Allowextendedmastersecret = 'NO', [ValidateSet('NONE', 'HTTP1.1', 'HTTP2')] [string]$Alpnprotocol = 'NONE', [Switch]$PassThru ) begin { Write-Verbose "Invoke-ADCAddSslprofile: Starting" } process { try { $payload = @{ name = $name } if ( $PSBoundParameters.ContainsKey('sslprofiletype') ) { $payload.Add('sslprofiletype', $sslprofiletype) } if ( $PSBoundParameters.ContainsKey('ssllogprofile') ) { $payload.Add('ssllogprofile', $ssllogprofile) } if ( $PSBoundParameters.ContainsKey('dhcount') ) { $payload.Add('dhcount', $dhcount) } if ( $PSBoundParameters.ContainsKey('dh') ) { $payload.Add('dh', $dh) } if ( $PSBoundParameters.ContainsKey('dhfile') ) { $payload.Add('dhfile', $dhfile) } if ( $PSBoundParameters.ContainsKey('ersa') ) { $payload.Add('ersa', $ersa) } if ( $PSBoundParameters.ContainsKey('ersacount') ) { $payload.Add('ersacount', $ersacount) } if ( $PSBoundParameters.ContainsKey('sessreuse') ) { $payload.Add('sessreuse', $sessreuse) } if ( $PSBoundParameters.ContainsKey('sesstimeout') ) { $payload.Add('sesstimeout', $sesstimeout) } if ( $PSBoundParameters.ContainsKey('cipherredirect') ) { $payload.Add('cipherredirect', $cipherredirect) } if ( $PSBoundParameters.ContainsKey('cipherurl') ) { $payload.Add('cipherurl', $cipherurl) } if ( $PSBoundParameters.ContainsKey('clientauth') ) { $payload.Add('clientauth', $clientauth) } if ( $PSBoundParameters.ContainsKey('clientcert') ) { $payload.Add('clientcert', $clientcert) } if ( $PSBoundParameters.ContainsKey('dhkeyexpsizelimit') ) { $payload.Add('dhkeyexpsizelimit', $dhkeyexpsizelimit) } if ( $PSBoundParameters.ContainsKey('sslredirect') ) { $payload.Add('sslredirect', $sslredirect) } if ( $PSBoundParameters.ContainsKey('redirectportrewrite') ) { $payload.Add('redirectportrewrite', $redirectportrewrite) } if ( $PSBoundParameters.ContainsKey('ssl3') ) { $payload.Add('ssl3', $ssl3) } if ( $PSBoundParameters.ContainsKey('tls1') ) { $payload.Add('tls1', $tls1) } if ( $PSBoundParameters.ContainsKey('tls11') ) { $payload.Add('tls11', $tls11) } if ( $PSBoundParameters.ContainsKey('tls12') ) { $payload.Add('tls12', $tls12) } if ( $PSBoundParameters.ContainsKey('tls13') ) { $payload.Add('tls13', $tls13) } if ( $PSBoundParameters.ContainsKey('snienable') ) { $payload.Add('snienable', $snienable) } if ( $PSBoundParameters.ContainsKey('ocspstapling') ) { $payload.Add('ocspstapling', $ocspstapling) } if ( $PSBoundParameters.ContainsKey('serverauth') ) { $payload.Add('serverauth', $serverauth) } if ( $PSBoundParameters.ContainsKey('commonname') ) { $payload.Add('commonname', $commonname) } if ( $PSBoundParameters.ContainsKey('pushenctrigger') ) { $payload.Add('pushenctrigger', $pushenctrigger) } if ( $PSBoundParameters.ContainsKey('sendclosenotify') ) { $payload.Add('sendclosenotify', $sendclosenotify) } if ( $PSBoundParameters.ContainsKey('cleartextport') ) { $payload.Add('cleartextport', $cleartextport) } if ( $PSBoundParameters.ContainsKey('insertionencoding') ) { $payload.Add('insertionencoding', $insertionencoding) } if ( $PSBoundParameters.ContainsKey('denysslreneg') ) { $payload.Add('denysslreneg', $denysslreneg) } if ( $PSBoundParameters.ContainsKey('quantumsize') ) { $payload.Add('quantumsize', $quantumsize) } if ( $PSBoundParameters.ContainsKey('strictcachecks') ) { $payload.Add('strictcachecks', $strictcachecks) } if ( $PSBoundParameters.ContainsKey('encrypttriggerpktcount') ) { $payload.Add('encrypttriggerpktcount', $encrypttriggerpktcount) } if ( $PSBoundParameters.ContainsKey('pushflag') ) { $payload.Add('pushflag', $pushflag) } if ( $PSBoundParameters.ContainsKey('dropreqwithnohostheader') ) { $payload.Add('dropreqwithnohostheader', $dropreqwithnohostheader) } if ( $PSBoundParameters.ContainsKey('snihttphostmatch') ) { $payload.Add('snihttphostmatch', $snihttphostmatch) } if ( $PSBoundParameters.ContainsKey('pushenctriggertimeout') ) { $payload.Add('pushenctriggertimeout', $pushenctriggertimeout) } if ( $PSBoundParameters.ContainsKey('ssltriggertimeout') ) { $payload.Add('ssltriggertimeout', $ssltriggertimeout) } if ( $PSBoundParameters.ContainsKey('clientauthuseboundcachain') ) { $payload.Add('clientauthuseboundcachain', $clientauthuseboundcachain) } if ( $PSBoundParameters.ContainsKey('sslinterception') ) { $payload.Add('sslinterception', $sslinterception) } if ( $PSBoundParameters.ContainsKey('sslireneg') ) { $payload.Add('sslireneg', $sslireneg) } if ( $PSBoundParameters.ContainsKey('ssliocspcheck') ) { $payload.Add('ssliocspcheck', $ssliocspcheck) } if ( $PSBoundParameters.ContainsKey('sslimaxsessperserver') ) { $payload.Add('sslimaxsessperserver', $sslimaxsessperserver) } if ( $PSBoundParameters.ContainsKey('sessionticket') ) { $payload.Add('sessionticket', $sessionticket) } if ( $PSBoundParameters.ContainsKey('sessionticketlifetime') ) { $payload.Add('sessionticketlifetime', $sessionticketlifetime) } if ( $PSBoundParameters.ContainsKey('sessionticketkeyrefresh') ) { $payload.Add('sessionticketkeyrefresh', $sessionticketkeyrefresh) } if ( $PSBoundParameters.ContainsKey('sessionticketkeydata') ) { $payload.Add('sessionticketkeydata', $sessionticketkeydata) } if ( $PSBoundParameters.ContainsKey('sessionkeylifetime') ) { $payload.Add('sessionkeylifetime', $sessionkeylifetime) } if ( $PSBoundParameters.ContainsKey('prevsessionkeylifetime') ) { $payload.Add('prevsessionkeylifetime', $prevsessionkeylifetime) } if ( $PSBoundParameters.ContainsKey('hsts') ) { $payload.Add('hsts', $hsts) } if ( $PSBoundParameters.ContainsKey('maxage') ) { $payload.Add('maxage', $maxage) } if ( $PSBoundParameters.ContainsKey('includesubdomains') ) { $payload.Add('includesubdomains', $includesubdomains) } if ( $PSBoundParameters.ContainsKey('preload') ) { $payload.Add('preload', $preload) } if ( $PSBoundParameters.ContainsKey('skipclientcertpolicycheck') ) { $payload.Add('skipclientcertpolicycheck', $skipclientcertpolicycheck) } if ( $PSBoundParameters.ContainsKey('zerorttearlydata') ) { $payload.Add('zerorttearlydata', $zerorttearlydata) } if ( $PSBoundParameters.ContainsKey('tls13sessionticketsperauthcontext') ) { $payload.Add('tls13sessionticketsperauthcontext', $tls13sessionticketsperauthcontext) } if ( $PSBoundParameters.ContainsKey('dhekeyexchangewithpsk') ) { $payload.Add('dhekeyexchangewithpsk', $dhekeyexchangewithpsk) } if ( $PSBoundParameters.ContainsKey('allowextendedmastersecret') ) { $payload.Add('allowextendedmastersecret', $allowextendedmastersecret) } if ( $PSBoundParameters.ContainsKey('alpnprotocol') ) { $payload.Add('alpnprotocol', $alpnprotocol) } if ( $PSCmdlet.ShouldProcess("sslprofile", "Add SSL configuration Object") ) { $result = Invoke-ADCNitroApi -ADCSession $ADCSession -Method POST -NitroPath nitro/v1/config -Type sslprofile -Payload $payload -GetWarning #HTTP Status Code on Success: 201 Created #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error if ( $PSBoundParameters.ContainsKey('PassThru') ) { Write-Output (Invoke-ADCGetSslprofile -Filter $payload) } else { Write-Output $result } } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCAddSslprofile: Finished" } } function Invoke-ADCDeleteSslprofile { <# .SYNOPSIS Delete SSL configuration Object. .DESCRIPTION Configuration for SSL profile resource. .PARAMETER Name Name for the SSL profile. Must begin with an ASCII alphanumeric or underscore (_) character, and must contain only ASCII alphanumeric, underscore, hash (#), period (.), space, colon (:), at (@), equals (=), and hyphen (-) characters. Cannot be changed after the profile is created. .EXAMPLE PS C:\>Invoke-ADCDeleteSslprofile -Name <string> An example how to delete sslprofile configuration Object(s). .NOTES File Name : Invoke-ADCDeleteSslprofile Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslprofile/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(Mandatory)] [string]$Name ) begin { Write-Verbose "Invoke-ADCDeleteSslprofile: Starting" } process { try { $arguments = @{ } if ( $PSCmdlet.ShouldProcess("$name", "Delete SSL configuration Object") ) { $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method DELETE -Type sslprofile -NitroPath nitro/v1/config -Resource $name -Arguments $arguments #HTTP Status Code on Success: 200 OK #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error Write-Output $response } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCDeleteSslprofile: Finished" } } function Invoke-ADCUpdateSslprofile { <# .SYNOPSIS Update SSL configuration Object. .DESCRIPTION Configuration for SSL profile resource. .PARAMETER Name Name for the SSL profile. Must begin with an ASCII alphanumeric or underscore (_) character, and must contain only ASCII alphanumeric, underscore, hash (#), period (.), space, colon (:), at (@), equals (=), and hyphen (-) characters. Cannot be changed after the profile is created. .PARAMETER Ssllogprofile The name of the ssllogprofile. .PARAMETER Dh State of Diffie-Hellman (DH) key exchange. This parameter is not applicable when configuring a backend profile. Possible values = ENABLED, DISABLED .PARAMETER Dhfile The file name and path for the DH parameter. .PARAMETER Dhcount Number of interactions, between the client and the Citrix ADC, after which the DH private-public pair is regenerated. A value of zero (0) specifies refresh every time. This parameter is not applicable when configuring a backend profile. Allowed DH count values are 0 and >= 500. .PARAMETER Dhkeyexpsizelimit This option enables the use of NIST recommended (NIST Special Publication 800-56A) bit size for private-key size. For example, for DH params of size 2048bit, the private-key size recommended is 224bits. This is rounded-up to 256bits. Possible values = ENABLED, DISABLED .PARAMETER Ersa State of Ephemeral RSA (eRSA) key exchange. Ephemeral RSA allows clients that support only export ciphers to communicate with the secure server even if the server certificate does not support export clients. The ephemeral RSA key is automatically generated when you bind an export cipher to an SSL or TCP-based SSL virtual server or service. When you remove the export cipher, the eRSA key is not deleted. It is reused at a later date when another export cipher is bound to an SSL or TCP-based SSL virtual server or service. The eRSA key is deleted when the appliance restarts. This parameter is not applicable when configuring a backend profile. Possible values = ENABLED, DISABLED .PARAMETER Ersacount The refresh count for the re-generation of RSA public-key and private-key pair. .PARAMETER Sessreuse State of session reuse. Establishing the initial handshake requires CPU-intensive public key encryption operations. With the ENABLED setting, session key exchange is avoided for session resumption requests received from the client. Possible values = ENABLED, DISABLED .PARAMETER Sesstimeout The Session timeout value in seconds. .PARAMETER Cipherredirect State of Cipher Redirect. If this parameter is set to ENABLED, you can configure an SSL virtual server or service to display meaningful error messages if the SSL handshake fails because of a cipher mismatch between the virtual server or service and the client. This parameter is not applicable when configuring a backend profile. Possible values = ENABLED, DISABLED .PARAMETER Cipherurl The redirect URL to be used with the Cipher Redirect feature. .PARAMETER Clientauth State of client authentication. In service-based SSL offload, the service terminates the SSL handshake if the SSL client does not provide a valid certificate. This parameter is not applicable when configuring a backend profile. Possible values = ENABLED, DISABLED .PARAMETER Clientcert The rule for client certificate requirement in client authentication. Possible values = Mandatory, Optional .PARAMETER Sslredirect State of HTTPS redirects for the SSL service. For an SSL session, if the client browser receives a redirect message, the browser tries to connect to the new location. However, the secure SSL session breaks if the object has moved from a secure site (https://) to an unsecure site (http://). Typically, a warning message appears on the screen, prompting the user to continue or disconnect. If SSL Redirect is ENABLED, the redirect message is automatically converted from http:// to https:// and the SSL session does not break. This parameter is not applicable when configuring a backend profile. Possible values = ENABLED, DISABLED .PARAMETER Redirectportrewrite State of the port rewrite while performing HTTPS redirect. If this parameter is set to ENABLED, and the URL from the server does not contain the standard port, the port is rewritten to the standard. Possible values = ENABLED, DISABLED .PARAMETER Ssl3 State of SSLv3 protocol support for the SSL profile. Note: On platforms with SSL acceleration chips, if the SSL chip does not support SSLv3, this parameter cannot be set to ENABLED. Possible values = ENABLED, DISABLED .PARAMETER Tls1 State of TLSv1.0 protocol support for the SSL profile. Possible values = ENABLED, DISABLED .PARAMETER Tls11 State of TLSv1.1 protocol support for the SSL profile. Possible values = ENABLED, DISABLED .PARAMETER Tls12 State of TLSv1.2 protocol support for the SSL profile. Possible values = ENABLED, DISABLED .PARAMETER Tls13 State of TLSv1.3 protocol support for the SSL profile. Possible values = ENABLED, DISABLED .PARAMETER Snienable State of the Server Name Indication (SNI) feature on the virtual server and service-based offload. SNI helps to enable SSL encryption on multiple domains on a single virtual server or service if the domains are controlled by the same organization and share the same second-level domain name. For example, *.sports.net can be used to secure domains such as login.sports.net and help.sports.net. Possible values = ENABLED, DISABLED .PARAMETER Ocspstapling State of OCSP stapling support on the SSL virtual server. Supported only if the protocol used is higher than SSLv3. Possible values: ENABLED: The appliance sends a request to the OCSP responder to check the status of the server certificate and caches the response for the specified time. If the response is valid at the time of SSL handshake with the client, the OCSP-based server certificate status is sent to the client during the handshake. DISABLED: The appliance does not check the status of the server certificate. . Possible values = ENABLED, DISABLED .PARAMETER Serverauth State of server authentication support for the SSL Backend profile. Possible values = ENABLED, DISABLED .PARAMETER Commonname Name to be checked against the CommonName (CN) field in the server certificate bound to the SSL server. .PARAMETER Pushenctrigger Trigger encryption on the basis of the PUSH flag value. Available settings function as follows: * ALWAYS - Any PUSH packet triggers encryption. * IGNORE - Ignore PUSH packet for triggering encryption. * MERGE - For a consecutive sequence of PUSH packets, the last PUSH packet triggers encryption. * TIMER - PUSH packet triggering encryption is delayed by the time defined in the set ssl parameter command or in the Change Advanced SSL Settings dialog box. Possible values = Always, Merge, Ignore, Timer .PARAMETER Sendclosenotify Enable sending SSL Close-Notify at the end of a transaction. Possible values = YES, NO .PARAMETER Cleartextport Port on which clear-text data is sent by the appliance to the server. Do not specify this parameter for SSL offloading with end-to-end encryption. * in CLI is represented as 65535 in NITRO API .PARAMETER Insertionencoding Encoding method used to insert the subject or issuer's name in HTTP requests to servers. Possible values = Unicode, UTF-8 .PARAMETER Denysslreneg Deny renegotiation in specified circumstances. Available settings function as follows: * NO - Allow SSL renegotiation. * FRONTEND_CLIENT - Deny secure and nonsecure SSL renegotiation initiated by the client. * FRONTEND_CLIENTSERVER - Deny secure and nonsecure SSL renegotiation initiated by the client or the Citrix ADC during policy-based client authentication. * ALL - Deny all secure and nonsecure SSL renegotiation. * NONSECURE - Deny nonsecure SSL renegotiation. Allows only clients that support RFC 5746. Possible values = NO, FRONTEND_CLIENT, FRONTEND_CLIENTSERVER, ALL, NONSECURE .PARAMETER Quantumsize Amount of data to collect before the data is pushed to the crypto hardware for encryption. For large downloads, a larger quantum size better utilizes the crypto resources. Possible values = 4096, 8192, 16384 .PARAMETER Strictcachecks Enable strict CA certificate checks on the appliance. Possible values = YES, NO .PARAMETER Encrypttriggerpktcount Maximum number of queued packets after which encryption is triggered. Use this setting for SSL transactions that send small packets from server to Citrix ADC. .PARAMETER Pushflag Insert PUSH flag into decrypted, encrypted, or all records. If the PUSH flag is set to a value other than 0, the buffered records are forwarded on the basis of the value of the PUSH flag. Available settings function as follows: 0 - Auto (PUSH flag is not set.) 1 - Insert PUSH flag into every decrypted record. 2 -Insert PUSH flag into every encrypted record. 3 - Insert PUSH flag into every decrypted and encrypted record. .PARAMETER Dropreqwithnohostheader Host header check for SNI enabled sessions. If this check is enabled and the HTTP request does not contain the host header for SNI enabled sessions(i.e vserver or profile bound to vserver has SNI enabled and 'Client Hello' arrived with SNI extension), the request is dropped. Possible values = YES, NO .PARAMETER Snihttphostmatch Controls how the HTTP 'Host' header value is validated. These checks are performed only if the session is SNI enabled (i.e when vserver or profile bound to vserver has SNI enabled and 'Client Hello' arrived with SNI extension) and HTTP request contains 'Host' header. Available settings function as follows: CERT - Request is forwarded if the 'Host' value is covered by the certificate used to establish this SSL session. Note: 'CERT' matching mode cannot be applied in TLS 1.3 connections established by resuming from a previous TLS 1.3 session. On these connections, 'STRICT' matching mode will be used instead. STRICT - Request is forwarded only if value of 'Host' header in HTTP is identical to the 'Server name' value passed in 'Client Hello' of the SSL connection. NO - No validation is performed on the HTTP 'Host' header value. Possible values = NO, CERT, STRICT .PARAMETER Pushenctriggertimeout PUSH encryption trigger timeout value. The timeout value is applied only if you set the Push Encryption Trigger parameter to Timer in the SSL virtual server settings. .PARAMETER Ssltriggertimeout Time, in milliseconds, after which encryption is triggered for transactions that are not tracked on the Citrix ADC because their length is not known. There can be a delay of up to 10ms from the specified timeout value before the packet is pushed into the queue. .PARAMETER Clientauthuseboundcachain Certficates bound on the VIP are used for validating the client cert. Certficates came along with client cert are not used for validating the client cert. Possible values = ENABLED, DISABLED .PARAMETER Sslinterception Enable or disable transparent interception of SSL sessions. Possible values = ENABLED, DISABLED .PARAMETER Sslireneg Enable or disable triggering the client renegotiation when renegotiation request is received from the origin server. Possible values = ENABLED, DISABLED .PARAMETER Ssliocspcheck Enable or disable OCSP check for origin server certificate. Possible values = ENABLED, DISABLED .PARAMETER Sslimaxsessperserver Maximum ssl session to be cached per dynamic origin server. A unique ssl session is created for each SNI received from the client on ClientHello and the matching session is used for server session reuse. .PARAMETER Hsts State of HSTS protocol support for the SSL profile. Using HSTS, a server can enforce the use of an HTTPS connection for all communication with a client. Possible values = ENABLED, DISABLED .PARAMETER Maxage Set the maximum time, in seconds, in the strict transport security (STS) header during which the client must send only HTTPS requests to the server. .PARAMETER Includesubdomains Enable HSTS for subdomains. If set to Yes, a client must send only HTTPS requests for subdomains. Possible values = YES, NO .PARAMETER Preload Flag indicates the consent of the site owner to have their domain preloaded. Possible values = YES, NO .PARAMETER Sessionticket This option enables the use of session tickets, as per the RFC 5077. Possible values = ENABLED, DISABLED .PARAMETER Sessionticketlifetime This option sets the life time of session tickets issued by NS in secs. .PARAMETER Sessionticketkeyrefresh This option enables the use of session tickets, as per the RFC 5077. Possible values = ENABLED, DISABLED .PARAMETER Sessionticketkeydata Session ticket enc/dec key, admin can set it. .PARAMETER Sessionkeylifetime This option sets the life time of symm key used to generate session tickets issued by NS in secs. .PARAMETER Prevsessionkeylifetime This option sets the life time of symm key used to generate session tickets issued by NS in secs. .PARAMETER Ciphername The cipher group/alias/individual cipher configuration. .PARAMETER Cipherpriority cipher priority. .PARAMETER Strictsigdigestcheck Parameter indicating to check whether peer entity certificate during TLS1.2 handshake is signed with one of signature-hash combination supported by Citrix ADC. Possible values = ENABLED, DISABLED .PARAMETER Skipclientcertpolicycheck This flag controls the processing of X509 certificate policies. If this option is Enabled, then the policy check in Client authentication will be skipped. This option can be used only when Client Authentication is Enabled and ClientCert is set to Mandatory. Possible values = ENABLED, DISABLED .PARAMETER Zerorttearlydata State of TLS 1.3 0-RTT early data support for the SSL Virtual Server. This setting only has an effect if resumption is enabled, as early data cannot be sent along with an initial handshake. Early application data has significantly different security properties - in particular there is no guarantee that the data cannot be replayed. Possible values = ENABLED, DISABLED .PARAMETER Tls13sessionticketsperauthcontext Number of tickets the SSL Virtual Server will issue anytime TLS 1.3 is negotiated, ticket-based resumption is enabled, and either (1) a handshake completes or (2) post-handhsake client auth completes. This value can be increased to enable clients to open multiple parallel connections using a fresh ticket for each connection. No tickets are sent if resumption is disabled. .PARAMETER Dhekeyexchangewithpsk Whether or not the SSL Virtual Server will require a DHE key exchange to occur when a PSK is accepted during a TLS 1.3 resumption handshake. A DHE key exchange ensures forward secrecy even in the event that ticket keys are compromised, at the expense of an additional round trip and resources required to carry out the DHE key exchange. If disabled, a DHE key exchange will be performed when a PSK is accepted but only if requested by the client. If enabled, the server will require a DHE key exchange when a PSK is accepted regardless of whether the client supports combined PSK-DHE key exchange. This setting only has an effect when resumption is enabled. Possible values = YES, NO .PARAMETER Allowextendedmastersecret When set to YES, attempt to use the TLS Extended Master Secret (EMS, as described in RFC 7627) when negotiating TLS 1.0, TLS 1.1 and TLS 1.2 connection parameters. EMS must be supported by both the TLS client and server in order to be enabled during a handshake. This setting applies to both frontend and backend SSL profiles. Possible values = YES, NO .PARAMETER Alpnprotocol Application protocol supported by the server and used in negotiation of the protocol with the client. Possible values are HTTP1.1, HTTP2 and NONE. Default value is NONE which implies application protocol is not enabled hence remain unknown to the TLS layer. This parameter is relevant only if SSL connection is handled by the virtual server of the type SSL_TCP. Possible values = NONE, HTTP1.1, HTTP2 .PARAMETER PassThru Return details about the created sslprofile item. .EXAMPLE PS C:\>Invoke-ADCUpdateSslprofile -name <string> An example how to update sslprofile configuration Object(s). .NOTES File Name : Invoke-ADCUpdateSslprofile Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslprofile/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(Mandatory)] [ValidatePattern('^(([a-zA-Z0-9]|[_])+([a-zA-Z0-9]|[_])+)$')] [ValidateLength(1, 127)] [string]$Name, [ValidateLength(1, 127)] [string]$Ssllogprofile, [ValidateSet('ENABLED', 'DISABLED')] [string]$Dh, [ValidateScript({ $_.Length -gt 1 })] [string]$Dhfile, [ValidateRange(0, 65534)] [double]$Dhcount, [ValidateSet('ENABLED', 'DISABLED')] [string]$Dhkeyexpsizelimit, [ValidateSet('ENABLED', 'DISABLED')] [string]$Ersa, [ValidateRange(0, 65534)] [double]$Ersacount, [ValidateSet('ENABLED', 'DISABLED')] [string]$Sessreuse, [ValidateRange(0, 4294967294)] [double]$Sesstimeout, [ValidateSet('ENABLED', 'DISABLED')] [string]$Cipherredirect, [string]$Cipherurl, [ValidateSet('ENABLED', 'DISABLED')] [string]$Clientauth, [ValidateSet('Mandatory', 'Optional')] [string]$Clientcert, [ValidateSet('ENABLED', 'DISABLED')] [string]$Sslredirect, [ValidateSet('ENABLED', 'DISABLED')] [string]$Redirectportrewrite, [ValidateSet('ENABLED', 'DISABLED')] [string]$Ssl3, [ValidateSet('ENABLED', 'DISABLED')] [string]$Tls1, [ValidateSet('ENABLED', 'DISABLED')] [string]$Tls11, [ValidateSet('ENABLED', 'DISABLED')] [string]$Tls12, [ValidateSet('ENABLED', 'DISABLED')] [string]$Tls13, [ValidateSet('ENABLED', 'DISABLED')] [string]$Snienable, [ValidateSet('ENABLED', 'DISABLED')] [string]$Ocspstapling, [ValidateSet('ENABLED', 'DISABLED')] [string]$Serverauth, [ValidateScript({ $_.Length -gt 1 })] [string]$Commonname, [ValidateSet('Always', 'Merge', 'Ignore', 'Timer')] [string]$Pushenctrigger, [ValidateSet('YES', 'NO')] [string]$Sendclosenotify, [ValidateRange(1, 65535)] [int]$Cleartextport, [ValidateSet('Unicode', 'UTF-8')] [string]$Insertionencoding, [ValidateSet('NO', 'FRONTEND_CLIENT', 'FRONTEND_CLIENTSERVER', 'ALL', 'NONSECURE')] [string]$Denysslreneg, [ValidateSet('4096', '8192', '16384')] [string]$Quantumsize, [ValidateSet('YES', 'NO')] [string]$Strictcachecks, [ValidateRange(10, 50)] [double]$Encrypttriggerpktcount, [ValidateRange(0, 3)] [double]$Pushflag, [ValidateSet('YES', 'NO')] [string]$Dropreqwithnohostheader, [ValidateSet('NO', 'CERT', 'STRICT')] [string]$Snihttphostmatch, [ValidateRange(1, 200)] [double]$Pushenctriggertimeout, [ValidateRange(1, 200)] [double]$Ssltriggertimeout, [ValidateSet('ENABLED', 'DISABLED')] [string]$Clientauthuseboundcachain, [ValidateSet('ENABLED', 'DISABLED')] [string]$Sslinterception, [ValidateSet('ENABLED', 'DISABLED')] [string]$Sslireneg, [ValidateSet('ENABLED', 'DISABLED')] [string]$Ssliocspcheck, [ValidateRange(1, 1000)] [double]$Sslimaxsessperserver, [ValidateSet('ENABLED', 'DISABLED')] [string]$Hsts, [ValidateRange(0, 4294967294)] [double]$Maxage, [ValidateSet('YES', 'NO')] [string]$Includesubdomains, [ValidateSet('YES', 'NO')] [string]$Preload, [ValidateSet('ENABLED', 'DISABLED')] [string]$Sessionticket, [ValidateRange(0, 172800)] [double]$Sessionticketlifetime, [ValidateSet('ENABLED', 'DISABLED')] [string]$Sessionticketkeyrefresh, [string]$Sessionticketkeydata, [ValidateRange(600, 86400)] [double]$Sessionkeylifetime, [ValidateRange(0, 172800)] [double]$Prevsessionkeylifetime, [string]$Ciphername, [double]$Cipherpriority, [ValidateSet('ENABLED', 'DISABLED')] [string]$Strictsigdigestcheck, [ValidateSet('ENABLED', 'DISABLED')] [string]$Skipclientcertpolicycheck, [ValidateSet('ENABLED', 'DISABLED')] [string]$Zerorttearlydata, [ValidateRange(1, 10)] [double]$Tls13sessionticketsperauthcontext, [ValidateSet('YES', 'NO')] [string]$Dhekeyexchangewithpsk, [ValidateSet('YES', 'NO')] [string]$Allowextendedmastersecret, [ValidateSet('NONE', 'HTTP1.1', 'HTTP2')] [string]$Alpnprotocol, [Switch]$PassThru ) begin { Write-Verbose "Invoke-ADCUpdateSslprofile: Starting" } process { try { $payload = @{ name = $name } if ( $PSBoundParameters.ContainsKey('ssllogprofile') ) { $payload.Add('ssllogprofile', $ssllogprofile) } if ( $PSBoundParameters.ContainsKey('dh') ) { $payload.Add('dh', $dh) } if ( $PSBoundParameters.ContainsKey('dhfile') ) { $payload.Add('dhfile', $dhfile) } if ( $PSBoundParameters.ContainsKey('dhcount') ) { $payload.Add('dhcount', $dhcount) } if ( $PSBoundParameters.ContainsKey('dhkeyexpsizelimit') ) { $payload.Add('dhkeyexpsizelimit', $dhkeyexpsizelimit) } if ( $PSBoundParameters.ContainsKey('ersa') ) { $payload.Add('ersa', $ersa) } if ( $PSBoundParameters.ContainsKey('ersacount') ) { $payload.Add('ersacount', $ersacount) } if ( $PSBoundParameters.ContainsKey('sessreuse') ) { $payload.Add('sessreuse', $sessreuse) } if ( $PSBoundParameters.ContainsKey('sesstimeout') ) { $payload.Add('sesstimeout', $sesstimeout) } if ( $PSBoundParameters.ContainsKey('cipherredirect') ) { $payload.Add('cipherredirect', $cipherredirect) } if ( $PSBoundParameters.ContainsKey('cipherurl') ) { $payload.Add('cipherurl', $cipherurl) } if ( $PSBoundParameters.ContainsKey('clientauth') ) { $payload.Add('clientauth', $clientauth) } if ( $PSBoundParameters.ContainsKey('clientcert') ) { $payload.Add('clientcert', $clientcert) } if ( $PSBoundParameters.ContainsKey('sslredirect') ) { $payload.Add('sslredirect', $sslredirect) } if ( $PSBoundParameters.ContainsKey('redirectportrewrite') ) { $payload.Add('redirectportrewrite', $redirectportrewrite) } if ( $PSBoundParameters.ContainsKey('ssl3') ) { $payload.Add('ssl3', $ssl3) } if ( $PSBoundParameters.ContainsKey('tls1') ) { $payload.Add('tls1', $tls1) } if ( $PSBoundParameters.ContainsKey('tls11') ) { $payload.Add('tls11', $tls11) } if ( $PSBoundParameters.ContainsKey('tls12') ) { $payload.Add('tls12', $tls12) } if ( $PSBoundParameters.ContainsKey('tls13') ) { $payload.Add('tls13', $tls13) } if ( $PSBoundParameters.ContainsKey('snienable') ) { $payload.Add('snienable', $snienable) } if ( $PSBoundParameters.ContainsKey('ocspstapling') ) { $payload.Add('ocspstapling', $ocspstapling) } if ( $PSBoundParameters.ContainsKey('serverauth') ) { $payload.Add('serverauth', $serverauth) } if ( $PSBoundParameters.ContainsKey('commonname') ) { $payload.Add('commonname', $commonname) } if ( $PSBoundParameters.ContainsKey('pushenctrigger') ) { $payload.Add('pushenctrigger', $pushenctrigger) } if ( $PSBoundParameters.ContainsKey('sendclosenotify') ) { $payload.Add('sendclosenotify', $sendclosenotify) } if ( $PSBoundParameters.ContainsKey('cleartextport') ) { $payload.Add('cleartextport', $cleartextport) } if ( $PSBoundParameters.ContainsKey('insertionencoding') ) { $payload.Add('insertionencoding', $insertionencoding) } if ( $PSBoundParameters.ContainsKey('denysslreneg') ) { $payload.Add('denysslreneg', $denysslreneg) } if ( $PSBoundParameters.ContainsKey('quantumsize') ) { $payload.Add('quantumsize', $quantumsize) } if ( $PSBoundParameters.ContainsKey('strictcachecks') ) { $payload.Add('strictcachecks', $strictcachecks) } if ( $PSBoundParameters.ContainsKey('encrypttriggerpktcount') ) { $payload.Add('encrypttriggerpktcount', $encrypttriggerpktcount) } if ( $PSBoundParameters.ContainsKey('pushflag') ) { $payload.Add('pushflag', $pushflag) } if ( $PSBoundParameters.ContainsKey('dropreqwithnohostheader') ) { $payload.Add('dropreqwithnohostheader', $dropreqwithnohostheader) } if ( $PSBoundParameters.ContainsKey('snihttphostmatch') ) { $payload.Add('snihttphostmatch', $snihttphostmatch) } if ( $PSBoundParameters.ContainsKey('pushenctriggertimeout') ) { $payload.Add('pushenctriggertimeout', $pushenctriggertimeout) } if ( $PSBoundParameters.ContainsKey('ssltriggertimeout') ) { $payload.Add('ssltriggertimeout', $ssltriggertimeout) } if ( $PSBoundParameters.ContainsKey('clientauthuseboundcachain') ) { $payload.Add('clientauthuseboundcachain', $clientauthuseboundcachain) } if ( $PSBoundParameters.ContainsKey('sslinterception') ) { $payload.Add('sslinterception', $sslinterception) } if ( $PSBoundParameters.ContainsKey('sslireneg') ) { $payload.Add('sslireneg', $sslireneg) } if ( $PSBoundParameters.ContainsKey('ssliocspcheck') ) { $payload.Add('ssliocspcheck', $ssliocspcheck) } if ( $PSBoundParameters.ContainsKey('sslimaxsessperserver') ) { $payload.Add('sslimaxsessperserver', $sslimaxsessperserver) } if ( $PSBoundParameters.ContainsKey('hsts') ) { $payload.Add('hsts', $hsts) } if ( $PSBoundParameters.ContainsKey('maxage') ) { $payload.Add('maxage', $maxage) } if ( $PSBoundParameters.ContainsKey('includesubdomains') ) { $payload.Add('includesubdomains', $includesubdomains) } if ( $PSBoundParameters.ContainsKey('preload') ) { $payload.Add('preload', $preload) } if ( $PSBoundParameters.ContainsKey('sessionticket') ) { $payload.Add('sessionticket', $sessionticket) } if ( $PSBoundParameters.ContainsKey('sessionticketlifetime') ) { $payload.Add('sessionticketlifetime', $sessionticketlifetime) } if ( $PSBoundParameters.ContainsKey('sessionticketkeyrefresh') ) { $payload.Add('sessionticketkeyrefresh', $sessionticketkeyrefresh) } if ( $PSBoundParameters.ContainsKey('sessionticketkeydata') ) { $payload.Add('sessionticketkeydata', $sessionticketkeydata) } if ( $PSBoundParameters.ContainsKey('sessionkeylifetime') ) { $payload.Add('sessionkeylifetime', $sessionkeylifetime) } if ( $PSBoundParameters.ContainsKey('prevsessionkeylifetime') ) { $payload.Add('prevsessionkeylifetime', $prevsessionkeylifetime) } if ( $PSBoundParameters.ContainsKey('ciphername') ) { $payload.Add('ciphername', $ciphername) } if ( $PSBoundParameters.ContainsKey('cipherpriority') ) { $payload.Add('cipherpriority', $cipherpriority) } if ( $PSBoundParameters.ContainsKey('strictsigdigestcheck') ) { $payload.Add('strictsigdigestcheck', $strictsigdigestcheck) } if ( $PSBoundParameters.ContainsKey('skipclientcertpolicycheck') ) { $payload.Add('skipclientcertpolicycheck', $skipclientcertpolicycheck) } if ( $PSBoundParameters.ContainsKey('zerorttearlydata') ) { $payload.Add('zerorttearlydata', $zerorttearlydata) } if ( $PSBoundParameters.ContainsKey('tls13sessionticketsperauthcontext') ) { $payload.Add('tls13sessionticketsperauthcontext', $tls13sessionticketsperauthcontext) } if ( $PSBoundParameters.ContainsKey('dhekeyexchangewithpsk') ) { $payload.Add('dhekeyexchangewithpsk', $dhekeyexchangewithpsk) } if ( $PSBoundParameters.ContainsKey('allowextendedmastersecret') ) { $payload.Add('allowextendedmastersecret', $allowextendedmastersecret) } if ( $PSBoundParameters.ContainsKey('alpnprotocol') ) { $payload.Add('alpnprotocol', $alpnprotocol) } if ( $PSCmdlet.ShouldProcess("sslprofile", "Update SSL configuration Object") ) { $result = Invoke-ADCNitroApi -ADCSession $ADCSession -Method PUT -NitroPath nitro/v1/config -Type sslprofile -Payload $payload -GetWarning #HTTP Status Code on Success: 200 OK #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error if ( $PSBoundParameters.ContainsKey('PassThru') ) { Write-Output (Invoke-ADCGetSslprofile -Filter $payload) } else { Write-Output $result } } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCUpdateSslprofile: Finished" } } function Invoke-ADCUnsetSslprofile { <# .SYNOPSIS Unset SSL configuration Object. .DESCRIPTION Configuration for SSL profile resource. .PARAMETER Name Name for the SSL profile. Must begin with an ASCII alphanumeric or underscore (_) character, and must contain only ASCII alphanumeric, underscore, hash (#), period (.), space, colon (:), at (@), equals (=), and hyphen (-) characters. Cannot be changed after the profile is created. .PARAMETER Ssllogprofile The name of the ssllogprofile. .PARAMETER Dh State of Diffie-Hellman (DH) key exchange. This parameter is not applicable when configuring a backend profile. Possible values = ENABLED, DISABLED .PARAMETER Dhfile The file name and path for the DH parameter. .PARAMETER Dhcount Number of interactions, between the client and the Citrix ADC, after which the DH private-public pair is regenerated. A value of zero (0) specifies refresh every time. This parameter is not applicable when configuring a backend profile. Allowed DH count values are 0 and >= 500. .PARAMETER Dhkeyexpsizelimit This option enables the use of NIST recommended (NIST Special Publication 800-56A) bit size for private-key size. For example, for DH params of size 2048bit, the private-key size recommended is 224bits. This is rounded-up to 256bits. Possible values = ENABLED, DISABLED .PARAMETER Ersa State of Ephemeral RSA (eRSA) key exchange. Ephemeral RSA allows clients that support only export ciphers to communicate with the secure server even if the server certificate does not support export clients. The ephemeral RSA key is automatically generated when you bind an export cipher to an SSL or TCP-based SSL virtual server or service. When you remove the export cipher, the eRSA key is not deleted. It is reused at a later date when another export cipher is bound to an SSL or TCP-based SSL virtual server or service. The eRSA key is deleted when the appliance restarts. This parameter is not applicable when configuring a backend profile. Possible values = ENABLED, DISABLED .PARAMETER Ersacount The refresh count for the re-generation of RSA public-key and private-key pair. .PARAMETER Sessreuse State of session reuse. Establishing the initial handshake requires CPU-intensive public key encryption operations. With the ENABLED setting, session key exchange is avoided for session resumption requests received from the client. Possible values = ENABLED, DISABLED .PARAMETER Sesstimeout The Session timeout value in seconds. .PARAMETER Cipherredirect State of Cipher Redirect. If this parameter is set to ENABLED, you can configure an SSL virtual server or service to display meaningful error messages if the SSL handshake fails because of a cipher mismatch between the virtual server or service and the client. This parameter is not applicable when configuring a backend profile. Possible values = ENABLED, DISABLED .PARAMETER Cipherurl The redirect URL to be used with the Cipher Redirect feature. .PARAMETER Clientauth State of client authentication. In service-based SSL offload, the service terminates the SSL handshake if the SSL client does not provide a valid certificate. This parameter is not applicable when configuring a backend profile. Possible values = ENABLED, DISABLED .PARAMETER Clientcert The rule for client certificate requirement in client authentication. Possible values = Mandatory, Optional .PARAMETER Sslredirect State of HTTPS redirects for the SSL service. For an SSL session, if the client browser receives a redirect message, the browser tries to connect to the new location. However, the secure SSL session breaks if the object has moved from a secure site (https://) to an unsecure site (http://). Typically, a warning message appears on the screen, prompting the user to continue or disconnect. If SSL Redirect is ENABLED, the redirect message is automatically converted from http:// to https:// and the SSL session does not break. This parameter is not applicable when configuring a backend profile. Possible values = ENABLED, DISABLED .PARAMETER Redirectportrewrite State of the port rewrite while performing HTTPS redirect. If this parameter is set to ENABLED, and the URL from the server does not contain the standard port, the port is rewritten to the standard. Possible values = ENABLED, DISABLED .PARAMETER Ssl3 State of SSLv3 protocol support for the SSL profile. Note: On platforms with SSL acceleration chips, if the SSL chip does not support SSLv3, this parameter cannot be set to ENABLED. Possible values = ENABLED, DISABLED .PARAMETER Tls1 State of TLSv1.0 protocol support for the SSL profile. Possible values = ENABLED, DISABLED .PARAMETER Tls11 State of TLSv1.1 protocol support for the SSL profile. Possible values = ENABLED, DISABLED .PARAMETER Tls12 State of TLSv1.2 protocol support for the SSL profile. Possible values = ENABLED, DISABLED .PARAMETER Tls13 State of TLSv1.3 protocol support for the SSL profile. Possible values = ENABLED, DISABLED .PARAMETER Snienable State of the Server Name Indication (SNI) feature on the virtual server and service-based offload. SNI helps to enable SSL encryption on multiple domains on a single virtual server or service if the domains are controlled by the same organization and share the same second-level domain name. For example, *.sports.net can be used to secure domains such as login.sports.net and help.sports.net. Possible values = ENABLED, DISABLED .PARAMETER Ocspstapling State of OCSP stapling support on the SSL virtual server. Supported only if the protocol used is higher than SSLv3. Possible values: ENABLED: The appliance sends a request to the OCSP responder to check the status of the server certificate and caches the response for the specified time. If the response is valid at the time of SSL handshake with the client, the OCSP-based server certificate status is sent to the client during the handshake. DISABLED: The appliance does not check the status of the server certificate. . Possible values = ENABLED, DISABLED .PARAMETER Serverauth State of server authentication support for the SSL Backend profile. Possible values = ENABLED, DISABLED .PARAMETER Commonname Name to be checked against the CommonName (CN) field in the server certificate bound to the SSL server. .PARAMETER Pushenctrigger Trigger encryption on the basis of the PUSH flag value. Available settings function as follows: * ALWAYS - Any PUSH packet triggers encryption. * IGNORE - Ignore PUSH packet for triggering encryption. * MERGE - For a consecutive sequence of PUSH packets, the last PUSH packet triggers encryption. * TIMER - PUSH packet triggering encryption is delayed by the time defined in the set ssl parameter command or in the Change Advanced SSL Settings dialog box. Possible values = Always, Merge, Ignore, Timer .PARAMETER Sendclosenotify Enable sending SSL Close-Notify at the end of a transaction. Possible values = YES, NO .PARAMETER Cleartextport Port on which clear-text data is sent by the appliance to the server. Do not specify this parameter for SSL offloading with end-to-end encryption. * in CLI is represented as 65535 in NITRO API .PARAMETER Insertionencoding Encoding method used to insert the subject or issuer's name in HTTP requests to servers. Possible values = Unicode, UTF-8 .PARAMETER Denysslreneg Deny renegotiation in specified circumstances. Available settings function as follows: * NO - Allow SSL renegotiation. * FRONTEND_CLIENT - Deny secure and nonsecure SSL renegotiation initiated by the client. * FRONTEND_CLIENTSERVER - Deny secure and nonsecure SSL renegotiation initiated by the client or the Citrix ADC during policy-based client authentication. * ALL - Deny all secure and nonsecure SSL renegotiation. * NONSECURE - Deny nonsecure SSL renegotiation. Allows only clients that support RFC 5746. Possible values = NO, FRONTEND_CLIENT, FRONTEND_CLIENTSERVER, ALL, NONSECURE .PARAMETER Quantumsize Amount of data to collect before the data is pushed to the crypto hardware for encryption. For large downloads, a larger quantum size better utilizes the crypto resources. Possible values = 4096, 8192, 16384 .PARAMETER Strictcachecks Enable strict CA certificate checks on the appliance. Possible values = YES, NO .PARAMETER Encrypttriggerpktcount Maximum number of queued packets after which encryption is triggered. Use this setting for SSL transactions that send small packets from server to Citrix ADC. .PARAMETER Pushflag Insert PUSH flag into decrypted, encrypted, or all records. If the PUSH flag is set to a value other than 0, the buffered records are forwarded on the basis of the value of the PUSH flag. Available settings function as follows: 0 - Auto (PUSH flag is not set.) 1 - Insert PUSH flag into every decrypted record. 2 -Insert PUSH flag into every encrypted record. 3 - Insert PUSH flag into every decrypted and encrypted record. .PARAMETER Dropreqwithnohostheader Host header check for SNI enabled sessions. If this check is enabled and the HTTP request does not contain the host header for SNI enabled sessions(i.e vserver or profile bound to vserver has SNI enabled and 'Client Hello' arrived with SNI extension), the request is dropped. Possible values = YES, NO .PARAMETER Snihttphostmatch Controls how the HTTP 'Host' header value is validated. These checks are performed only if the session is SNI enabled (i.e when vserver or profile bound to vserver has SNI enabled and 'Client Hello' arrived with SNI extension) and HTTP request contains 'Host' header. Available settings function as follows: CERT - Request is forwarded if the 'Host' value is covered by the certificate used to establish this SSL session. Note: 'CERT' matching mode cannot be applied in TLS 1.3 connections established by resuming from a previous TLS 1.3 session. On these connections, 'STRICT' matching mode will be used instead. STRICT - Request is forwarded only if value of 'Host' header in HTTP is identical to the 'Server name' value passed in 'Client Hello' of the SSL connection. NO - No validation is performed on the HTTP 'Host' header value. Possible values = NO, CERT, STRICT .PARAMETER Pushenctriggertimeout PUSH encryption trigger timeout value. The timeout value is applied only if you set the Push Encryption Trigger parameter to Timer in the SSL virtual server settings. .PARAMETER Ssltriggertimeout Time, in milliseconds, after which encryption is triggered for transactions that are not tracked on the Citrix ADC because their length is not known. There can be a delay of up to 10ms from the specified timeout value before the packet is pushed into the queue. .PARAMETER Clientauthuseboundcachain Certficates bound on the VIP are used for validating the client cert. Certficates came along with client cert are not used for validating the client cert. Possible values = ENABLED, DISABLED .PARAMETER Sslinterception Enable or disable transparent interception of SSL sessions. Possible values = ENABLED, DISABLED .PARAMETER Sslireneg Enable or disable triggering the client renegotiation when renegotiation request is received from the origin server. Possible values = ENABLED, DISABLED .PARAMETER Ssliocspcheck Enable or disable OCSP check for origin server certificate. Possible values = ENABLED, DISABLED .PARAMETER Sslimaxsessperserver Maximum ssl session to be cached per dynamic origin server. A unique ssl session is created for each SNI received from the client on ClientHello and the matching session is used for server session reuse. .PARAMETER Hsts State of HSTS protocol support for the SSL profile. Using HSTS, a server can enforce the use of an HTTPS connection for all communication with a client. Possible values = ENABLED, DISABLED .PARAMETER Maxage Set the maximum time, in seconds, in the strict transport security (STS) header during which the client must send only HTTPS requests to the server. .PARAMETER Includesubdomains Enable HSTS for subdomains. If set to Yes, a client must send only HTTPS requests for subdomains. Possible values = YES, NO .PARAMETER Preload Flag indicates the consent of the site owner to have their domain preloaded. Possible values = YES, NO .PARAMETER Sessionticket This option enables the use of session tickets, as per the RFC 5077. Possible values = ENABLED, DISABLED .PARAMETER Sessionticketlifetime This option sets the life time of session tickets issued by NS in secs. .PARAMETER Sessionticketkeyrefresh This option enables the use of session tickets, as per the RFC 5077. Possible values = ENABLED, DISABLED .PARAMETER Sessionticketkeydata Session ticket enc/dec key, admin can set it. .PARAMETER Sessionkeylifetime This option sets the life time of symm key used to generate session tickets issued by NS in secs. .PARAMETER Prevsessionkeylifetime This option sets the life time of symm key used to generate session tickets issued by NS in secs. .PARAMETER Ciphername The cipher group/alias/individual cipher configuration. .PARAMETER Cipherpriority cipher priority. .PARAMETER Strictsigdigestcheck Parameter indicating to check whether peer entity certificate during TLS1.2 handshake is signed with one of signature-hash combination supported by Citrix ADC. Possible values = ENABLED, DISABLED .PARAMETER Skipclientcertpolicycheck This flag controls the processing of X509 certificate policies. If this option is Enabled, then the policy check in Client authentication will be skipped. This option can be used only when Client Authentication is Enabled and ClientCert is set to Mandatory. Possible values = ENABLED, DISABLED .PARAMETER Zerorttearlydata State of TLS 1.3 0-RTT early data support for the SSL Virtual Server. This setting only has an effect if resumption is enabled, as early data cannot be sent along with an initial handshake. Early application data has significantly different security properties - in particular there is no guarantee that the data cannot be replayed. Possible values = ENABLED, DISABLED .PARAMETER Tls13sessionticketsperauthcontext Number of tickets the SSL Virtual Server will issue anytime TLS 1.3 is negotiated, ticket-based resumption is enabled, and either (1) a handshake completes or (2) post-handhsake client auth completes. This value can be increased to enable clients to open multiple parallel connections using a fresh ticket for each connection. No tickets are sent if resumption is disabled. .PARAMETER Dhekeyexchangewithpsk Whether or not the SSL Virtual Server will require a DHE key exchange to occur when a PSK is accepted during a TLS 1.3 resumption handshake. A DHE key exchange ensures forward secrecy even in the event that ticket keys are compromised, at the expense of an additional round trip and resources required to carry out the DHE key exchange. If disabled, a DHE key exchange will be performed when a PSK is accepted but only if requested by the client. If enabled, the server will require a DHE key exchange when a PSK is accepted regardless of whether the client supports combined PSK-DHE key exchange. This setting only has an effect when resumption is enabled. Possible values = YES, NO .PARAMETER Allowextendedmastersecret When set to YES, attempt to use the TLS Extended Master Secret (EMS, as described in RFC 7627) when negotiating TLS 1.0, TLS 1.1 and TLS 1.2 connection parameters. EMS must be supported by both the TLS client and server in order to be enabled during a handshake. This setting applies to both frontend and backend SSL profiles. Possible values = YES, NO .PARAMETER Alpnprotocol Application protocol supported by the server and used in negotiation of the protocol with the client. Possible values are HTTP1.1, HTTP2 and NONE. Default value is NONE which implies application protocol is not enabled hence remain unknown to the TLS layer. This parameter is relevant only if SSL connection is handled by the virtual server of the type SSL_TCP. Possible values = NONE, HTTP1.1, HTTP2 .EXAMPLE PS C:\>Invoke-ADCUnsetSslprofile -name <string> An example how to unset sslprofile configuration Object(s). .NOTES File Name : Invoke-ADCUnsetSslprofile Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslprofile Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [ValidatePattern('^(([a-zA-Z0-9]|[_])+([a-zA-Z0-9]|[_])+)$')] [ValidateLength(1, 127)] [string]$Name, [Boolean]$ssllogprofile, [Boolean]$dh, [Boolean]$dhfile, [Boolean]$dhcount, [Boolean]$dhkeyexpsizelimit, [Boolean]$ersa, [Boolean]$ersacount, [Boolean]$sessreuse, [Boolean]$sesstimeout, [Boolean]$cipherredirect, [Boolean]$cipherurl, [Boolean]$clientauth, [Boolean]$clientcert, [Boolean]$sslredirect, [Boolean]$redirectportrewrite, [Boolean]$ssl3, [Boolean]$tls1, [Boolean]$tls11, [Boolean]$tls12, [Boolean]$tls13, [Boolean]$snienable, [Boolean]$ocspstapling, [Boolean]$serverauth, [Boolean]$commonname, [Boolean]$pushenctrigger, [Boolean]$sendclosenotify, [Boolean]$cleartextport, [Boolean]$insertionencoding, [Boolean]$denysslreneg, [Boolean]$quantumsize, [Boolean]$strictcachecks, [Boolean]$encrypttriggerpktcount, [Boolean]$pushflag, [Boolean]$dropreqwithnohostheader, [Boolean]$snihttphostmatch, [Boolean]$pushenctriggertimeout, [Boolean]$ssltriggertimeout, [Boolean]$clientauthuseboundcachain, [Boolean]$sslinterception, [Boolean]$sslireneg, [Boolean]$ssliocspcheck, [Boolean]$sslimaxsessperserver, [Boolean]$hsts, [Boolean]$maxage, [Boolean]$includesubdomains, [Boolean]$preload, [Boolean]$sessionticket, [Boolean]$sessionticketlifetime, [Boolean]$sessionticketkeyrefresh, [Boolean]$sessionticketkeydata, [Boolean]$sessionkeylifetime, [Boolean]$prevsessionkeylifetime, [Boolean]$ciphername, [Boolean]$cipherpriority, [Boolean]$strictsigdigestcheck, [Boolean]$skipclientcertpolicycheck, [Boolean]$zerorttearlydata, [Boolean]$tls13sessionticketsperauthcontext, [Boolean]$dhekeyexchangewithpsk, [Boolean]$allowextendedmastersecret, [Boolean]$alpnprotocol ) begin { Write-Verbose "Invoke-ADCUnsetSslprofile: Starting" } process { try { $payload = @{ name = $name } if ( $PSBoundParameters.ContainsKey('ssllogprofile') ) { $payload.Add('ssllogprofile', $ssllogprofile) } if ( $PSBoundParameters.ContainsKey('dh') ) { $payload.Add('dh', $dh) } if ( $PSBoundParameters.ContainsKey('dhfile') ) { $payload.Add('dhfile', $dhfile) } if ( $PSBoundParameters.ContainsKey('dhcount') ) { $payload.Add('dhcount', $dhcount) } if ( $PSBoundParameters.ContainsKey('dhkeyexpsizelimit') ) { $payload.Add('dhkeyexpsizelimit', $dhkeyexpsizelimit) } if ( $PSBoundParameters.ContainsKey('ersa') ) { $payload.Add('ersa', $ersa) } if ( $PSBoundParameters.ContainsKey('ersacount') ) { $payload.Add('ersacount', $ersacount) } if ( $PSBoundParameters.ContainsKey('sessreuse') ) { $payload.Add('sessreuse', $sessreuse) } if ( $PSBoundParameters.ContainsKey('sesstimeout') ) { $payload.Add('sesstimeout', $sesstimeout) } if ( $PSBoundParameters.ContainsKey('cipherredirect') ) { $payload.Add('cipherredirect', $cipherredirect) } if ( $PSBoundParameters.ContainsKey('cipherurl') ) { $payload.Add('cipherurl', $cipherurl) } if ( $PSBoundParameters.ContainsKey('clientauth') ) { $payload.Add('clientauth', $clientauth) } if ( $PSBoundParameters.ContainsKey('clientcert') ) { $payload.Add('clientcert', $clientcert) } if ( $PSBoundParameters.ContainsKey('sslredirect') ) { $payload.Add('sslredirect', $sslredirect) } if ( $PSBoundParameters.ContainsKey('redirectportrewrite') ) { $payload.Add('redirectportrewrite', $redirectportrewrite) } if ( $PSBoundParameters.ContainsKey('ssl3') ) { $payload.Add('ssl3', $ssl3) } if ( $PSBoundParameters.ContainsKey('tls1') ) { $payload.Add('tls1', $tls1) } if ( $PSBoundParameters.ContainsKey('tls11') ) { $payload.Add('tls11', $tls11) } if ( $PSBoundParameters.ContainsKey('tls12') ) { $payload.Add('tls12', $tls12) } if ( $PSBoundParameters.ContainsKey('tls13') ) { $payload.Add('tls13', $tls13) } if ( $PSBoundParameters.ContainsKey('snienable') ) { $payload.Add('snienable', $snienable) } if ( $PSBoundParameters.ContainsKey('ocspstapling') ) { $payload.Add('ocspstapling', $ocspstapling) } if ( $PSBoundParameters.ContainsKey('serverauth') ) { $payload.Add('serverauth', $serverauth) } if ( $PSBoundParameters.ContainsKey('commonname') ) { $payload.Add('commonname', $commonname) } if ( $PSBoundParameters.ContainsKey('pushenctrigger') ) { $payload.Add('pushenctrigger', $pushenctrigger) } if ( $PSBoundParameters.ContainsKey('sendclosenotify') ) { $payload.Add('sendclosenotify', $sendclosenotify) } if ( $PSBoundParameters.ContainsKey('cleartextport') ) { $payload.Add('cleartextport', $cleartextport) } if ( $PSBoundParameters.ContainsKey('insertionencoding') ) { $payload.Add('insertionencoding', $insertionencoding) } if ( $PSBoundParameters.ContainsKey('denysslreneg') ) { $payload.Add('denysslreneg', $denysslreneg) } if ( $PSBoundParameters.ContainsKey('quantumsize') ) { $payload.Add('quantumsize', $quantumsize) } if ( $PSBoundParameters.ContainsKey('strictcachecks') ) { $payload.Add('strictcachecks', $strictcachecks) } if ( $PSBoundParameters.ContainsKey('encrypttriggerpktcount') ) { $payload.Add('encrypttriggerpktcount', $encrypttriggerpktcount) } if ( $PSBoundParameters.ContainsKey('pushflag') ) { $payload.Add('pushflag', $pushflag) } if ( $PSBoundParameters.ContainsKey('dropreqwithnohostheader') ) { $payload.Add('dropreqwithnohostheader', $dropreqwithnohostheader) } if ( $PSBoundParameters.ContainsKey('snihttphostmatch') ) { $payload.Add('snihttphostmatch', $snihttphostmatch) } if ( $PSBoundParameters.ContainsKey('pushenctriggertimeout') ) { $payload.Add('pushenctriggertimeout', $pushenctriggertimeout) } if ( $PSBoundParameters.ContainsKey('ssltriggertimeout') ) { $payload.Add('ssltriggertimeout', $ssltriggertimeout) } if ( $PSBoundParameters.ContainsKey('clientauthuseboundcachain') ) { $payload.Add('clientauthuseboundcachain', $clientauthuseboundcachain) } if ( $PSBoundParameters.ContainsKey('sslinterception') ) { $payload.Add('sslinterception', $sslinterception) } if ( $PSBoundParameters.ContainsKey('sslireneg') ) { $payload.Add('sslireneg', $sslireneg) } if ( $PSBoundParameters.ContainsKey('ssliocspcheck') ) { $payload.Add('ssliocspcheck', $ssliocspcheck) } if ( $PSBoundParameters.ContainsKey('sslimaxsessperserver') ) { $payload.Add('sslimaxsessperserver', $sslimaxsessperserver) } if ( $PSBoundParameters.ContainsKey('hsts') ) { $payload.Add('hsts', $hsts) } if ( $PSBoundParameters.ContainsKey('maxage') ) { $payload.Add('maxage', $maxage) } if ( $PSBoundParameters.ContainsKey('includesubdomains') ) { $payload.Add('includesubdomains', $includesubdomains) } if ( $PSBoundParameters.ContainsKey('preload') ) { $payload.Add('preload', $preload) } if ( $PSBoundParameters.ContainsKey('sessionticket') ) { $payload.Add('sessionticket', $sessionticket) } if ( $PSBoundParameters.ContainsKey('sessionticketlifetime') ) { $payload.Add('sessionticketlifetime', $sessionticketlifetime) } if ( $PSBoundParameters.ContainsKey('sessionticketkeyrefresh') ) { $payload.Add('sessionticketkeyrefresh', $sessionticketkeyrefresh) } if ( $PSBoundParameters.ContainsKey('sessionticketkeydata') ) { $payload.Add('sessionticketkeydata', $sessionticketkeydata) } if ( $PSBoundParameters.ContainsKey('sessionkeylifetime') ) { $payload.Add('sessionkeylifetime', $sessionkeylifetime) } if ( $PSBoundParameters.ContainsKey('prevsessionkeylifetime') ) { $payload.Add('prevsessionkeylifetime', $prevsessionkeylifetime) } if ( $PSBoundParameters.ContainsKey('ciphername') ) { $payload.Add('ciphername', $ciphername) } if ( $PSBoundParameters.ContainsKey('cipherpriority') ) { $payload.Add('cipherpriority', $cipherpriority) } if ( $PSBoundParameters.ContainsKey('strictsigdigestcheck') ) { $payload.Add('strictsigdigestcheck', $strictsigdigestcheck) } if ( $PSBoundParameters.ContainsKey('skipclientcertpolicycheck') ) { $payload.Add('skipclientcertpolicycheck', $skipclientcertpolicycheck) } if ( $PSBoundParameters.ContainsKey('zerorttearlydata') ) { $payload.Add('zerorttearlydata', $zerorttearlydata) } if ( $PSBoundParameters.ContainsKey('tls13sessionticketsperauthcontext') ) { $payload.Add('tls13sessionticketsperauthcontext', $tls13sessionticketsperauthcontext) } if ( $PSBoundParameters.ContainsKey('dhekeyexchangewithpsk') ) { $payload.Add('dhekeyexchangewithpsk', $dhekeyexchangewithpsk) } if ( $PSBoundParameters.ContainsKey('allowextendedmastersecret') ) { $payload.Add('allowextendedmastersecret', $allowextendedmastersecret) } if ( $PSBoundParameters.ContainsKey('alpnprotocol') ) { $payload.Add('alpnprotocol', $alpnprotocol) } if ( $PSCmdlet.ShouldProcess("$name", "Unset SSL configuration Object") ) { $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method POST -Type sslprofile -NitroPath nitro/v1/config -Action unset -Payload $payload -GetWarning #HTTP Status Code on Success: 200 OK #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error Write-Output $response } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCUnsetSslprofile: Finished" } } function Invoke-ADCGetSslprofile { <# .SYNOPSIS Get SSL configuration object(s). .DESCRIPTION Configuration for SSL profile resource. .PARAMETER Name Name for the SSL profile. Must begin with an ASCII alphanumeric or underscore (_) character, and must contain only ASCII alphanumeric, underscore, hash (#), period (.), space, colon (:), at (@), equals (=), and hyphen (-) characters. Cannot be changed after the profile is created. .PARAMETER GetAll Retrieve all sslprofile object(s). .PARAMETER Count If specified, the count of the sslprofile object(s) will be returned. .PARAMETER Filter Specify a filter. -Filter @{ 'name'='<value>' } .PARAMETER ViewSummary When specified, only a summary of information is returned. .EXAMPLE PS C:\>Invoke-ADCGetSslprofile Get data. .EXAMPLE PS C:\>Invoke-ADCGetSslprofile -GetAll Get all sslprofile data. .EXAMPLE PS C:\>Invoke-ADCGetSslprofile -Count Get the number of sslprofile objects. .EXAMPLE PS C:\>Invoke-ADCGetSslprofile -name <string> Get sslprofile object by specifying for example the name. .EXAMPLE PS C:\>Invoke-ADCGetSslprofile -Filter @{ 'name'='<value>' } Get sslprofile data with a filter. .NOTES File Name : Invoke-ADCGetSslprofile Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslprofile/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(DefaultParameterSetName = "GetAll")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(ParameterSetName = 'GetByResource')] [ValidatePattern('^(([a-zA-Z0-9]|[_])+([a-zA-Z0-9]|[_])+)$')] [ValidateLength(1, 127)] [string]$Name, [Parameter(ParameterSetName = 'Count', Mandatory)] [Switch]$Count, [hashtable]$Filter = @{ }, [Parameter(ParameterSetName = 'GetAll')] [Switch]$GetAll, [Parameter(ParameterSetName = 'GetAll')] [Parameter(ParameterSetName = 'Get')] [Switch]$ViewSummary ) begin { Write-Verbose "Invoke-ADCGetSslprofile: Beginning" } process { try { if ( $PsCmdlet.ParameterSetName -eq 'GetAll' ) { $query = @{ } Write-Verbose "Retrieving all sslprofile objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslprofile -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'Count' ) { if ( $PSBoundParameters.ContainsKey('Count') ) { $query = @{ 'count' = 'yes' } } Write-Verbose "Retrieving total count for sslprofile objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslprofile -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByArgument' ) { Write-Verbose "Retrieving sslprofile objects by arguments" $arguments = @{ } $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslprofile -NitroPath nitro/v1/config -Arguments $arguments -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByResource' ) { Write-Verbose "Retrieving sslprofile configuration for property 'name'" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslprofile -NitroPath nitro/v1/config -Resource $name -Summary:$ViewSummary -Filter $Filter -GetWarning } else { Write-Verbose "Retrieving sslprofile configuration objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslprofile -NitroPath nitro/v1/config -Summary:$ViewSummary -Query $query -Filter $Filter -GetWarning } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" $response = $null } Write-Output $response } end { Write-Verbose "Invoke-ADCGetSslprofile: Ended" } } function Invoke-ADCGetSslprofilebinding { <# .SYNOPSIS Get SSL configuration object(s). .DESCRIPTION Binding object which returns the resources bound to sslprofile. .PARAMETER Name Name of the SSL profile for which to show detailed information. .PARAMETER GetAll Retrieve all sslprofile_binding object(s). .PARAMETER Count If specified, the count of the sslprofile_binding object(s) will be returned. .PARAMETER Filter Specify a filter. -Filter @{ 'name'='<value>' } .PARAMETER ViewSummary When specified, only a summary of information is returned. .EXAMPLE PS C:\>Invoke-ADCGetSslprofilebinding Get data. .EXAMPLE PS C:\>Invoke-ADCGetSslprofilebinding -GetAll Get all sslprofile_binding data. .EXAMPLE PS C:\>Invoke-ADCGetSslprofilebinding -name <string> Get sslprofile_binding object by specifying for example the name. .EXAMPLE PS C:\>Invoke-ADCGetSslprofilebinding -Filter @{ 'name'='<value>' } Get sslprofile_binding data with a filter. .NOTES File Name : Invoke-ADCGetSslprofilebinding Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslprofile_binding/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(DefaultParameterSetName = "GetAll")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(ParameterSetName = 'GetByResource')] [ValidateLength(1, 127)] [string]$Name, [hashtable]$Filter = @{ }, [Parameter(ParameterSetName = 'GetAll')] [Switch]$GetAll ) begin { Write-Verbose "Invoke-ADCGetSslprofilebinding: Beginning" } process { try { if ( $PsCmdlet.ParameterSetName -eq 'GetAll' ) { $query = @{ bulkbindings = 'yes' } Write-Verbose "Retrieving all sslprofile_binding objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslprofile_binding -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'Count' ) { if ( $PSBoundParameters.ContainsKey('Count') ) { $query = @{ 'count' = 'yes' } } Write-Verbose "Retrieving total count for sslprofile_binding objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslprofile_binding -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByArgument' ) { Write-Verbose "Retrieving sslprofile_binding objects by arguments" $arguments = @{ } $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslprofile_binding -NitroPath nitro/v1/config -Arguments $arguments -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByResource' ) { Write-Verbose "Retrieving sslprofile_binding configuration for property 'name'" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslprofile_binding -NitroPath nitro/v1/config -Resource $name -Summary:$ViewSummary -Filter $Filter -GetWarning } else { Write-Verbose "Retrieving sslprofile_binding configuration objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslprofile_binding -NitroPath nitro/v1/config -Summary:$ViewSummary -Query $query -Filter $Filter -GetWarning } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" $response = $null } Write-Output $response } end { Write-Verbose "Invoke-ADCGetSslprofilebinding: Ended" } } function Invoke-ADCAddSslprofileecccurvebinding { <# .SYNOPSIS Add SSL configuration Object. .DESCRIPTION Binding object showing the ecccurve that can be bound to sslprofile. .PARAMETER Name Name of the SSL profile. .PARAMETER Cipherpriority Priority of the cipher binding. .PARAMETER Ecccurvename Named ECC curve bound to vserver/service. Possible values = ALL, P_224, P_256, P_384, P_521 .PARAMETER PassThru Return details about the created sslprofile_ecccurve_binding item. .EXAMPLE PS C:\>Invoke-ADCAddSslprofileecccurvebinding -name <string> An example how to add sslprofile_ecccurve_binding configuration Object(s). .NOTES File Name : Invoke-ADCAddSslprofileecccurvebinding Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslprofile_ecccurve_binding/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(Mandatory)] [ValidateLength(1, 127)] [string]$Name, [ValidateRange(1, 1000)] [double]$Cipherpriority, [ValidateSet('ALL', 'P_224', 'P_256', 'P_384', 'P_521')] [string]$Ecccurvename, [Switch]$PassThru ) begin { Write-Verbose "Invoke-ADCAddSslprofileecccurvebinding: Starting" } process { try { $payload = @{ name = $name } if ( $PSBoundParameters.ContainsKey('cipherpriority') ) { $payload.Add('cipherpriority', $cipherpriority) } if ( $PSBoundParameters.ContainsKey('ecccurvename') ) { $payload.Add('ecccurvename', $ecccurvename) } if ( $PSCmdlet.ShouldProcess("sslprofile_ecccurve_binding", "Add SSL configuration Object") ) { $result = Invoke-ADCNitroApi -ADCSession $ADCSession -Method PUT -NitroPath nitro/v1/config -Type sslprofile_ecccurve_binding -Payload $payload -GetWarning #HTTP Status Code on Success: 201 Created #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error if ( $PSBoundParameters.ContainsKey('PassThru') ) { Write-Output (Invoke-ADCGetSslprofileecccurvebinding -Filter $payload) } else { Write-Output $result } } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCAddSslprofileecccurvebinding: Finished" } } function Invoke-ADCDeleteSslprofileecccurvebinding { <# .SYNOPSIS Delete SSL configuration Object. .DESCRIPTION Binding object showing the ecccurve that can be bound to sslprofile. .PARAMETER Name Name of the SSL profile. .PARAMETER Ecccurvename Named ECC curve bound to vserver/service. Possible values = ALL, P_224, P_256, P_384, P_521 .EXAMPLE PS C:\>Invoke-ADCDeleteSslprofileecccurvebinding -Name <string> An example how to delete sslprofile_ecccurve_binding configuration Object(s). .NOTES File Name : Invoke-ADCDeleteSslprofileecccurvebinding Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslprofile_ecccurve_binding/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(Mandatory)] [string]$Name, [string]$Ecccurvename ) begin { Write-Verbose "Invoke-ADCDeleteSslprofileecccurvebinding: Starting" } process { try { $arguments = @{ } if ( $PSBoundParameters.ContainsKey('Ecccurvename') ) { $arguments.Add('ecccurvename', $Ecccurvename) } if ( $PSCmdlet.ShouldProcess("$name", "Delete SSL configuration Object") ) { $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method DELETE -Type sslprofile_ecccurve_binding -NitroPath nitro/v1/config -Resource $name -Arguments $arguments #HTTP Status Code on Success: 200 OK #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error Write-Output $response } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCDeleteSslprofileecccurvebinding: Finished" } } function Invoke-ADCGetSslprofileecccurvebinding { <# .SYNOPSIS Get SSL configuration object(s). .DESCRIPTION Binding object showing the ecccurve that can be bound to sslprofile. .PARAMETER Name Name of the SSL profile. .PARAMETER GetAll Retrieve all sslprofile_ecccurve_binding object(s). .PARAMETER Count If specified, the count of the sslprofile_ecccurve_binding object(s) will be returned. .PARAMETER Filter Specify a filter. -Filter @{ 'name'='<value>' } .PARAMETER ViewSummary When specified, only a summary of information is returned. .EXAMPLE PS C:\>Invoke-ADCGetSslprofileecccurvebinding Get data. .EXAMPLE PS C:\>Invoke-ADCGetSslprofileecccurvebinding -GetAll Get all sslprofile_ecccurve_binding data. .EXAMPLE PS C:\>Invoke-ADCGetSslprofileecccurvebinding -Count Get the number of sslprofile_ecccurve_binding objects. .EXAMPLE PS C:\>Invoke-ADCGetSslprofileecccurvebinding -name <string> Get sslprofile_ecccurve_binding object by specifying for example the name. .EXAMPLE PS C:\>Invoke-ADCGetSslprofileecccurvebinding -Filter @{ 'name'='<value>' } Get sslprofile_ecccurve_binding data with a filter. .NOTES File Name : Invoke-ADCGetSslprofileecccurvebinding Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslprofile_ecccurve_binding/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(DefaultParameterSetName = "GetAll")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(ParameterSetName = 'GetByResource')] [ValidateLength(1, 127)] [string]$Name, [Parameter(ParameterSetName = 'Count', Mandatory)] [Switch]$Count, [hashtable]$Filter = @{ }, [Parameter(ParameterSetName = 'GetAll')] [Switch]$GetAll ) begin { Write-Verbose "Invoke-ADCGetSslprofileecccurvebinding: Beginning" } process { try { if ( $PsCmdlet.ParameterSetName -eq 'GetAll' ) { $query = @{ bulkbindings = 'yes' } Write-Verbose "Retrieving all sslprofile_ecccurve_binding objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslprofile_ecccurve_binding -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'Count' ) { if ( $PSBoundParameters.ContainsKey('Count') ) { $query = @{ 'count' = 'yes' } } Write-Verbose "Retrieving total count for sslprofile_ecccurve_binding objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslprofile_ecccurve_binding -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByArgument' ) { Write-Verbose "Retrieving sslprofile_ecccurve_binding objects by arguments" $arguments = @{ } $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslprofile_ecccurve_binding -NitroPath nitro/v1/config -Arguments $arguments -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByResource' ) { Write-Verbose "Retrieving sslprofile_ecccurve_binding configuration for property 'name'" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslprofile_ecccurve_binding -NitroPath nitro/v1/config -Resource $name -Summary:$ViewSummary -Filter $Filter -GetWarning } else { Write-Verbose "Retrieving sslprofile_ecccurve_binding configuration objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslprofile_ecccurve_binding -NitroPath nitro/v1/config -Summary:$ViewSummary -Query $query -Filter $Filter -GetWarning } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" $response = $null } Write-Output $response } end { Write-Verbose "Invoke-ADCGetSslprofileecccurvebinding: Ended" } } function Invoke-ADCAddSslprofilesslcertkeybinding { <# .SYNOPSIS Add SSL configuration Object. .DESCRIPTION Binding object showing the sslcertkey that can be bound to sslprofile. .PARAMETER Name Name of the SSL profile. .PARAMETER Cipherpriority Priority of the cipher binding. .PARAMETER Sslicacertkey The certkey (CA certificate + private key) to be used for SSL interception. .PARAMETER PassThru Return details about the created sslprofile_sslcertkey_binding item. .EXAMPLE PS C:\>Invoke-ADCAddSslprofilesslcertkeybinding -name <string> An example how to add sslprofile_sslcertkey_binding configuration Object(s). .NOTES File Name : Invoke-ADCAddSslprofilesslcertkeybinding Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslprofile_sslcertkey_binding/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(Mandatory)] [ValidateLength(1, 127)] [string]$Name, [ValidateRange(1, 1000)] [double]$Cipherpriority, [string]$Sslicacertkey, [Switch]$PassThru ) begin { Write-Verbose "Invoke-ADCAddSslprofilesslcertkeybinding: Starting" } process { try { $payload = @{ name = $name } if ( $PSBoundParameters.ContainsKey('cipherpriority') ) { $payload.Add('cipherpriority', $cipherpriority) } if ( $PSBoundParameters.ContainsKey('sslicacertkey') ) { $payload.Add('sslicacertkey', $sslicacertkey) } if ( $PSCmdlet.ShouldProcess("sslprofile_sslcertkey_binding", "Add SSL configuration Object") ) { $result = Invoke-ADCNitroApi -ADCSession $ADCSession -Method PUT -NitroPath nitro/v1/config -Type sslprofile_sslcertkey_binding -Payload $payload -GetWarning #HTTP Status Code on Success: 201 Created #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error if ( $PSBoundParameters.ContainsKey('PassThru') ) { Write-Output (Invoke-ADCGetSslprofilesslcertkeybinding -Filter $payload) } else { Write-Output $result } } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCAddSslprofilesslcertkeybinding: Finished" } } function Invoke-ADCDeleteSslprofilesslcertkeybinding { <# .SYNOPSIS Delete SSL configuration Object. .DESCRIPTION Binding object showing the sslcertkey that can be bound to sslprofile. .PARAMETER Name Name of the SSL profile. .PARAMETER Sslicacertkey The certkey (CA certificate + private key) to be used for SSL interception. .EXAMPLE PS C:\>Invoke-ADCDeleteSslprofilesslcertkeybinding -Name <string> An example how to delete sslprofile_sslcertkey_binding configuration Object(s). .NOTES File Name : Invoke-ADCDeleteSslprofilesslcertkeybinding Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslprofile_sslcertkey_binding/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(Mandatory)] [string]$Name, [string]$Sslicacertkey ) begin { Write-Verbose "Invoke-ADCDeleteSslprofilesslcertkeybinding: Starting" } process { try { $arguments = @{ } if ( $PSBoundParameters.ContainsKey('Sslicacertkey') ) { $arguments.Add('sslicacertkey', $Sslicacertkey) } if ( $PSCmdlet.ShouldProcess("$name", "Delete SSL configuration Object") ) { $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method DELETE -Type sslprofile_sslcertkey_binding -NitroPath nitro/v1/config -Resource $name -Arguments $arguments #HTTP Status Code on Success: 200 OK #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error Write-Output $response } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCDeleteSslprofilesslcertkeybinding: Finished" } } function Invoke-ADCGetSslprofilesslcertkeybinding { <# .SYNOPSIS Get SSL configuration object(s). .DESCRIPTION Binding object showing the sslcertkey that can be bound to sslprofile. .PARAMETER Name Name of the SSL profile. .PARAMETER GetAll Retrieve all sslprofile_sslcertkey_binding object(s). .PARAMETER Count If specified, the count of the sslprofile_sslcertkey_binding object(s) will be returned. .PARAMETER Filter Specify a filter. -Filter @{ 'name'='<value>' } .PARAMETER ViewSummary When specified, only a summary of information is returned. .EXAMPLE PS C:\>Invoke-ADCGetSslprofilesslcertkeybinding Get data. .EXAMPLE PS C:\>Invoke-ADCGetSslprofilesslcertkeybinding -GetAll Get all sslprofile_sslcertkey_binding data. .EXAMPLE PS C:\>Invoke-ADCGetSslprofilesslcertkeybinding -Count Get the number of sslprofile_sslcertkey_binding objects. .EXAMPLE PS C:\>Invoke-ADCGetSslprofilesslcertkeybinding -name <string> Get sslprofile_sslcertkey_binding object by specifying for example the name. .EXAMPLE PS C:\>Invoke-ADCGetSslprofilesslcertkeybinding -Filter @{ 'name'='<value>' } Get sslprofile_sslcertkey_binding data with a filter. .NOTES File Name : Invoke-ADCGetSslprofilesslcertkeybinding Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslprofile_sslcertkey_binding/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(DefaultParameterSetName = "GetAll")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(ParameterSetName = 'GetByResource')] [ValidateLength(1, 127)] [string]$Name, [Parameter(ParameterSetName = 'Count', Mandatory)] [Switch]$Count, [hashtable]$Filter = @{ }, [Parameter(ParameterSetName = 'GetAll')] [Switch]$GetAll ) begin { Write-Verbose "Invoke-ADCGetSslprofilesslcertkeybinding: Beginning" } process { try { if ( $PsCmdlet.ParameterSetName -eq 'GetAll' ) { $query = @{ bulkbindings = 'yes' } Write-Verbose "Retrieving all sslprofile_sslcertkey_binding objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslprofile_sslcertkey_binding -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'Count' ) { if ( $PSBoundParameters.ContainsKey('Count') ) { $query = @{ 'count' = 'yes' } } Write-Verbose "Retrieving total count for sslprofile_sslcertkey_binding objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslprofile_sslcertkey_binding -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByArgument' ) { Write-Verbose "Retrieving sslprofile_sslcertkey_binding objects by arguments" $arguments = @{ } $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslprofile_sslcertkey_binding -NitroPath nitro/v1/config -Arguments $arguments -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByResource' ) { Write-Verbose "Retrieving sslprofile_sslcertkey_binding configuration for property 'name'" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslprofile_sslcertkey_binding -NitroPath nitro/v1/config -Resource $name -Summary:$ViewSummary -Filter $Filter -GetWarning } else { Write-Verbose "Retrieving sslprofile_sslcertkey_binding configuration objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslprofile_sslcertkey_binding -NitroPath nitro/v1/config -Summary:$ViewSummary -Query $query -Filter $Filter -GetWarning } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" $response = $null } Write-Output $response } end { Write-Verbose "Invoke-ADCGetSslprofilesslcertkeybinding: Ended" } } function Invoke-ADCAddSslprofilesslciphersuitebinding { <# .SYNOPSIS Add SSL configuration Object. .DESCRIPTION Binding object showing the sslciphersuite that can be bound to sslprofile. .PARAMETER Name Name of the SSL profile. .PARAMETER Ciphername The cipher group/alias/individual cipher configuration. .PARAMETER Cipherpriority cipher priority. .PARAMETER PassThru Return details about the created sslprofile_sslciphersuite_binding item. .EXAMPLE PS C:\>Invoke-ADCAddSslprofilesslciphersuitebinding -name <string> An example how to add sslprofile_sslciphersuite_binding configuration Object(s). .NOTES File Name : Invoke-ADCAddSslprofilesslciphersuitebinding Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslprofile_sslciphersuite_binding/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(Mandatory)] [ValidateLength(1, 127)] [string]$Name, [string]$Ciphername, [double]$Cipherpriority, [Switch]$PassThru ) begin { Write-Verbose "Invoke-ADCAddSslprofilesslciphersuitebinding: Starting" } process { try { $payload = @{ name = $name } if ( $PSBoundParameters.ContainsKey('ciphername') ) { $payload.Add('ciphername', $ciphername) } if ( $PSBoundParameters.ContainsKey('cipherpriority') ) { $payload.Add('cipherpriority', $cipherpriority) } if ( $PSCmdlet.ShouldProcess("sslprofile_sslciphersuite_binding", "Add SSL configuration Object") ) { $result = Invoke-ADCNitroApi -ADCSession $ADCSession -Method PUT -NitroPath nitro/v1/config -Type sslprofile_sslciphersuite_binding -Payload $payload -GetWarning #HTTP Status Code on Success: 201 Created #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error if ( $PSBoundParameters.ContainsKey('PassThru') ) { Write-Output (Invoke-ADCGetSslprofilesslciphersuitebinding -Filter $payload) } else { Write-Output $result } } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCAddSslprofilesslciphersuitebinding: Finished" } } function Invoke-ADCDeleteSslprofilesslciphersuitebinding { <# .SYNOPSIS Delete SSL configuration Object. .DESCRIPTION Binding object showing the sslciphersuite that can be bound to sslprofile. .PARAMETER Name Name of the SSL profile. .PARAMETER Ciphername The cipher group/alias/individual cipher configuration. .EXAMPLE PS C:\>Invoke-ADCDeleteSslprofilesslciphersuitebinding -Name <string> An example how to delete sslprofile_sslciphersuite_binding configuration Object(s). .NOTES File Name : Invoke-ADCDeleteSslprofilesslciphersuitebinding Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslprofile_sslciphersuite_binding/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(Mandatory)] [string]$Name, [string]$Ciphername ) begin { Write-Verbose "Invoke-ADCDeleteSslprofilesslciphersuitebinding: Starting" } process { try { $arguments = @{ } if ( $PSBoundParameters.ContainsKey('Ciphername') ) { $arguments.Add('ciphername', $Ciphername) } if ( $PSCmdlet.ShouldProcess("$name", "Delete SSL configuration Object") ) { $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method DELETE -Type sslprofile_sslciphersuite_binding -NitroPath nitro/v1/config -Resource $name -Arguments $arguments #HTTP Status Code on Success: 200 OK #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error Write-Output $response } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCDeleteSslprofilesslciphersuitebinding: Finished" } } function Invoke-ADCGetSslprofilesslciphersuitebinding { <# .SYNOPSIS Get SSL configuration object(s). .DESCRIPTION Binding object showing the sslciphersuite that can be bound to sslprofile. .PARAMETER Name Name of the SSL profile. .PARAMETER GetAll Retrieve all sslprofile_sslciphersuite_binding object(s). .PARAMETER Count If specified, the count of the sslprofile_sslciphersuite_binding object(s) will be returned. .PARAMETER Filter Specify a filter. -Filter @{ 'name'='<value>' } .PARAMETER ViewSummary When specified, only a summary of information is returned. .EXAMPLE PS C:\>Invoke-ADCGetSslprofilesslciphersuitebinding Get data. .EXAMPLE PS C:\>Invoke-ADCGetSslprofilesslciphersuitebinding -GetAll Get all sslprofile_sslciphersuite_binding data. .EXAMPLE PS C:\>Invoke-ADCGetSslprofilesslciphersuitebinding -Count Get the number of sslprofile_sslciphersuite_binding objects. .EXAMPLE PS C:\>Invoke-ADCGetSslprofilesslciphersuitebinding -name <string> Get sslprofile_sslciphersuite_binding object by specifying for example the name. .EXAMPLE PS C:\>Invoke-ADCGetSslprofilesslciphersuitebinding -Filter @{ 'name'='<value>' } Get sslprofile_sslciphersuite_binding data with a filter. .NOTES File Name : Invoke-ADCGetSslprofilesslciphersuitebinding Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslprofile_sslciphersuite_binding/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(DefaultParameterSetName = "GetAll")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(ParameterSetName = 'GetByResource')] [ValidateLength(1, 127)] [string]$Name, [Parameter(ParameterSetName = 'Count', Mandatory)] [Switch]$Count, [hashtable]$Filter = @{ }, [Parameter(ParameterSetName = 'GetAll')] [Switch]$GetAll ) begin { Write-Verbose "Invoke-ADCGetSslprofilesslciphersuitebinding: Beginning" } process { try { if ( $PsCmdlet.ParameterSetName -eq 'GetAll' ) { $query = @{ bulkbindings = 'yes' } Write-Verbose "Retrieving all sslprofile_sslciphersuite_binding objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslprofile_sslciphersuite_binding -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'Count' ) { if ( $PSBoundParameters.ContainsKey('Count') ) { $query = @{ 'count' = 'yes' } } Write-Verbose "Retrieving total count for sslprofile_sslciphersuite_binding objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslprofile_sslciphersuite_binding -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByArgument' ) { Write-Verbose "Retrieving sslprofile_sslciphersuite_binding objects by arguments" $arguments = @{ } $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslprofile_sslciphersuite_binding -NitroPath nitro/v1/config -Arguments $arguments -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByResource' ) { Write-Verbose "Retrieving sslprofile_sslciphersuite_binding configuration for property 'name'" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslprofile_sslciphersuite_binding -NitroPath nitro/v1/config -Resource $name -Summary:$ViewSummary -Filter $Filter -GetWarning } else { Write-Verbose "Retrieving sslprofile_sslciphersuite_binding configuration objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslprofile_sslciphersuite_binding -NitroPath nitro/v1/config -Summary:$ViewSummary -Query $query -Filter $Filter -GetWarning } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" $response = $null } Write-Output $response } end { Write-Verbose "Invoke-ADCGetSslprofilesslciphersuitebinding: Ended" } } function Invoke-ADCAddSslprofilesslcipherbinding { <# .SYNOPSIS Add SSL configuration Object. .DESCRIPTION Binding object showing the sslcipher that can be bound to sslprofile. .PARAMETER Name Name of the SSL profile. .PARAMETER Ciphername Name of the cipher. .PARAMETER Cipherpriority cipher priority. .PARAMETER PassThru Return details about the created sslprofile_sslcipher_binding item. .EXAMPLE PS C:\>Invoke-ADCAddSslprofilesslcipherbinding -name <string> An example how to add sslprofile_sslcipher_binding configuration Object(s). .NOTES File Name : Invoke-ADCAddSslprofilesslcipherbinding Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslprofile_sslcipher_binding/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(Mandatory)] [ValidateLength(1, 127)] [string]$Name, [ValidateScript({ $_.Length -gt 1 })] [string]$Ciphername, [double]$Cipherpriority, [Switch]$PassThru ) begin { Write-Verbose "Invoke-ADCAddSslprofilesslcipherbinding: Starting" } process { try { $payload = @{ name = $name } if ( $PSBoundParameters.ContainsKey('ciphername') ) { $payload.Add('ciphername', $ciphername) } if ( $PSBoundParameters.ContainsKey('cipherpriority') ) { $payload.Add('cipherpriority', $cipherpriority) } if ( $PSCmdlet.ShouldProcess("sslprofile_sslcipher_binding", "Add SSL configuration Object") ) { $result = Invoke-ADCNitroApi -ADCSession $ADCSession -Method PUT -NitroPath nitro/v1/config -Type sslprofile_sslcipher_binding -Payload $payload -GetWarning #HTTP Status Code on Success: 201 Created #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error if ( $PSBoundParameters.ContainsKey('PassThru') ) { Write-Output (Invoke-ADCGetSslprofilesslcipherbinding -Filter $payload) } else { Write-Output $result } } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCAddSslprofilesslcipherbinding: Finished" } } function Invoke-ADCDeleteSslprofilesslcipherbinding { <# .SYNOPSIS Delete SSL configuration Object. .DESCRIPTION Binding object showing the sslcipher that can be bound to sslprofile. .PARAMETER Name Name of the SSL profile. .PARAMETER Ciphername Name of the cipher. .EXAMPLE PS C:\>Invoke-ADCDeleteSslprofilesslcipherbinding -Name <string> An example how to delete sslprofile_sslcipher_binding configuration Object(s). .NOTES File Name : Invoke-ADCDeleteSslprofilesslcipherbinding Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslprofile_sslcipher_binding/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(Mandatory)] [string]$Name, [string]$Ciphername ) begin { Write-Verbose "Invoke-ADCDeleteSslprofilesslcipherbinding: Starting" } process { try { $arguments = @{ } if ( $PSBoundParameters.ContainsKey('Ciphername') ) { $arguments.Add('ciphername', $Ciphername) } if ( $PSCmdlet.ShouldProcess("$name", "Delete SSL configuration Object") ) { $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method DELETE -Type sslprofile_sslcipher_binding -NitroPath nitro/v1/config -Resource $name -Arguments $arguments #HTTP Status Code on Success: 200 OK #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error Write-Output $response } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCDeleteSslprofilesslcipherbinding: Finished" } } function Invoke-ADCGetSslprofilesslcipherbinding { <# .SYNOPSIS Get SSL configuration object(s). .DESCRIPTION Binding object showing the sslcipher that can be bound to sslprofile. .PARAMETER Name Name of the SSL profile. .PARAMETER GetAll Retrieve all sslprofile_sslcipher_binding object(s). .PARAMETER Count If specified, the count of the sslprofile_sslcipher_binding object(s) will be returned. .PARAMETER Filter Specify a filter. -Filter @{ 'name'='<value>' } .PARAMETER ViewSummary When specified, only a summary of information is returned. .EXAMPLE PS C:\>Invoke-ADCGetSslprofilesslcipherbinding Get data. .EXAMPLE PS C:\>Invoke-ADCGetSslprofilesslcipherbinding -GetAll Get all sslprofile_sslcipher_binding data. .EXAMPLE PS C:\>Invoke-ADCGetSslprofilesslcipherbinding -Count Get the number of sslprofile_sslcipher_binding objects. .EXAMPLE PS C:\>Invoke-ADCGetSslprofilesslcipherbinding -name <string> Get sslprofile_sslcipher_binding object by specifying for example the name. .EXAMPLE PS C:\>Invoke-ADCGetSslprofilesslcipherbinding -Filter @{ 'name'='<value>' } Get sslprofile_sslcipher_binding data with a filter. .NOTES File Name : Invoke-ADCGetSslprofilesslcipherbinding Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslprofile_sslcipher_binding/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(DefaultParameterSetName = "GetAll")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(ParameterSetName = 'GetByResource')] [ValidateLength(1, 127)] [string]$Name, [Parameter(ParameterSetName = 'Count', Mandatory)] [Switch]$Count, [hashtable]$Filter = @{ }, [Parameter(ParameterSetName = 'GetAll')] [Switch]$GetAll ) begin { Write-Verbose "Invoke-ADCGetSslprofilesslcipherbinding: Beginning" } process { try { if ( $PsCmdlet.ParameterSetName -eq 'GetAll' ) { $query = @{ bulkbindings = 'yes' } Write-Verbose "Retrieving all sslprofile_sslcipher_binding objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslprofile_sslcipher_binding -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'Count' ) { if ( $PSBoundParameters.ContainsKey('Count') ) { $query = @{ 'count' = 'yes' } } Write-Verbose "Retrieving total count for sslprofile_sslcipher_binding objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslprofile_sslcipher_binding -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByArgument' ) { Write-Verbose "Retrieving sslprofile_sslcipher_binding objects by arguments" $arguments = @{ } $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslprofile_sslcipher_binding -NitroPath nitro/v1/config -Arguments $arguments -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByResource' ) { Write-Verbose "Retrieving sslprofile_sslcipher_binding configuration for property 'name'" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslprofile_sslcipher_binding -NitroPath nitro/v1/config -Resource $name -Summary:$ViewSummary -Filter $Filter -GetWarning } else { Write-Verbose "Retrieving sslprofile_sslcipher_binding configuration objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslprofile_sslcipher_binding -NitroPath nitro/v1/config -Summary:$ViewSummary -Query $query -Filter $Filter -GetWarning } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" $response = $null } Write-Output $response } end { Write-Verbose "Invoke-ADCGetSslprofilesslcipherbinding: Ended" } } function Invoke-ADCGetSslprofilesslvserverbinding { <# .SYNOPSIS Get SSL configuration object(s). .DESCRIPTION Binding object showing the sslvserver that can be bound to sslprofile. .PARAMETER Name Name of the SSL profile. .PARAMETER GetAll Retrieve all sslprofile_sslvserver_binding object(s). .PARAMETER Count If specified, the count of the sslprofile_sslvserver_binding object(s) will be returned. .PARAMETER Filter Specify a filter. -Filter @{ 'name'='<value>' } .PARAMETER ViewSummary When specified, only a summary of information is returned. .EXAMPLE PS C:\>Invoke-ADCGetSslprofilesslvserverbinding Get data. .EXAMPLE PS C:\>Invoke-ADCGetSslprofilesslvserverbinding -GetAll Get all sslprofile_sslvserver_binding data. .EXAMPLE PS C:\>Invoke-ADCGetSslprofilesslvserverbinding -Count Get the number of sslprofile_sslvserver_binding objects. .EXAMPLE PS C:\>Invoke-ADCGetSslprofilesslvserverbinding -name <string> Get sslprofile_sslvserver_binding object by specifying for example the name. .EXAMPLE PS C:\>Invoke-ADCGetSslprofilesslvserverbinding -Filter @{ 'name'='<value>' } Get sslprofile_sslvserver_binding data with a filter. .NOTES File Name : Invoke-ADCGetSslprofilesslvserverbinding Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslprofile_sslvserver_binding/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(DefaultParameterSetName = "GetAll")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(ParameterSetName = 'GetByResource')] [ValidateLength(1, 127)] [string]$Name, [Parameter(ParameterSetName = 'Count', Mandatory)] [Switch]$Count, [hashtable]$Filter = @{ }, [Parameter(ParameterSetName = 'GetAll')] [Switch]$GetAll ) begin { Write-Verbose "Invoke-ADCGetSslprofilesslvserverbinding: Beginning" } process { try { if ( $PsCmdlet.ParameterSetName -eq 'GetAll' ) { $query = @{ bulkbindings = 'yes' } Write-Verbose "Retrieving all sslprofile_sslvserver_binding objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslprofile_sslvserver_binding -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'Count' ) { if ( $PSBoundParameters.ContainsKey('Count') ) { $query = @{ 'count' = 'yes' } } Write-Verbose "Retrieving total count for sslprofile_sslvserver_binding objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslprofile_sslvserver_binding -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByArgument' ) { Write-Verbose "Retrieving sslprofile_sslvserver_binding objects by arguments" $arguments = @{ } $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslprofile_sslvserver_binding -NitroPath nitro/v1/config -Arguments $arguments -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByResource' ) { Write-Verbose "Retrieving sslprofile_sslvserver_binding configuration for property 'name'" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslprofile_sslvserver_binding -NitroPath nitro/v1/config -Resource $name -Summary:$ViewSummary -Filter $Filter -GetWarning } else { Write-Verbose "Retrieving sslprofile_sslvserver_binding configuration objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslprofile_sslvserver_binding -NitroPath nitro/v1/config -Summary:$ViewSummary -Query $query -Filter $Filter -GetWarning } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" $response = $null } Write-Output $response } end { Write-Verbose "Invoke-ADCGetSslprofilesslvserverbinding: Ended" } } function Invoke-ADCCreateSslrsakey { <# .SYNOPSIS Create SSL configuration Object. .DESCRIPTION Configuration for RSA key resource. .PARAMETER Keyfile Name for and, optionally, path to the RSA key file. /nsconfig/ssl/ is the default path. .PARAMETER Bits Size, in bits, of the RSA key. .PARAMETER Exponent Public exponent for the RSA key. The exponent is part of the cipher algorithm and is required for creating the RSA key. Possible values = 3, F4 .PARAMETER Keyform Format in which the RSA key file is stored on the appliance. Possible values = DER, PEM .PARAMETER Des Encrypt the generated RSA key by using the DES algorithm. On the command line, you are prompted to enter the pass phrase (password) that is used to encrypt the key. .PARAMETER Des3 Encrypt the generated RSA key by using the Triple-DES algorithm. On the command line, you are prompted to enter the pass phrase (password) that is used to encrypt the key. .PARAMETER Aes256 Encrypt the generated RSA key by using the AES algorithm. .PARAMETER Password Pass phrase to use for encryption if DES or DES3 option is selected. .PARAMETER Pkcs8 Create the private key in PKCS#8 format. .EXAMPLE PS C:\>Invoke-ADCCreateSslrsakey -keyfile <string> -bits <double> An example how to create sslrsakey configuration Object(s). .NOTES File Name : Invoke-ADCCreateSslrsakey Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslrsakey/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(Mandatory)] [string]$Keyfile, [Parameter(Mandatory)] [ValidateRange(512, 4096)] [double]$Bits, [ValidateSet('3', 'F4')] [string]$Exponent, [ValidateSet('DER', 'PEM')] [string]$Keyform, [boolean]$Des, [boolean]$Des3, [boolean]$Aes256, [ValidateLength(1, 31)] [string]$Password, [boolean]$Pkcs8 ) begin { Write-Verbose "Invoke-ADCCreateSslrsakey: Starting" } process { try { $payload = @{ keyfile = $keyfile bits = $bits } if ( $PSBoundParameters.ContainsKey('exponent') ) { $payload.Add('exponent', $exponent) } if ( $PSBoundParameters.ContainsKey('keyform') ) { $payload.Add('keyform', $keyform) } if ( $PSBoundParameters.ContainsKey('des') ) { $payload.Add('des', $des) } if ( $PSBoundParameters.ContainsKey('des3') ) { $payload.Add('des3', $des3) } if ( $PSBoundParameters.ContainsKey('aes256') ) { $payload.Add('aes256', $aes256) } if ( $PSBoundParameters.ContainsKey('password') ) { $payload.Add('password', $password) } if ( $PSBoundParameters.ContainsKey('pkcs8') ) { $payload.Add('pkcs8', $pkcs8) } if ( $PSCmdlet.ShouldProcess($Name, "Create SSL configuration Object") ) { $result = Invoke-ADCNitroApi -ADCSession $ADCSession -Method POST -NitroPath nitro/v1/config -Type sslrsakey -Action create -Payload $payload -GetWarning #HTTP Status Code on Success: 200 OK #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error Write-Output $result } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCCreateSslrsakey: Finished" } } function Invoke-ADCUpdateSslservice { <# .SYNOPSIS Update SSL configuration Object. .DESCRIPTION Configuration for SSL service resource. .PARAMETER Servicename Name of the SSL service. .PARAMETER Dh State of Diffie-Hellman (DH) key exchange. This parameter is not applicable when configuring a backend service. Possible values = ENABLED, DISABLED .PARAMETER Dhfile Name for and, optionally, path to the PEM-format DH parameter file to be installed. /nsconfig/ssl/ is the default path. This parameter is not applicable when configuring a backend service. .PARAMETER Dhcount Number of interactions, between the client and the Citrix ADC, after which the DH private-public pair is regenerated. A value of zero (0) specifies refresh every time. This parameter is not applicable when configuring a backend service. Allowed DH count values are 0 and >= 500. .PARAMETER Dhkeyexpsizelimit This option enables the use of NIST recommended (NIST Special Publication 800-56A) bit size for private-key size. For example, for DH params of size 2048bit, the private-key size recommended is 224bits. This is rounded-up to 256bits. Possible values = ENABLED, DISABLED .PARAMETER Ersa State of Ephemeral RSA (eRSA) key exchange. Ephemeral RSA allows clients that support only export ciphers to communicate with the secure server even if the server certificate does not support export clients. The ephemeral RSA key is automatically generated when you bind an export cipher to an SSL or TCP-based SSL virtual server or service. When you remove the export cipher, the eRSA key is not deleted. It is reused at a later date when another export cipher is bound to an SSL or TCP-based SSL virtual server or service. The eRSA key is deleted when the appliance restarts. This parameter is not applicable when configuring a backend service. Possible values = ENABLED, DISABLED .PARAMETER Ersacount Refresh count for regeneration of RSA public-key and private-key pair. Zero (0) specifies infinite usage (no refresh). This parameter is not applicable when configuring a backend service. .PARAMETER Sessreuse State of session reuse. Establishing the initial handshake requires CPU-intensive public key encryption operations. With the ENABLED setting, session key exchange is avoided for session resumption requests received from the client. Possible values = ENABLED, DISABLED .PARAMETER Sesstimeout Time, in seconds, for which to keep the session active. Any session resumption request received after the timeout period will require a fresh SSL handshake and establishment of a new SSL session. .PARAMETER Cipherredirect State of Cipher Redirect. If this parameter is set to ENABLED, you can configure an SSL virtual server or service to display meaningful error messages if the SSL handshake fails because of a cipher mismatch between the virtual server or service and the client. This parameter is not applicable when configuring a backend service. Possible values = ENABLED, DISABLED .PARAMETER Cipherurl URL of the page to which to redirect the client in case of a cipher mismatch. Typically, this page has a clear explanation of the error or an alternative location that the transaction can continue from. This parameter is not applicable when configuring a backend service. .PARAMETER Sslv2redirect State of SSLv2 Redirect. If this parameter is set to ENABLED, you can configure an SSL virtual server or service to display meaningful error messages if the SSL handshake fails because of a protocol version mismatch between the virtual server or service and the client. This parameter is not applicable when configuring a backend service. Possible values = ENABLED, DISABLED .PARAMETER Sslv2url URL of the page to which to redirect the client in case of a protocol version mismatch. Typically, this page has a clear explanation of the error or an alternative location that the transaction can continue from. This parameter is not applicable when configuring a backend service. .PARAMETER Clientauth State of client authentication. In service-based SSL offload, the service terminates the SSL handshake if the SSL client does not provide a valid certificate. This parameter is not applicable when configuring a backend service. Possible values = ENABLED, DISABLED .PARAMETER Clientcert Type of client authentication. If this parameter is set to MANDATORY, the appliance terminates the SSL handshake if the SSL client does not provide a valid certificate. With the OPTIONAL setting, the appliance requests a certificate from the SSL clients but proceeds with the SSL transaction even if the client presents an invalid certificate. This parameter is not applicable when configuring a backend SSL service. Caution: Define proper access control policies before changing this setting to Optional. Possible values = Mandatory, Optional .PARAMETER Sslredirect State of HTTPS redirects for the SSL service. For an SSL session, if the client browser receives a redirect message, the browser tries to connect to the new location. However, the secure SSL session breaks if the object has moved from a secure site (https://) to an unsecure site (http://). Typically, a warning message appears on the screen, prompting the user to continue or disconnect. If SSL Redirect is ENABLED, the redirect message is automatically converted from http:// to https:// and the SSL session does not break. This parameter is not applicable when configuring a backend service. Possible values = ENABLED, DISABLED .PARAMETER Redirectportrewrite State of the port rewrite while performing HTTPS redirect. If this parameter is set to ENABLED, and the URL from the server does not contain the standard port, the port is rewritten to the standard. Possible values = ENABLED, DISABLED .PARAMETER Ssl2 State of SSLv2 protocol support for the SSL service. This parameter is not applicable when configuring a backend service. Possible values = ENABLED, DISABLED .PARAMETER Ssl3 State of SSLv3 protocol support for the SSL service. Note: On platforms with SSL acceleration chips, if the SSL chip does not support SSLv3, this parameter cannot be set to ENABLED. Possible values = ENABLED, DISABLED .PARAMETER Tls1 State of TLSv1.0 protocol support for the SSL service. Possible values = ENABLED, DISABLED .PARAMETER Tls11 State of TLSv1.1 protocol support for the SSL service. Possible values = ENABLED, DISABLED .PARAMETER Tls12 State of TLSv1.2 protocol support for the SSL service. Possible values = ENABLED, DISABLED .PARAMETER Tls13 State of TLSv1.3 protocol support for the SSL service. Possible values = ENABLED, DISABLED .PARAMETER Dtls1 State of DTLSv1.0 protocol support for the SSL service. Possible values = ENABLED, DISABLED .PARAMETER Dtls12 State of DTLSv1.2 protocol support for the SSL service. Possible values = ENABLED, DISABLED .PARAMETER Snienable State of the Server Name Indication (SNI) feature on the virtual server and service-based offload. SNI helps to enable SSL encryption on multiple domains on a single virtual server or service if the domains are controlled by the same organization and share the same second-level domain name. For example, *.sports.net can be used to secure domains such as login.sports.net and help.sports.net. Possible values = ENABLED, DISABLED .PARAMETER Ocspstapling State of OCSP stapling support on the SSL virtual server. Supported only if the protocol used is higher than SSLv3. Possible values: ENABLED: The appliance sends a request to the OCSP responder to check the status of the server certificate and caches the response for the specified time. If the response is valid at the time of SSL handshake with the client, the OCSP-based server certificate status is sent to the client during the handshake. DISABLED: The appliance does not check the status of the server certificate. . Possible values = ENABLED, DISABLED .PARAMETER Serverauth State of server authentication support for the SSL service. Possible values = ENABLED, DISABLED .PARAMETER Commonname Name to be checked against the CommonName (CN) field in the server certificate bound to the SSL server. .PARAMETER Pushenctrigger Trigger encryption on the basis of the PUSH flag value. Available settings function as follows: * ALWAYS - Any PUSH packet triggers encryption. * IGNORE - Ignore PUSH packet for triggering encryption. * MERGE - For a consecutive sequence of PUSH packets, the last PUSH packet triggers encryption. * TIMER - PUSH packet triggering encryption is delayed by the time defined in the set ssl parameter command or in the Change Advanced SSL Settings dialog box. Possible values = Always, Merge, Ignore, Timer .PARAMETER Sendclosenotify Enable sending SSL Close-Notify at the end of a transaction. Possible values = YES, NO .PARAMETER Dtlsprofilename Name of the DTLS profile that contains DTLS settings for the service. .PARAMETER Sslprofile Name of the SSL profile that contains SSL settings for the service. .PARAMETER Strictsigdigestcheck Parameter indicating to check whether peer's certificate during TLS1.2 handshake is signed with one of signature-hash combination supported by Citrix ADC. Possible values = ENABLED, DISABLED .PARAMETER PassThru Return details about the created sslservice item. .EXAMPLE PS C:\>Invoke-ADCUpdateSslservice -servicename <string> An example how to update sslservice configuration Object(s). .NOTES File Name : Invoke-ADCUpdateSslservice Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslservice/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(Mandatory)] [ValidateScript({ $_.Length -gt 1 })] [string]$Servicename, [ValidateSet('ENABLED', 'DISABLED')] [string]$Dh, [ValidateScript({ $_.Length -gt 1 })] [string]$Dhfile, [ValidateRange(0, 65534)] [double]$Dhcount, [ValidateSet('ENABLED', 'DISABLED')] [string]$Dhkeyexpsizelimit, [ValidateSet('ENABLED', 'DISABLED')] [string]$Ersa, [ValidateRange(0, 65534)] [double]$Ersacount, [ValidateSet('ENABLED', 'DISABLED')] [string]$Sessreuse, [ValidateRange(0, 4294967294)] [double]$Sesstimeout, [ValidateSet('ENABLED', 'DISABLED')] [string]$Cipherredirect, [string]$Cipherurl, [ValidateSet('ENABLED', 'DISABLED')] [string]$Sslv2redirect, [string]$Sslv2url, [ValidateSet('ENABLED', 'DISABLED')] [string]$Clientauth, [ValidateSet('Mandatory', 'Optional')] [string]$Clientcert, [ValidateSet('ENABLED', 'DISABLED')] [string]$Sslredirect, [ValidateSet('ENABLED', 'DISABLED')] [string]$Redirectportrewrite, [ValidateSet('ENABLED', 'DISABLED')] [string]$Ssl2, [ValidateSet('ENABLED', 'DISABLED')] [string]$Ssl3, [ValidateSet('ENABLED', 'DISABLED')] [string]$Tls1, [ValidateSet('ENABLED', 'DISABLED')] [string]$Tls11, [ValidateSet('ENABLED', 'DISABLED')] [string]$Tls12, [ValidateSet('ENABLED', 'DISABLED')] [string]$Tls13, [ValidateSet('ENABLED', 'DISABLED')] [string]$Dtls1, [ValidateSet('ENABLED', 'DISABLED')] [string]$Dtls12, [ValidateSet('ENABLED', 'DISABLED')] [string]$Snienable, [ValidateSet('ENABLED', 'DISABLED')] [string]$Ocspstapling, [ValidateSet('ENABLED', 'DISABLED')] [string]$Serverauth, [ValidateScript({ $_.Length -gt 1 })] [string]$Commonname, [ValidateSet('Always', 'Merge', 'Ignore', 'Timer')] [string]$Pushenctrigger, [ValidateSet('YES', 'NO')] [string]$Sendclosenotify, [ValidateLength(1, 127)] [string]$Dtlsprofilename, [ValidateLength(1, 127)] [string]$Sslprofile, [ValidateSet('ENABLED', 'DISABLED')] [string]$Strictsigdigestcheck, [Switch]$PassThru ) begin { Write-Verbose "Invoke-ADCUpdateSslservice: Starting" } process { try { $payload = @{ servicename = $servicename } if ( $PSBoundParameters.ContainsKey('dh') ) { $payload.Add('dh', $dh) } if ( $PSBoundParameters.ContainsKey('dhfile') ) { $payload.Add('dhfile', $dhfile) } if ( $PSBoundParameters.ContainsKey('dhcount') ) { $payload.Add('dhcount', $dhcount) } if ( $PSBoundParameters.ContainsKey('dhkeyexpsizelimit') ) { $payload.Add('dhkeyexpsizelimit', $dhkeyexpsizelimit) } if ( $PSBoundParameters.ContainsKey('ersa') ) { $payload.Add('ersa', $ersa) } if ( $PSBoundParameters.ContainsKey('ersacount') ) { $payload.Add('ersacount', $ersacount) } if ( $PSBoundParameters.ContainsKey('sessreuse') ) { $payload.Add('sessreuse', $sessreuse) } if ( $PSBoundParameters.ContainsKey('sesstimeout') ) { $payload.Add('sesstimeout', $sesstimeout) } if ( $PSBoundParameters.ContainsKey('cipherredirect') ) { $payload.Add('cipherredirect', $cipherredirect) } if ( $PSBoundParameters.ContainsKey('cipherurl') ) { $payload.Add('cipherurl', $cipherurl) } if ( $PSBoundParameters.ContainsKey('sslv2redirect') ) { $payload.Add('sslv2redirect', $sslv2redirect) } if ( $PSBoundParameters.ContainsKey('sslv2url') ) { $payload.Add('sslv2url', $sslv2url) } if ( $PSBoundParameters.ContainsKey('clientauth') ) { $payload.Add('clientauth', $clientauth) } if ( $PSBoundParameters.ContainsKey('clientcert') ) { $payload.Add('clientcert', $clientcert) } if ( $PSBoundParameters.ContainsKey('sslredirect') ) { $payload.Add('sslredirect', $sslredirect) } if ( $PSBoundParameters.ContainsKey('redirectportrewrite') ) { $payload.Add('redirectportrewrite', $redirectportrewrite) } if ( $PSBoundParameters.ContainsKey('ssl2') ) { $payload.Add('ssl2', $ssl2) } if ( $PSBoundParameters.ContainsKey('ssl3') ) { $payload.Add('ssl3', $ssl3) } if ( $PSBoundParameters.ContainsKey('tls1') ) { $payload.Add('tls1', $tls1) } if ( $PSBoundParameters.ContainsKey('tls11') ) { $payload.Add('tls11', $tls11) } if ( $PSBoundParameters.ContainsKey('tls12') ) { $payload.Add('tls12', $tls12) } if ( $PSBoundParameters.ContainsKey('tls13') ) { $payload.Add('tls13', $tls13) } if ( $PSBoundParameters.ContainsKey('dtls1') ) { $payload.Add('dtls1', $dtls1) } if ( $PSBoundParameters.ContainsKey('dtls12') ) { $payload.Add('dtls12', $dtls12) } if ( $PSBoundParameters.ContainsKey('snienable') ) { $payload.Add('snienable', $snienable) } if ( $PSBoundParameters.ContainsKey('ocspstapling') ) { $payload.Add('ocspstapling', $ocspstapling) } if ( $PSBoundParameters.ContainsKey('serverauth') ) { $payload.Add('serverauth', $serverauth) } if ( $PSBoundParameters.ContainsKey('commonname') ) { $payload.Add('commonname', $commonname) } if ( $PSBoundParameters.ContainsKey('pushenctrigger') ) { $payload.Add('pushenctrigger', $pushenctrigger) } if ( $PSBoundParameters.ContainsKey('sendclosenotify') ) { $payload.Add('sendclosenotify', $sendclosenotify) } if ( $PSBoundParameters.ContainsKey('dtlsprofilename') ) { $payload.Add('dtlsprofilename', $dtlsprofilename) } if ( $PSBoundParameters.ContainsKey('sslprofile') ) { $payload.Add('sslprofile', $sslprofile) } if ( $PSBoundParameters.ContainsKey('strictsigdigestcheck') ) { $payload.Add('strictsigdigestcheck', $strictsigdigestcheck) } if ( $PSCmdlet.ShouldProcess("sslservice", "Update SSL configuration Object") ) { $result = Invoke-ADCNitroApi -ADCSession $ADCSession -Method PUT -NitroPath nitro/v1/config -Type sslservice -Payload $payload -GetWarning #HTTP Status Code on Success: 200 OK #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error if ( $PSBoundParameters.ContainsKey('PassThru') ) { Write-Output (Invoke-ADCGetSslservice -Filter $payload) } else { Write-Output $result } } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCUpdateSslservice: Finished" } } function Invoke-ADCUnsetSslservice { <# .SYNOPSIS Unset SSL configuration Object. .DESCRIPTION Configuration for SSL service resource. .PARAMETER Servicename Name of the SSL service. .PARAMETER Dh State of Diffie-Hellman (DH) key exchange. This parameter is not applicable when configuring a backend service. Possible values = ENABLED, DISABLED .PARAMETER Dhfile Name for and, optionally, path to the PEM-format DH parameter file to be installed. /nsconfig/ssl/ is the default path. This parameter is not applicable when configuring a backend service. .PARAMETER Dhcount Number of interactions, between the client and the Citrix ADC, after which the DH private-public pair is regenerated. A value of zero (0) specifies refresh every time. This parameter is not applicable when configuring a backend service. Allowed DH count values are 0 and >= 500. .PARAMETER Dhkeyexpsizelimit This option enables the use of NIST recommended (NIST Special Publication 800-56A) bit size for private-key size. For example, for DH params of size 2048bit, the private-key size recommended is 224bits. This is rounded-up to 256bits. Possible values = ENABLED, DISABLED .PARAMETER Ersa State of Ephemeral RSA (eRSA) key exchange. Ephemeral RSA allows clients that support only export ciphers to communicate with the secure server even if the server certificate does not support export clients. The ephemeral RSA key is automatically generated when you bind an export cipher to an SSL or TCP-based SSL virtual server or service. When you remove the export cipher, the eRSA key is not deleted. It is reused at a later date when another export cipher is bound to an SSL or TCP-based SSL virtual server or service. The eRSA key is deleted when the appliance restarts. This parameter is not applicable when configuring a backend service. Possible values = ENABLED, DISABLED .PARAMETER Ersacount Refresh count for regeneration of RSA public-key and private-key pair. Zero (0) specifies infinite usage (no refresh). This parameter is not applicable when configuring a backend service. .PARAMETER Sessreuse State of session reuse. Establishing the initial handshake requires CPU-intensive public key encryption operations. With the ENABLED setting, session key exchange is avoided for session resumption requests received from the client. Possible values = ENABLED, DISABLED .PARAMETER Sesstimeout Time, in seconds, for which to keep the session active. Any session resumption request received after the timeout period will require a fresh SSL handshake and establishment of a new SSL session. .PARAMETER Cipherredirect State of Cipher Redirect. If this parameter is set to ENABLED, you can configure an SSL virtual server or service to display meaningful error messages if the SSL handshake fails because of a cipher mismatch between the virtual server or service and the client. This parameter is not applicable when configuring a backend service. Possible values = ENABLED, DISABLED .PARAMETER Cipherurl URL of the page to which to redirect the client in case of a cipher mismatch. Typically, this page has a clear explanation of the error or an alternative location that the transaction can continue from. This parameter is not applicable when configuring a backend service. .PARAMETER Sslv2redirect State of SSLv2 Redirect. If this parameter is set to ENABLED, you can configure an SSL virtual server or service to display meaningful error messages if the SSL handshake fails because of a protocol version mismatch between the virtual server or service and the client. This parameter is not applicable when configuring a backend service. Possible values = ENABLED, DISABLED .PARAMETER Sslv2url URL of the page to which to redirect the client in case of a protocol version mismatch. Typically, this page has a clear explanation of the error or an alternative location that the transaction can continue from. This parameter is not applicable when configuring a backend service. .PARAMETER Clientauth State of client authentication. In service-based SSL offload, the service terminates the SSL handshake if the SSL client does not provide a valid certificate. This parameter is not applicable when configuring a backend service. Possible values = ENABLED, DISABLED .PARAMETER Clientcert Type of client authentication. If this parameter is set to MANDATORY, the appliance terminates the SSL handshake if the SSL client does not provide a valid certificate. With the OPTIONAL setting, the appliance requests a certificate from the SSL clients but proceeds with the SSL transaction even if the client presents an invalid certificate. This parameter is not applicable when configuring a backend SSL service. Caution: Define proper access control policies before changing this setting to Optional. Possible values = Mandatory, Optional .PARAMETER Sslredirect State of HTTPS redirects for the SSL service. For an SSL session, if the client browser receives a redirect message, the browser tries to connect to the new location. However, the secure SSL session breaks if the object has moved from a secure site (https://) to an unsecure site (http://). Typically, a warning message appears on the screen, prompting the user to continue or disconnect. If SSL Redirect is ENABLED, the redirect message is automatically converted from http:// to https:// and the SSL session does not break. This parameter is not applicable when configuring a backend service. Possible values = ENABLED, DISABLED .PARAMETER Redirectportrewrite State of the port rewrite while performing HTTPS redirect. If this parameter is set to ENABLED, and the URL from the server does not contain the standard port, the port is rewritten to the standard. Possible values = ENABLED, DISABLED .PARAMETER Ssl2 State of SSLv2 protocol support for the SSL service. This parameter is not applicable when configuring a backend service. Possible values = ENABLED, DISABLED .PARAMETER Ssl3 State of SSLv3 protocol support for the SSL service. Note: On platforms with SSL acceleration chips, if the SSL chip does not support SSLv3, this parameter cannot be set to ENABLED. Possible values = ENABLED, DISABLED .PARAMETER Tls1 State of TLSv1.0 protocol support for the SSL service. Possible values = ENABLED, DISABLED .PARAMETER Tls11 State of TLSv1.1 protocol support for the SSL service. Possible values = ENABLED, DISABLED .PARAMETER Tls12 State of TLSv1.2 protocol support for the SSL service. Possible values = ENABLED, DISABLED .PARAMETER Tls13 State of TLSv1.3 protocol support for the SSL service. Possible values = ENABLED, DISABLED .PARAMETER Dtls1 State of DTLSv1.0 protocol support for the SSL service. Possible values = ENABLED, DISABLED .PARAMETER Dtls12 State of DTLSv1.2 protocol support for the SSL service. Possible values = ENABLED, DISABLED .PARAMETER Snienable State of the Server Name Indication (SNI) feature on the virtual server and service-based offload. SNI helps to enable SSL encryption on multiple domains on a single virtual server or service if the domains are controlled by the same organization and share the same second-level domain name. For example, *.sports.net can be used to secure domains such as login.sports.net and help.sports.net. Possible values = ENABLED, DISABLED .PARAMETER Ocspstapling State of OCSP stapling support on the SSL virtual server. Supported only if the protocol used is higher than SSLv3. Possible values: ENABLED: The appliance sends a request to the OCSP responder to check the status of the server certificate and caches the response for the specified time. If the response is valid at the time of SSL handshake with the client, the OCSP-based server certificate status is sent to the client during the handshake. DISABLED: The appliance does not check the status of the server certificate. . Possible values = ENABLED, DISABLED .PARAMETER Serverauth State of server authentication support for the SSL service. Possible values = ENABLED, DISABLED .PARAMETER Commonname Name to be checked against the CommonName (CN) field in the server certificate bound to the SSL server. .PARAMETER Sendclosenotify Enable sending SSL Close-Notify at the end of a transaction. Possible values = YES, NO .PARAMETER Dtlsprofilename Name of the DTLS profile that contains DTLS settings for the service. .PARAMETER Sslprofile Name of the SSL profile that contains SSL settings for the service. .PARAMETER Strictsigdigestcheck Parameter indicating to check whether peer's certificate during TLS1.2 handshake is signed with one of signature-hash combination supported by Citrix ADC. Possible values = ENABLED, DISABLED .EXAMPLE PS C:\>Invoke-ADCUnsetSslservice -servicename <string> An example how to unset sslservice configuration Object(s). .NOTES File Name : Invoke-ADCUnsetSslservice Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslservice Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [ValidateScript({ $_.Length -gt 1 })] [string]$Servicename, [Boolean]$dh, [Boolean]$dhfile, [Boolean]$dhcount, [Boolean]$dhkeyexpsizelimit, [Boolean]$ersa, [Boolean]$ersacount, [Boolean]$sessreuse, [Boolean]$sesstimeout, [Boolean]$cipherredirect, [Boolean]$cipherurl, [Boolean]$sslv2redirect, [Boolean]$sslv2url, [Boolean]$clientauth, [Boolean]$clientcert, [Boolean]$sslredirect, [Boolean]$redirectportrewrite, [Boolean]$ssl2, [Boolean]$ssl3, [Boolean]$tls1, [Boolean]$tls11, [Boolean]$tls12, [Boolean]$tls13, [Boolean]$dtls1, [Boolean]$dtls12, [Boolean]$snienable, [Boolean]$ocspstapling, [Boolean]$serverauth, [Boolean]$commonname, [Boolean]$sendclosenotify, [Boolean]$dtlsprofilename, [Boolean]$sslprofile, [Boolean]$strictsigdigestcheck ) begin { Write-Verbose "Invoke-ADCUnsetSslservice: Starting" } process { try { $payload = @{ servicename = $servicename } if ( $PSBoundParameters.ContainsKey('dh') ) { $payload.Add('dh', $dh) } if ( $PSBoundParameters.ContainsKey('dhfile') ) { $payload.Add('dhfile', $dhfile) } if ( $PSBoundParameters.ContainsKey('dhcount') ) { $payload.Add('dhcount', $dhcount) } if ( $PSBoundParameters.ContainsKey('dhkeyexpsizelimit') ) { $payload.Add('dhkeyexpsizelimit', $dhkeyexpsizelimit) } if ( $PSBoundParameters.ContainsKey('ersa') ) { $payload.Add('ersa', $ersa) } if ( $PSBoundParameters.ContainsKey('ersacount') ) { $payload.Add('ersacount', $ersacount) } if ( $PSBoundParameters.ContainsKey('sessreuse') ) { $payload.Add('sessreuse', $sessreuse) } if ( $PSBoundParameters.ContainsKey('sesstimeout') ) { $payload.Add('sesstimeout', $sesstimeout) } if ( $PSBoundParameters.ContainsKey('cipherredirect') ) { $payload.Add('cipherredirect', $cipherredirect) } if ( $PSBoundParameters.ContainsKey('cipherurl') ) { $payload.Add('cipherurl', $cipherurl) } if ( $PSBoundParameters.ContainsKey('sslv2redirect') ) { $payload.Add('sslv2redirect', $sslv2redirect) } if ( $PSBoundParameters.ContainsKey('sslv2url') ) { $payload.Add('sslv2url', $sslv2url) } if ( $PSBoundParameters.ContainsKey('clientauth') ) { $payload.Add('clientauth', $clientauth) } if ( $PSBoundParameters.ContainsKey('clientcert') ) { $payload.Add('clientcert', $clientcert) } if ( $PSBoundParameters.ContainsKey('sslredirect') ) { $payload.Add('sslredirect', $sslredirect) } if ( $PSBoundParameters.ContainsKey('redirectportrewrite') ) { $payload.Add('redirectportrewrite', $redirectportrewrite) } if ( $PSBoundParameters.ContainsKey('ssl2') ) { $payload.Add('ssl2', $ssl2) } if ( $PSBoundParameters.ContainsKey('ssl3') ) { $payload.Add('ssl3', $ssl3) } if ( $PSBoundParameters.ContainsKey('tls1') ) { $payload.Add('tls1', $tls1) } if ( $PSBoundParameters.ContainsKey('tls11') ) { $payload.Add('tls11', $tls11) } if ( $PSBoundParameters.ContainsKey('tls12') ) { $payload.Add('tls12', $tls12) } if ( $PSBoundParameters.ContainsKey('tls13') ) { $payload.Add('tls13', $tls13) } if ( $PSBoundParameters.ContainsKey('dtls1') ) { $payload.Add('dtls1', $dtls1) } if ( $PSBoundParameters.ContainsKey('dtls12') ) { $payload.Add('dtls12', $dtls12) } if ( $PSBoundParameters.ContainsKey('snienable') ) { $payload.Add('snienable', $snienable) } if ( $PSBoundParameters.ContainsKey('ocspstapling') ) { $payload.Add('ocspstapling', $ocspstapling) } if ( $PSBoundParameters.ContainsKey('serverauth') ) { $payload.Add('serverauth', $serverauth) } if ( $PSBoundParameters.ContainsKey('commonname') ) { $payload.Add('commonname', $commonname) } if ( $PSBoundParameters.ContainsKey('sendclosenotify') ) { $payload.Add('sendclosenotify', $sendclosenotify) } if ( $PSBoundParameters.ContainsKey('dtlsprofilename') ) { $payload.Add('dtlsprofilename', $dtlsprofilename) } if ( $PSBoundParameters.ContainsKey('sslprofile') ) { $payload.Add('sslprofile', $sslprofile) } if ( $PSBoundParameters.ContainsKey('strictsigdigestcheck') ) { $payload.Add('strictsigdigestcheck', $strictsigdigestcheck) } if ( $PSCmdlet.ShouldProcess("$servicename", "Unset SSL configuration Object") ) { $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method POST -Type sslservice -NitroPath nitro/v1/config -Action unset -Payload $payload -GetWarning #HTTP Status Code on Success: 200 OK #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error Write-Output $response } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCUnsetSslservice: Finished" } } function Invoke-ADCGetSslservice { <# .SYNOPSIS Get SSL configuration object(s). .DESCRIPTION Configuration for SSL service resource. .PARAMETER Servicename Name of the SSL service. .PARAMETER GetAll Retrieve all sslservice object(s). .PARAMETER Count If specified, the count of the sslservice object(s) will be returned. .PARAMETER Filter Specify a filter. -Filter @{ 'name'='<value>' } .PARAMETER ViewSummary When specified, only a summary of information is returned. .EXAMPLE PS C:\>Invoke-ADCGetSslservice Get data. .EXAMPLE PS C:\>Invoke-ADCGetSslservice -GetAll Get all sslservice data. .EXAMPLE PS C:\>Invoke-ADCGetSslservice -Count Get the number of sslservice objects. .EXAMPLE PS C:\>Invoke-ADCGetSslservice -name <string> Get sslservice object by specifying for example the name. .EXAMPLE PS C:\>Invoke-ADCGetSslservice -Filter @{ 'name'='<value>' } Get sslservice data with a filter. .NOTES File Name : Invoke-ADCGetSslservice Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslservice/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(DefaultParameterSetName = "GetAll")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(ParameterSetName = 'GetByResource')] [ValidateScript({ $_.Length -gt 1 })] [string]$Servicename, [Parameter(ParameterSetName = 'Count', Mandatory)] [Switch]$Count, [hashtable]$Filter = @{ }, [Parameter(ParameterSetName = 'GetAll')] [Switch]$GetAll, [Parameter(ParameterSetName = 'GetAll')] [Parameter(ParameterSetName = 'Get')] [Switch]$ViewSummary ) begin { Write-Verbose "Invoke-ADCGetSslservice: Beginning" } process { try { if ( $PsCmdlet.ParameterSetName -eq 'GetAll' ) { $query = @{ } Write-Verbose "Retrieving all sslservice objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslservice -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'Count' ) { if ( $PSBoundParameters.ContainsKey('Count') ) { $query = @{ 'count' = 'yes' } } Write-Verbose "Retrieving total count for sslservice objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslservice -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByArgument' ) { Write-Verbose "Retrieving sslservice objects by arguments" $arguments = @{ } $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslservice -NitroPath nitro/v1/config -Arguments $arguments -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByResource' ) { Write-Verbose "Retrieving sslservice configuration for property 'servicename'" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslservice -NitroPath nitro/v1/config -Resource $servicename -Summary:$ViewSummary -Filter $Filter -GetWarning } else { Write-Verbose "Retrieving sslservice configuration objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslservice -NitroPath nitro/v1/config -Summary:$ViewSummary -Query $query -Filter $Filter -GetWarning } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" $response = $null } Write-Output $response } end { Write-Verbose "Invoke-ADCGetSslservice: Ended" } } function Invoke-ADCUpdateSslservicegroup { <# .SYNOPSIS Update SSL configuration Object. .DESCRIPTION Configuration for SSL service group resource. .PARAMETER Servicegroupname Name of the SSL service group for which to set advanced configuration. .PARAMETER Sslprofile Name of the SSL profile that contains SSL settings for the Service Group. .PARAMETER Sessreuse State of session reuse. Establishing the initial handshake requires CPU-intensive public key encryption operations. With the ENABLED setting, session key exchange is avoided for session resumption requests received from the client. Possible values = ENABLED, DISABLED .PARAMETER Sesstimeout Time, in seconds, for which to keep the session active. Any session resumption request received after the timeout period will require a fresh SSL handshake and establishment of a new SSL session. .PARAMETER Ssl3 State of SSLv3 protocol support for the SSL service group. Note: On platforms with SSL acceleration chips, if the SSL chip does not support SSLv3, this parameter cannot be set to ENABLED. Possible values = ENABLED, DISABLED .PARAMETER Tls1 State of TLSv1.0 protocol support for the SSL service group. Possible values = ENABLED, DISABLED .PARAMETER Tls11 State of TLSv1.1 protocol support for the SSL service group. Possible values = ENABLED, DISABLED .PARAMETER Tls12 State of TLSv1.2 protocol support for the SSL service group. Possible values = ENABLED, DISABLED .PARAMETER Tls13 State of TLSv1.3 protocol support for the SSL service group. Possible values = ENABLED, DISABLED .PARAMETER Snienable State of the Server Name Indication (SNI) feature on the service. SNI helps to enable SSL encryption on multiple domains on a single virtual server or service if the domains are controlled by the same organization and share the same second-level domain name. For example, *.sports.net can be used to secure domains such as login.sports.net and help.sports.net. Possible values = ENABLED, DISABLED .PARAMETER Ocspstapling State of OCSP stapling support on the SSL virtual server. Supported only if the protocol used is higher than SSLv3. Possible values: ENABLED: The appliance sends a request to the OCSP responder to check the status of the server certificate and caches the response for the specified time. If the response is valid at the time of SSL handshake with the client, the OCSP-based server certificate status is sent to the client during the handshake. DISABLED: The appliance does not check the status of the server certificate. Possible values = ENABLED, DISABLED .PARAMETER Serverauth State of server authentication support for the SSL service group. Possible values = ENABLED, DISABLED .PARAMETER Commonname Name to be checked against the CommonName (CN) field in the server certificate bound to the SSL server. .PARAMETER Sendclosenotify Enable sending SSL Close-Notify at the end of a transaction. Possible values = YES, NO .PARAMETER Strictsigdigestcheck Parameter indicating to check whether peer's certificate is signed with one of signature-hash combination supported by Citrix ADC. Possible values = ENABLED, DISABLED .PARAMETER PassThru Return details about the created sslservicegroup item. .EXAMPLE PS C:\>Invoke-ADCUpdateSslservicegroup -servicegroupname <string> An example how to update sslservicegroup configuration Object(s). .NOTES File Name : Invoke-ADCUpdateSslservicegroup Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslservicegroup/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(Mandatory)] [ValidateScript({ $_.Length -gt 1 })] [string]$Servicegroupname, [ValidateLength(1, 127)] [string]$Sslprofile, [ValidateSet('ENABLED', 'DISABLED')] [string]$Sessreuse, [ValidateRange(0, 4294967294)] [double]$Sesstimeout, [ValidateSet('ENABLED', 'DISABLED')] [string]$Ssl3, [ValidateSet('ENABLED', 'DISABLED')] [string]$Tls1, [ValidateSet('ENABLED', 'DISABLED')] [string]$Tls11, [ValidateSet('ENABLED', 'DISABLED')] [string]$Tls12, [ValidateSet('ENABLED', 'DISABLED')] [string]$Tls13, [ValidateSet('ENABLED', 'DISABLED')] [string]$Snienable, [ValidateSet('ENABLED', 'DISABLED')] [string]$Ocspstapling, [ValidateSet('ENABLED', 'DISABLED')] [string]$Serverauth, [ValidateScript({ $_.Length -gt 1 })] [string]$Commonname, [ValidateSet('YES', 'NO')] [string]$Sendclosenotify, [ValidateSet('ENABLED', 'DISABLED')] [string]$Strictsigdigestcheck, [Switch]$PassThru ) begin { Write-Verbose "Invoke-ADCUpdateSslservicegroup: Starting" } process { try { $payload = @{ servicegroupname = $servicegroupname } if ( $PSBoundParameters.ContainsKey('sslprofile') ) { $payload.Add('sslprofile', $sslprofile) } if ( $PSBoundParameters.ContainsKey('sessreuse') ) { $payload.Add('sessreuse', $sessreuse) } if ( $PSBoundParameters.ContainsKey('sesstimeout') ) { $payload.Add('sesstimeout', $sesstimeout) } if ( $PSBoundParameters.ContainsKey('ssl3') ) { $payload.Add('ssl3', $ssl3) } if ( $PSBoundParameters.ContainsKey('tls1') ) { $payload.Add('tls1', $tls1) } if ( $PSBoundParameters.ContainsKey('tls11') ) { $payload.Add('tls11', $tls11) } if ( $PSBoundParameters.ContainsKey('tls12') ) { $payload.Add('tls12', $tls12) } if ( $PSBoundParameters.ContainsKey('tls13') ) { $payload.Add('tls13', $tls13) } if ( $PSBoundParameters.ContainsKey('snienable') ) { $payload.Add('snienable', $snienable) } if ( $PSBoundParameters.ContainsKey('ocspstapling') ) { $payload.Add('ocspstapling', $ocspstapling) } if ( $PSBoundParameters.ContainsKey('serverauth') ) { $payload.Add('serverauth', $serverauth) } if ( $PSBoundParameters.ContainsKey('commonname') ) { $payload.Add('commonname', $commonname) } if ( $PSBoundParameters.ContainsKey('sendclosenotify') ) { $payload.Add('sendclosenotify', $sendclosenotify) } if ( $PSBoundParameters.ContainsKey('strictsigdigestcheck') ) { $payload.Add('strictsigdigestcheck', $strictsigdigestcheck) } if ( $PSCmdlet.ShouldProcess("sslservicegroup", "Update SSL configuration Object") ) { $result = Invoke-ADCNitroApi -ADCSession $ADCSession -Method PUT -NitroPath nitro/v1/config -Type sslservicegroup -Payload $payload -GetWarning #HTTP Status Code on Success: 200 OK #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error if ( $PSBoundParameters.ContainsKey('PassThru') ) { Write-Output (Invoke-ADCGetSslservicegroup -Filter $payload) } else { Write-Output $result } } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCUpdateSslservicegroup: Finished" } } function Invoke-ADCUnsetSslservicegroup { <# .SYNOPSIS Unset SSL configuration Object. .DESCRIPTION Configuration for SSL service group resource. .PARAMETER Servicegroupname Name of the SSL service group for which to set advanced configuration. .PARAMETER Sslprofile Name of the SSL profile that contains SSL settings for the Service Group. .PARAMETER Sessreuse State of session reuse. Establishing the initial handshake requires CPU-intensive public key encryption operations. With the ENABLED setting, session key exchange is avoided for session resumption requests received from the client. Possible values = ENABLED, DISABLED .PARAMETER Sesstimeout Time, in seconds, for which to keep the session active. Any session resumption request received after the timeout period will require a fresh SSL handshake and establishment of a new SSL session. .PARAMETER Ssl3 State of SSLv3 protocol support for the SSL service group. Note: On platforms with SSL acceleration chips, if the SSL chip does not support SSLv3, this parameter cannot be set to ENABLED. Possible values = ENABLED, DISABLED .PARAMETER Tls1 State of TLSv1.0 protocol support for the SSL service group. Possible values = ENABLED, DISABLED .PARAMETER Tls11 State of TLSv1.1 protocol support for the SSL service group. Possible values = ENABLED, DISABLED .PARAMETER Tls12 State of TLSv1.2 protocol support for the SSL service group. Possible values = ENABLED, DISABLED .PARAMETER Tls13 State of TLSv1.3 protocol support for the SSL service group. Possible values = ENABLED, DISABLED .PARAMETER Snienable State of the Server Name Indication (SNI) feature on the service. SNI helps to enable SSL encryption on multiple domains on a single virtual server or service if the domains are controlled by the same organization and share the same second-level domain name. For example, *.sports.net can be used to secure domains such as login.sports.net and help.sports.net. Possible values = ENABLED, DISABLED .PARAMETER Ocspstapling State of OCSP stapling support on the SSL virtual server. Supported only if the protocol used is higher than SSLv3. Possible values: ENABLED: The appliance sends a request to the OCSP responder to check the status of the server certificate and caches the response for the specified time. If the response is valid at the time of SSL handshake with the client, the OCSP-based server certificate status is sent to the client during the handshake. DISABLED: The appliance does not check the status of the server certificate. Possible values = ENABLED, DISABLED .PARAMETER Serverauth State of server authentication support for the SSL service group. Possible values = ENABLED, DISABLED .PARAMETER Commonname Name to be checked against the CommonName (CN) field in the server certificate bound to the SSL server. .PARAMETER Sendclosenotify Enable sending SSL Close-Notify at the end of a transaction. Possible values = YES, NO .PARAMETER Strictsigdigestcheck Parameter indicating to check whether peer's certificate is signed with one of signature-hash combination supported by Citrix ADC. Possible values = ENABLED, DISABLED .EXAMPLE PS C:\>Invoke-ADCUnsetSslservicegroup -servicegroupname <string> An example how to unset sslservicegroup configuration Object(s). .NOTES File Name : Invoke-ADCUnsetSslservicegroup Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslservicegroup Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [ValidateScript({ $_.Length -gt 1 })] [string]$Servicegroupname, [Boolean]$sslprofile, [Boolean]$sessreuse, [Boolean]$sesstimeout, [Boolean]$ssl3, [Boolean]$tls1, [Boolean]$tls11, [Boolean]$tls12, [Boolean]$tls13, [Boolean]$snienable, [Boolean]$ocspstapling, [Boolean]$serverauth, [Boolean]$commonname, [Boolean]$sendclosenotify, [Boolean]$strictsigdigestcheck ) begin { Write-Verbose "Invoke-ADCUnsetSslservicegroup: Starting" } process { try { $payload = @{ servicegroupname = $servicegroupname } if ( $PSBoundParameters.ContainsKey('sslprofile') ) { $payload.Add('sslprofile', $sslprofile) } if ( $PSBoundParameters.ContainsKey('sessreuse') ) { $payload.Add('sessreuse', $sessreuse) } if ( $PSBoundParameters.ContainsKey('sesstimeout') ) { $payload.Add('sesstimeout', $sesstimeout) } if ( $PSBoundParameters.ContainsKey('ssl3') ) { $payload.Add('ssl3', $ssl3) } if ( $PSBoundParameters.ContainsKey('tls1') ) { $payload.Add('tls1', $tls1) } if ( $PSBoundParameters.ContainsKey('tls11') ) { $payload.Add('tls11', $tls11) } if ( $PSBoundParameters.ContainsKey('tls12') ) { $payload.Add('tls12', $tls12) } if ( $PSBoundParameters.ContainsKey('tls13') ) { $payload.Add('tls13', $tls13) } if ( $PSBoundParameters.ContainsKey('snienable') ) { $payload.Add('snienable', $snienable) } if ( $PSBoundParameters.ContainsKey('ocspstapling') ) { $payload.Add('ocspstapling', $ocspstapling) } if ( $PSBoundParameters.ContainsKey('serverauth') ) { $payload.Add('serverauth', $serverauth) } if ( $PSBoundParameters.ContainsKey('commonname') ) { $payload.Add('commonname', $commonname) } if ( $PSBoundParameters.ContainsKey('sendclosenotify') ) { $payload.Add('sendclosenotify', $sendclosenotify) } if ( $PSBoundParameters.ContainsKey('strictsigdigestcheck') ) { $payload.Add('strictsigdigestcheck', $strictsigdigestcheck) } if ( $PSCmdlet.ShouldProcess("$servicegroupname", "Unset SSL configuration Object") ) { $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method POST -Type sslservicegroup -NitroPath nitro/v1/config -Action unset -Payload $payload -GetWarning #HTTP Status Code on Success: 200 OK #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error Write-Output $response } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCUnsetSslservicegroup: Finished" } } function Invoke-ADCGetSslservicegroup { <# .SYNOPSIS Get SSL configuration object(s). .DESCRIPTION Configuration for SSL service group resource. .PARAMETER Servicegroupname Name of the SSL service group for which to set advanced configuration. .PARAMETER GetAll Retrieve all sslservicegroup object(s). .PARAMETER Count If specified, the count of the sslservicegroup object(s) will be returned. .PARAMETER Filter Specify a filter. -Filter @{ 'name'='<value>' } .PARAMETER ViewSummary When specified, only a summary of information is returned. .EXAMPLE PS C:\>Invoke-ADCGetSslservicegroup Get data. .EXAMPLE PS C:\>Invoke-ADCGetSslservicegroup -GetAll Get all sslservicegroup data. .EXAMPLE PS C:\>Invoke-ADCGetSslservicegroup -Count Get the number of sslservicegroup objects. .EXAMPLE PS C:\>Invoke-ADCGetSslservicegroup -name <string> Get sslservicegroup object by specifying for example the name. .EXAMPLE PS C:\>Invoke-ADCGetSslservicegroup -Filter @{ 'name'='<value>' } Get sslservicegroup data with a filter. .NOTES File Name : Invoke-ADCGetSslservicegroup Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslservicegroup/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(DefaultParameterSetName = "GetAll")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(ParameterSetName = 'GetByResource')] [ValidateScript({ $_.Length -gt 1 })] [string]$Servicegroupname, [Parameter(ParameterSetName = 'Count', Mandatory)] [Switch]$Count, [hashtable]$Filter = @{ }, [Parameter(ParameterSetName = 'GetAll')] [Switch]$GetAll, [Parameter(ParameterSetName = 'GetAll')] [Parameter(ParameterSetName = 'Get')] [Switch]$ViewSummary ) begin { Write-Verbose "Invoke-ADCGetSslservicegroup: Beginning" } process { try { if ( $PsCmdlet.ParameterSetName -eq 'GetAll' ) { $query = @{ } Write-Verbose "Retrieving all sslservicegroup objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslservicegroup -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'Count' ) { if ( $PSBoundParameters.ContainsKey('Count') ) { $query = @{ 'count' = 'yes' } } Write-Verbose "Retrieving total count for sslservicegroup objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslservicegroup -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByArgument' ) { Write-Verbose "Retrieving sslservicegroup objects by arguments" $arguments = @{ } $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslservicegroup -NitroPath nitro/v1/config -Arguments $arguments -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByResource' ) { Write-Verbose "Retrieving sslservicegroup configuration for property 'servicegroupname'" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslservicegroup -NitroPath nitro/v1/config -Resource $servicegroupname -Summary:$ViewSummary -Filter $Filter -GetWarning } else { Write-Verbose "Retrieving sslservicegroup configuration objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslservicegroup -NitroPath nitro/v1/config -Summary:$ViewSummary -Query $query -Filter $Filter -GetWarning } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" $response = $null } Write-Output $response } end { Write-Verbose "Invoke-ADCGetSslservicegroup: Ended" } } function Invoke-ADCGetSslservicegroupbinding { <# .SYNOPSIS Get SSL configuration object(s). .DESCRIPTION Binding object which returns the resources bound to sslservicegroup. .PARAMETER Servicegroupname Name of the SSL service group for which to show detailed information. .PARAMETER GetAll Retrieve all sslservicegroup_binding object(s). .PARAMETER Count If specified, the count of the sslservicegroup_binding object(s) will be returned. .PARAMETER Filter Specify a filter. -Filter @{ 'name'='<value>' } .PARAMETER ViewSummary When specified, only a summary of information is returned. .EXAMPLE PS C:\>Invoke-ADCGetSslservicegroupbinding Get data. .EXAMPLE PS C:\>Invoke-ADCGetSslservicegroupbinding -GetAll Get all sslservicegroup_binding data. .EXAMPLE PS C:\>Invoke-ADCGetSslservicegroupbinding -name <string> Get sslservicegroup_binding object by specifying for example the name. .EXAMPLE PS C:\>Invoke-ADCGetSslservicegroupbinding -Filter @{ 'name'='<value>' } Get sslservicegroup_binding data with a filter. .NOTES File Name : Invoke-ADCGetSslservicegroupbinding Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslservicegroup_binding/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(DefaultParameterSetName = "GetAll")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(ParameterSetName = 'GetByResource')] [ValidateScript({ $_.Length -gt 1 })] [string]$Servicegroupname, [hashtable]$Filter = @{ }, [Parameter(ParameterSetName = 'GetAll')] [Switch]$GetAll ) begin { Write-Verbose "Invoke-ADCGetSslservicegroupbinding: Beginning" } process { try { if ( $PsCmdlet.ParameterSetName -eq 'GetAll' ) { $query = @{ bulkbindings = 'yes' } Write-Verbose "Retrieving all sslservicegroup_binding objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslservicegroup_binding -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'Count' ) { if ( $PSBoundParameters.ContainsKey('Count') ) { $query = @{ 'count' = 'yes' } } Write-Verbose "Retrieving total count for sslservicegroup_binding objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslservicegroup_binding -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByArgument' ) { Write-Verbose "Retrieving sslservicegroup_binding objects by arguments" $arguments = @{ } $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslservicegroup_binding -NitroPath nitro/v1/config -Arguments $arguments -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByResource' ) { Write-Verbose "Retrieving sslservicegroup_binding configuration for property 'servicegroupname'" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslservicegroup_binding -NitroPath nitro/v1/config -Resource $servicegroupname -Summary:$ViewSummary -Filter $Filter -GetWarning } else { Write-Verbose "Retrieving sslservicegroup_binding configuration objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslservicegroup_binding -NitroPath nitro/v1/config -Summary:$ViewSummary -Query $query -Filter $Filter -GetWarning } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" $response = $null } Write-Output $response } end { Write-Verbose "Invoke-ADCGetSslservicegroupbinding: Ended" } } function Invoke-ADCAddSslservicegroupecccurvebinding { <# .SYNOPSIS Add SSL configuration Object. .DESCRIPTION Binding object showing the ecccurve that can be bound to sslservicegroup. .PARAMETER Servicegroupname The name of the SSL service to which the SSL policy needs to be bound. .PARAMETER Ecccurvename Named ECC curve bound to servicegroup. Possible values = ALL, P_224, P_256, P_384, P_521 .PARAMETER PassThru Return details about the created sslservicegroup_ecccurve_binding item. .EXAMPLE PS C:\>Invoke-ADCAddSslservicegroupecccurvebinding -servicegroupname <string> An example how to add sslservicegroup_ecccurve_binding configuration Object(s). .NOTES File Name : Invoke-ADCAddSslservicegroupecccurvebinding Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslservicegroup_ecccurve_binding/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(Mandatory)] [ValidateScript({ $_.Length -gt 1 })] [string]$Servicegroupname, [ValidateSet('ALL', 'P_224', 'P_256', 'P_384', 'P_521')] [string]$Ecccurvename, [Switch]$PassThru ) begin { Write-Verbose "Invoke-ADCAddSslservicegroupecccurvebinding: Starting" } process { try { $payload = @{ servicegroupname = $servicegroupname } if ( $PSBoundParameters.ContainsKey('ecccurvename') ) { $payload.Add('ecccurvename', $ecccurvename) } if ( $PSCmdlet.ShouldProcess("sslservicegroup_ecccurve_binding", "Add SSL configuration Object") ) { $result = Invoke-ADCNitroApi -ADCSession $ADCSession -Method PUT -NitroPath nitro/v1/config -Type sslservicegroup_ecccurve_binding -Payload $payload -GetWarning #HTTP Status Code on Success: 201 Created #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error if ( $PSBoundParameters.ContainsKey('PassThru') ) { Write-Output (Invoke-ADCGetSslservicegroupecccurvebinding -Filter $payload) } else { Write-Output $result } } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCAddSslservicegroupecccurvebinding: Finished" } } function Invoke-ADCDeleteSslservicegroupecccurvebinding { <# .SYNOPSIS Delete SSL configuration Object. .DESCRIPTION Binding object showing the ecccurve that can be bound to sslservicegroup. .PARAMETER Servicegroupname The name of the SSL service to which the SSL policy needs to be bound. .PARAMETER Ecccurvename Named ECC curve bound to servicegroup. Possible values = ALL, P_224, P_256, P_384, P_521 .EXAMPLE PS C:\>Invoke-ADCDeleteSslservicegroupecccurvebinding -Servicegroupname <string> An example how to delete sslservicegroup_ecccurve_binding configuration Object(s). .NOTES File Name : Invoke-ADCDeleteSslservicegroupecccurvebinding Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslservicegroup_ecccurve_binding/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(Mandatory)] [string]$Servicegroupname, [string]$Ecccurvename ) begin { Write-Verbose "Invoke-ADCDeleteSslservicegroupecccurvebinding: Starting" } process { try { $arguments = @{ } if ( $PSBoundParameters.ContainsKey('Ecccurvename') ) { $arguments.Add('ecccurvename', $Ecccurvename) } if ( $PSCmdlet.ShouldProcess("$servicegroupname", "Delete SSL configuration Object") ) { $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method DELETE -Type sslservicegroup_ecccurve_binding -NitroPath nitro/v1/config -Resource $servicegroupname -Arguments $arguments #HTTP Status Code on Success: 200 OK #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error Write-Output $response } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCDeleteSslservicegroupecccurvebinding: Finished" } } function Invoke-ADCGetSslservicegroupecccurvebinding { <# .SYNOPSIS Get SSL configuration object(s). .DESCRIPTION Binding object showing the ecccurve that can be bound to sslservicegroup. .PARAMETER Servicegroupname The name of the SSL service to which the SSL policy needs to be bound. .PARAMETER GetAll Retrieve all sslservicegroup_ecccurve_binding object(s). .PARAMETER Count If specified, the count of the sslservicegroup_ecccurve_binding object(s) will be returned. .PARAMETER Filter Specify a filter. -Filter @{ 'name'='<value>' } .PARAMETER ViewSummary When specified, only a summary of information is returned. .EXAMPLE PS C:\>Invoke-ADCGetSslservicegroupecccurvebinding Get data. .EXAMPLE PS C:\>Invoke-ADCGetSslservicegroupecccurvebinding -GetAll Get all sslservicegroup_ecccurve_binding data. .EXAMPLE PS C:\>Invoke-ADCGetSslservicegroupecccurvebinding -Count Get the number of sslservicegroup_ecccurve_binding objects. .EXAMPLE PS C:\>Invoke-ADCGetSslservicegroupecccurvebinding -name <string> Get sslservicegroup_ecccurve_binding object by specifying for example the name. .EXAMPLE PS C:\>Invoke-ADCGetSslservicegroupecccurvebinding -Filter @{ 'name'='<value>' } Get sslservicegroup_ecccurve_binding data with a filter. .NOTES File Name : Invoke-ADCGetSslservicegroupecccurvebinding Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslservicegroup_ecccurve_binding/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(DefaultParameterSetName = "GetAll")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(ParameterSetName = 'GetByResource')] [ValidateScript({ $_.Length -gt 1 })] [string]$Servicegroupname, [Parameter(ParameterSetName = 'Count', Mandatory)] [Switch]$Count, [hashtable]$Filter = @{ }, [Parameter(ParameterSetName = 'GetAll')] [Switch]$GetAll ) begin { Write-Verbose "Invoke-ADCGetSslservicegroupecccurvebinding: Beginning" } process { try { if ( $PsCmdlet.ParameterSetName -eq 'GetAll' ) { $query = @{ bulkbindings = 'yes' } Write-Verbose "Retrieving all sslservicegroup_ecccurve_binding objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslservicegroup_ecccurve_binding -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'Count' ) { if ( $PSBoundParameters.ContainsKey('Count') ) { $query = @{ 'count' = 'yes' } } Write-Verbose "Retrieving total count for sslservicegroup_ecccurve_binding objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslservicegroup_ecccurve_binding -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByArgument' ) { Write-Verbose "Retrieving sslservicegroup_ecccurve_binding objects by arguments" $arguments = @{ } $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslservicegroup_ecccurve_binding -NitroPath nitro/v1/config -Arguments $arguments -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByResource' ) { Write-Verbose "Retrieving sslservicegroup_ecccurve_binding configuration for property 'servicegroupname'" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslservicegroup_ecccurve_binding -NitroPath nitro/v1/config -Resource $servicegroupname -Summary:$ViewSummary -Filter $Filter -GetWarning } else { Write-Verbose "Retrieving sslservicegroup_ecccurve_binding configuration objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslservicegroup_ecccurve_binding -NitroPath nitro/v1/config -Summary:$ViewSummary -Query $query -Filter $Filter -GetWarning } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" $response = $null } Write-Output $response } end { Write-Verbose "Invoke-ADCGetSslservicegroupecccurvebinding: Ended" } } function Invoke-ADCAddSslservicegroupsslcertkeybinding { <# .SYNOPSIS Add SSL configuration Object. .DESCRIPTION Binding object showing the sslcertkey that can be bound to sslservicegroup. .PARAMETER Servicegroupname The name of the SSL service to which the SSL policy needs to be bound. .PARAMETER Certkeyname The name of the certificate bound to the SSL service group. .PARAMETER Ca CA certificate. .PARAMETER Crlcheck The state of the CRL check parameter. (Mandatory/Optional). Possible values = Mandatory, Optional .PARAMETER Snicert The name of the CertKey. Use this option to bind Certkey(s) which will be used in SNI processing. .PARAMETER Ocspcheck The state of the OCSP check parameter. (Mandatory/Optional). Possible values = Mandatory, Optional .PARAMETER PassThru Return details about the created sslservicegroup_sslcertkey_binding item. .EXAMPLE PS C:\>Invoke-ADCAddSslservicegroupsslcertkeybinding -servicegroupname <string> An example how to add sslservicegroup_sslcertkey_binding configuration Object(s). .NOTES File Name : Invoke-ADCAddSslservicegroupsslcertkeybinding Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslservicegroup_sslcertkey_binding/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(Mandatory)] [ValidateScript({ $_.Length -gt 1 })] [string]$Servicegroupname, [string]$Certkeyname, [boolean]$Ca, [ValidateSet('Mandatory', 'Optional')] [string]$Crlcheck, [boolean]$Snicert, [ValidateSet('Mandatory', 'Optional')] [string]$Ocspcheck, [Switch]$PassThru ) begin { Write-Verbose "Invoke-ADCAddSslservicegroupsslcertkeybinding: Starting" } process { try { $payload = @{ servicegroupname = $servicegroupname } if ( $PSBoundParameters.ContainsKey('certkeyname') ) { $payload.Add('certkeyname', $certkeyname) } if ( $PSBoundParameters.ContainsKey('ca') ) { $payload.Add('ca', $ca) } if ( $PSBoundParameters.ContainsKey('crlcheck') ) { $payload.Add('crlcheck', $crlcheck) } if ( $PSBoundParameters.ContainsKey('snicert') ) { $payload.Add('snicert', $snicert) } if ( $PSBoundParameters.ContainsKey('ocspcheck') ) { $payload.Add('ocspcheck', $ocspcheck) } if ( $PSCmdlet.ShouldProcess("sslservicegroup_sslcertkey_binding", "Add SSL configuration Object") ) { $result = Invoke-ADCNitroApi -ADCSession $ADCSession -Method PUT -NitroPath nitro/v1/config -Type sslservicegroup_sslcertkey_binding -Payload $payload -GetWarning #HTTP Status Code on Success: 201 Created #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error if ( $PSBoundParameters.ContainsKey('PassThru') ) { Write-Output (Invoke-ADCGetSslservicegroupsslcertkeybinding -Filter $payload) } else { Write-Output $result } } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCAddSslservicegroupsslcertkeybinding: Finished" } } function Invoke-ADCDeleteSslservicegroupsslcertkeybinding { <# .SYNOPSIS Delete SSL configuration Object. .DESCRIPTION Binding object showing the sslcertkey that can be bound to sslservicegroup. .PARAMETER Servicegroupname The name of the SSL service to which the SSL policy needs to be bound. .PARAMETER Certkeyname The name of the certificate bound to the SSL service group. .PARAMETER Ca CA certificate. .PARAMETER Crlcheck The state of the CRL check parameter. (Mandatory/Optional). Possible values = Mandatory, Optional .PARAMETER Snicert The name of the CertKey. Use this option to bind Certkey(s) which will be used in SNI processing. .EXAMPLE PS C:\>Invoke-ADCDeleteSslservicegroupsslcertkeybinding -Servicegroupname <string> An example how to delete sslservicegroup_sslcertkey_binding configuration Object(s). .NOTES File Name : Invoke-ADCDeleteSslservicegroupsslcertkeybinding Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslservicegroup_sslcertkey_binding/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(Mandatory)] [string]$Servicegroupname, [string]$Certkeyname, [boolean]$Ca, [string]$Crlcheck, [boolean]$Snicert ) begin { Write-Verbose "Invoke-ADCDeleteSslservicegroupsslcertkeybinding: Starting" } process { try { $arguments = @{ } if ( $PSBoundParameters.ContainsKey('Certkeyname') ) { $arguments.Add('certkeyname', $Certkeyname) } if ( $PSBoundParameters.ContainsKey('Ca') ) { $arguments.Add('ca', $Ca) } if ( $PSBoundParameters.ContainsKey('Crlcheck') ) { $arguments.Add('crlcheck', $Crlcheck) } if ( $PSBoundParameters.ContainsKey('Snicert') ) { $arguments.Add('snicert', $Snicert) } if ( $PSCmdlet.ShouldProcess("$servicegroupname", "Delete SSL configuration Object") ) { $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method DELETE -Type sslservicegroup_sslcertkey_binding -NitroPath nitro/v1/config -Resource $servicegroupname -Arguments $arguments #HTTP Status Code on Success: 200 OK #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error Write-Output $response } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCDeleteSslservicegroupsslcertkeybinding: Finished" } } function Invoke-ADCGetSslservicegroupsslcertkeybinding { <# .SYNOPSIS Get SSL configuration object(s). .DESCRIPTION Binding object showing the sslcertkey that can be bound to sslservicegroup. .PARAMETER Servicegroupname The name of the SSL service to which the SSL policy needs to be bound. .PARAMETER GetAll Retrieve all sslservicegroup_sslcertkey_binding object(s). .PARAMETER Count If specified, the count of the sslservicegroup_sslcertkey_binding object(s) will be returned. .PARAMETER Filter Specify a filter. -Filter @{ 'name'='<value>' } .PARAMETER ViewSummary When specified, only a summary of information is returned. .EXAMPLE PS C:\>Invoke-ADCGetSslservicegroupsslcertkeybinding Get data. .EXAMPLE PS C:\>Invoke-ADCGetSslservicegroupsslcertkeybinding -GetAll Get all sslservicegroup_sslcertkey_binding data. .EXAMPLE PS C:\>Invoke-ADCGetSslservicegroupsslcertkeybinding -Count Get the number of sslservicegroup_sslcertkey_binding objects. .EXAMPLE PS C:\>Invoke-ADCGetSslservicegroupsslcertkeybinding -name <string> Get sslservicegroup_sslcertkey_binding object by specifying for example the name. .EXAMPLE PS C:\>Invoke-ADCGetSslservicegroupsslcertkeybinding -Filter @{ 'name'='<value>' } Get sslservicegroup_sslcertkey_binding data with a filter. .NOTES File Name : Invoke-ADCGetSslservicegroupsslcertkeybinding Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslservicegroup_sslcertkey_binding/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(DefaultParameterSetName = "GetAll")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(ParameterSetName = 'GetByResource')] [ValidateScript({ $_.Length -gt 1 })] [string]$Servicegroupname, [Parameter(ParameterSetName = 'Count', Mandatory)] [Switch]$Count, [hashtable]$Filter = @{ }, [Parameter(ParameterSetName = 'GetAll')] [Switch]$GetAll ) begin { Write-Verbose "Invoke-ADCGetSslservicegroupsslcertkeybinding: Beginning" } process { try { if ( $PsCmdlet.ParameterSetName -eq 'GetAll' ) { $query = @{ bulkbindings = 'yes' } Write-Verbose "Retrieving all sslservicegroup_sslcertkey_binding objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslservicegroup_sslcertkey_binding -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'Count' ) { if ( $PSBoundParameters.ContainsKey('Count') ) { $query = @{ 'count' = 'yes' } } Write-Verbose "Retrieving total count for sslservicegroup_sslcertkey_binding objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslservicegroup_sslcertkey_binding -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByArgument' ) { Write-Verbose "Retrieving sslservicegroup_sslcertkey_binding objects by arguments" $arguments = @{ } $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslservicegroup_sslcertkey_binding -NitroPath nitro/v1/config -Arguments $arguments -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByResource' ) { Write-Verbose "Retrieving sslservicegroup_sslcertkey_binding configuration for property 'servicegroupname'" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslservicegroup_sslcertkey_binding -NitroPath nitro/v1/config -Resource $servicegroupname -Summary:$ViewSummary -Filter $Filter -GetWarning } else { Write-Verbose "Retrieving sslservicegroup_sslcertkey_binding configuration objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslservicegroup_sslcertkey_binding -NitroPath nitro/v1/config -Summary:$ViewSummary -Query $query -Filter $Filter -GetWarning } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" $response = $null } Write-Output $response } end { Write-Verbose "Invoke-ADCGetSslservicegroupsslcertkeybinding: Ended" } } function Invoke-ADCAddSslservicegroupsslciphersuitebinding { <# .SYNOPSIS Add SSL configuration Object. .DESCRIPTION Binding object showing the sslciphersuite that can be bound to sslservicegroup. .PARAMETER Servicegroupname The name of the SSL service to which the SSL policy needs to be bound. .PARAMETER Ciphername The name of the cipher group/alias/name configured for the SSL service group. .PARAMETER PassThru Return details about the created sslservicegroup_sslciphersuite_binding item. .EXAMPLE PS C:\>Invoke-ADCAddSslservicegroupsslciphersuitebinding -servicegroupname <string> An example how to add sslservicegroup_sslciphersuite_binding configuration Object(s). .NOTES File Name : Invoke-ADCAddSslservicegroupsslciphersuitebinding Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslservicegroup_sslciphersuite_binding/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(Mandatory)] [ValidateScript({ $_.Length -gt 1 })] [string]$Servicegroupname, [string]$Ciphername, [Switch]$PassThru ) begin { Write-Verbose "Invoke-ADCAddSslservicegroupsslciphersuitebinding: Starting" } process { try { $payload = @{ servicegroupname = $servicegroupname } if ( $PSBoundParameters.ContainsKey('ciphername') ) { $payload.Add('ciphername', $ciphername) } if ( $PSCmdlet.ShouldProcess("sslservicegroup_sslciphersuite_binding", "Add SSL configuration Object") ) { $result = Invoke-ADCNitroApi -ADCSession $ADCSession -Method PUT -NitroPath nitro/v1/config -Type sslservicegroup_sslciphersuite_binding -Payload $payload -GetWarning #HTTP Status Code on Success: 201 Created #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error if ( $PSBoundParameters.ContainsKey('PassThru') ) { Write-Output (Invoke-ADCGetSslservicegroupsslciphersuitebinding -Filter $payload) } else { Write-Output $result } } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCAddSslservicegroupsslciphersuitebinding: Finished" } } function Invoke-ADCDeleteSslservicegroupsslciphersuitebinding { <# .SYNOPSIS Delete SSL configuration Object. .DESCRIPTION Binding object showing the sslciphersuite that can be bound to sslservicegroup. .PARAMETER Servicegroupname The name of the SSL service to which the SSL policy needs to be bound. .PARAMETER Ciphername The name of the cipher group/alias/name configured for the SSL service group. .EXAMPLE PS C:\>Invoke-ADCDeleteSslservicegroupsslciphersuitebinding -Servicegroupname <string> An example how to delete sslservicegroup_sslciphersuite_binding configuration Object(s). .NOTES File Name : Invoke-ADCDeleteSslservicegroupsslciphersuitebinding Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslservicegroup_sslciphersuite_binding/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(Mandatory)] [string]$Servicegroupname, [string]$Ciphername ) begin { Write-Verbose "Invoke-ADCDeleteSslservicegroupsslciphersuitebinding: Starting" } process { try { $arguments = @{ } if ( $PSBoundParameters.ContainsKey('Ciphername') ) { $arguments.Add('ciphername', $Ciphername) } if ( $PSCmdlet.ShouldProcess("$servicegroupname", "Delete SSL configuration Object") ) { $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method DELETE -Type sslservicegroup_sslciphersuite_binding -NitroPath nitro/v1/config -Resource $servicegroupname -Arguments $arguments #HTTP Status Code on Success: 200 OK #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error Write-Output $response } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCDeleteSslservicegroupsslciphersuitebinding: Finished" } } function Invoke-ADCGetSslservicegroupsslciphersuitebinding { <# .SYNOPSIS Get SSL configuration object(s). .DESCRIPTION Binding object showing the sslciphersuite that can be bound to sslservicegroup. .PARAMETER Servicegroupname The name of the SSL service to which the SSL policy needs to be bound. .PARAMETER GetAll Retrieve all sslservicegroup_sslciphersuite_binding object(s). .PARAMETER Count If specified, the count of the sslservicegroup_sslciphersuite_binding object(s) will be returned. .PARAMETER Filter Specify a filter. -Filter @{ 'name'='<value>' } .PARAMETER ViewSummary When specified, only a summary of information is returned. .EXAMPLE PS C:\>Invoke-ADCGetSslservicegroupsslciphersuitebinding Get data. .EXAMPLE PS C:\>Invoke-ADCGetSslservicegroupsslciphersuitebinding -GetAll Get all sslservicegroup_sslciphersuite_binding data. .EXAMPLE PS C:\>Invoke-ADCGetSslservicegroupsslciphersuitebinding -Count Get the number of sslservicegroup_sslciphersuite_binding objects. .EXAMPLE PS C:\>Invoke-ADCGetSslservicegroupsslciphersuitebinding -name <string> Get sslservicegroup_sslciphersuite_binding object by specifying for example the name. .EXAMPLE PS C:\>Invoke-ADCGetSslservicegroupsslciphersuitebinding -Filter @{ 'name'='<value>' } Get sslservicegroup_sslciphersuite_binding data with a filter. .NOTES File Name : Invoke-ADCGetSslservicegroupsslciphersuitebinding Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslservicegroup_sslciphersuite_binding/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(DefaultParameterSetName = "GetAll")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(ParameterSetName = 'GetByResource')] [ValidateScript({ $_.Length -gt 1 })] [string]$Servicegroupname, [Parameter(ParameterSetName = 'Count', Mandatory)] [Switch]$Count, [hashtable]$Filter = @{ }, [Parameter(ParameterSetName = 'GetAll')] [Switch]$GetAll ) begin { Write-Verbose "Invoke-ADCGetSslservicegroupsslciphersuitebinding: Beginning" } process { try { if ( $PsCmdlet.ParameterSetName -eq 'GetAll' ) { $query = @{ bulkbindings = 'yes' } Write-Verbose "Retrieving all sslservicegroup_sslciphersuite_binding objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslservicegroup_sslciphersuite_binding -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'Count' ) { if ( $PSBoundParameters.ContainsKey('Count') ) { $query = @{ 'count' = 'yes' } } Write-Verbose "Retrieving total count for sslservicegroup_sslciphersuite_binding objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslservicegroup_sslciphersuite_binding -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByArgument' ) { Write-Verbose "Retrieving sslservicegroup_sslciphersuite_binding objects by arguments" $arguments = @{ } $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslservicegroup_sslciphersuite_binding -NitroPath nitro/v1/config -Arguments $arguments -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByResource' ) { Write-Verbose "Retrieving sslservicegroup_sslciphersuite_binding configuration for property 'servicegroupname'" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslservicegroup_sslciphersuite_binding -NitroPath nitro/v1/config -Resource $servicegroupname -Summary:$ViewSummary -Filter $Filter -GetWarning } else { Write-Verbose "Retrieving sslservicegroup_sslciphersuite_binding configuration objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslservicegroup_sslciphersuite_binding -NitroPath nitro/v1/config -Summary:$ViewSummary -Query $query -Filter $Filter -GetWarning } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" $response = $null } Write-Output $response } end { Write-Verbose "Invoke-ADCGetSslservicegroupsslciphersuitebinding: Ended" } } function Invoke-ADCAddSslservicegroupsslcipherbinding { <# .SYNOPSIS Add SSL configuration Object. .DESCRIPTION Binding object showing the sslcipher that can be bound to sslservicegroup. .PARAMETER Servicegroupname The name of the SSL service to which the SSL policy needs to be bound. .PARAMETER Ciphername A cipher-suite can consist of an individual cipher name, the system predefined cipher-alias name, or user defined cipher-group name. .PARAMETER PassThru Return details about the created sslservicegroup_sslcipher_binding item. .EXAMPLE PS C:\>Invoke-ADCAddSslservicegroupsslcipherbinding -servicegroupname <string> An example how to add sslservicegroup_sslcipher_binding configuration Object(s). .NOTES File Name : Invoke-ADCAddSslservicegroupsslcipherbinding Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslservicegroup_sslcipher_binding/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(Mandatory)] [ValidateScript({ $_.Length -gt 1 })] [string]$Servicegroupname, [string]$Ciphername, [Switch]$PassThru ) begin { Write-Verbose "Invoke-ADCAddSslservicegroupsslcipherbinding: Starting" } process { try { $payload = @{ servicegroupname = $servicegroupname } if ( $PSBoundParameters.ContainsKey('ciphername') ) { $payload.Add('ciphername', $ciphername) } if ( $PSCmdlet.ShouldProcess("sslservicegroup_sslcipher_binding", "Add SSL configuration Object") ) { $result = Invoke-ADCNitroApi -ADCSession $ADCSession -Method PUT -NitroPath nitro/v1/config -Type sslservicegroup_sslcipher_binding -Payload $payload -GetWarning #HTTP Status Code on Success: 201 Created #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error if ( $PSBoundParameters.ContainsKey('PassThru') ) { Write-Output (Invoke-ADCGetSslservicegroupsslcipherbinding -Filter $payload) } else { Write-Output $result } } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCAddSslservicegroupsslcipherbinding: Finished" } } function Invoke-ADCDeleteSslservicegroupsslcipherbinding { <# .SYNOPSIS Delete SSL configuration Object. .DESCRIPTION Binding object showing the sslcipher that can be bound to sslservicegroup. .PARAMETER Servicegroupname The name of the SSL service to which the SSL policy needs to be bound. .PARAMETER Ciphername A cipher-suite can consist of an individual cipher name, the system predefined cipher-alias name, or user defined cipher-group name. .EXAMPLE PS C:\>Invoke-ADCDeleteSslservicegroupsslcipherbinding -Servicegroupname <string> An example how to delete sslservicegroup_sslcipher_binding configuration Object(s). .NOTES File Name : Invoke-ADCDeleteSslservicegroupsslcipherbinding Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslservicegroup_sslcipher_binding/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(Mandatory)] [string]$Servicegroupname, [string]$Ciphername ) begin { Write-Verbose "Invoke-ADCDeleteSslservicegroupsslcipherbinding: Starting" } process { try { $arguments = @{ } if ( $PSBoundParameters.ContainsKey('Ciphername') ) { $arguments.Add('ciphername', $Ciphername) } if ( $PSCmdlet.ShouldProcess("$servicegroupname", "Delete SSL configuration Object") ) { $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method DELETE -Type sslservicegroup_sslcipher_binding -NitroPath nitro/v1/config -Resource $servicegroupname -Arguments $arguments #HTTP Status Code on Success: 200 OK #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error Write-Output $response } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCDeleteSslservicegroupsslcipherbinding: Finished" } } function Invoke-ADCGetSslservicegroupsslcipherbinding { <# .SYNOPSIS Get SSL configuration object(s). .DESCRIPTION Binding object showing the sslcipher that can be bound to sslservicegroup. .PARAMETER Servicegroupname The name of the SSL service to which the SSL policy needs to be bound. .PARAMETER GetAll Retrieve all sslservicegroup_sslcipher_binding object(s). .PARAMETER Count If specified, the count of the sslservicegroup_sslcipher_binding object(s) will be returned. .PARAMETER Filter Specify a filter. -Filter @{ 'name'='<value>' } .PARAMETER ViewSummary When specified, only a summary of information is returned. .EXAMPLE PS C:\>Invoke-ADCGetSslservicegroupsslcipherbinding Get data. .EXAMPLE PS C:\>Invoke-ADCGetSslservicegroupsslcipherbinding -GetAll Get all sslservicegroup_sslcipher_binding data. .EXAMPLE PS C:\>Invoke-ADCGetSslservicegroupsslcipherbinding -Count Get the number of sslservicegroup_sslcipher_binding objects. .EXAMPLE PS C:\>Invoke-ADCGetSslservicegroupsslcipherbinding -name <string> Get sslservicegroup_sslcipher_binding object by specifying for example the name. .EXAMPLE PS C:\>Invoke-ADCGetSslservicegroupsslcipherbinding -Filter @{ 'name'='<value>' } Get sslservicegroup_sslcipher_binding data with a filter. .NOTES File Name : Invoke-ADCGetSslservicegroupsslcipherbinding Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslservicegroup_sslcipher_binding/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(DefaultParameterSetName = "GetAll")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(ParameterSetName = 'GetByResource')] [ValidateScript({ $_.Length -gt 1 })] [string]$Servicegroupname, [Parameter(ParameterSetName = 'Count', Mandatory)] [Switch]$Count, [hashtable]$Filter = @{ }, [Parameter(ParameterSetName = 'GetAll')] [Switch]$GetAll ) begin { Write-Verbose "Invoke-ADCGetSslservicegroupsslcipherbinding: Beginning" } process { try { if ( $PsCmdlet.ParameterSetName -eq 'GetAll' ) { $query = @{ bulkbindings = 'yes' } Write-Verbose "Retrieving all sslservicegroup_sslcipher_binding objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslservicegroup_sslcipher_binding -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'Count' ) { if ( $PSBoundParameters.ContainsKey('Count') ) { $query = @{ 'count' = 'yes' } } Write-Verbose "Retrieving total count for sslservicegroup_sslcipher_binding objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslservicegroup_sslcipher_binding -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByArgument' ) { Write-Verbose "Retrieving sslservicegroup_sslcipher_binding objects by arguments" $arguments = @{ } $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslservicegroup_sslcipher_binding -NitroPath nitro/v1/config -Arguments $arguments -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByResource' ) { Write-Verbose "Retrieving sslservicegroup_sslcipher_binding configuration for property 'servicegroupname'" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslservicegroup_sslcipher_binding -NitroPath nitro/v1/config -Resource $servicegroupname -Summary:$ViewSummary -Filter $Filter -GetWarning } else { Write-Verbose "Retrieving sslservicegroup_sslcipher_binding configuration objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslservicegroup_sslcipher_binding -NitroPath nitro/v1/config -Summary:$ViewSummary -Query $query -Filter $Filter -GetWarning } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" $response = $null } Write-Output $response } end { Write-Verbose "Invoke-ADCGetSslservicegroupsslcipherbinding: Ended" } } function Invoke-ADCGetSslservicebinding { <# .SYNOPSIS Get SSL configuration object(s). .DESCRIPTION Binding object which returns the resources bound to sslservice. .PARAMETER Servicename Name of the SSL service for which to show detailed information. .PARAMETER GetAll Retrieve all sslservice_binding object(s). .PARAMETER Count If specified, the count of the sslservice_binding object(s) will be returned. .PARAMETER Filter Specify a filter. -Filter @{ 'name'='<value>' } .PARAMETER ViewSummary When specified, only a summary of information is returned. .EXAMPLE PS C:\>Invoke-ADCGetSslservicebinding Get data. .EXAMPLE PS C:\>Invoke-ADCGetSslservicebinding -GetAll Get all sslservice_binding data. .EXAMPLE PS C:\>Invoke-ADCGetSslservicebinding -name <string> Get sslservice_binding object by specifying for example the name. .EXAMPLE PS C:\>Invoke-ADCGetSslservicebinding -Filter @{ 'name'='<value>' } Get sslservice_binding data with a filter. .NOTES File Name : Invoke-ADCGetSslservicebinding Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslservice_binding/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(DefaultParameterSetName = "GetAll")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(ParameterSetName = 'GetByResource')] [ValidateScript({ $_.Length -gt 1 })] [string]$Servicename, [hashtable]$Filter = @{ }, [Parameter(ParameterSetName = 'GetAll')] [Switch]$GetAll ) begin { Write-Verbose "Invoke-ADCGetSslservicebinding: Beginning" } process { try { if ( $PsCmdlet.ParameterSetName -eq 'GetAll' ) { $query = @{ bulkbindings = 'yes' } Write-Verbose "Retrieving all sslservice_binding objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslservice_binding -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'Count' ) { if ( $PSBoundParameters.ContainsKey('Count') ) { $query = @{ 'count' = 'yes' } } Write-Verbose "Retrieving total count for sslservice_binding objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslservice_binding -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByArgument' ) { Write-Verbose "Retrieving sslservice_binding objects by arguments" $arguments = @{ } $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslservice_binding -NitroPath nitro/v1/config -Arguments $arguments -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByResource' ) { Write-Verbose "Retrieving sslservice_binding configuration for property 'servicename'" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslservice_binding -NitroPath nitro/v1/config -Resource $servicename -Summary:$ViewSummary -Filter $Filter -GetWarning } else { Write-Verbose "Retrieving sslservice_binding configuration objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslservice_binding -NitroPath nitro/v1/config -Summary:$ViewSummary -Query $query -Filter $Filter -GetWarning } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" $response = $null } Write-Output $response } end { Write-Verbose "Invoke-ADCGetSslservicebinding: Ended" } } function Invoke-ADCAddSslserviceecccurvebinding { <# .SYNOPSIS Add SSL configuration Object. .DESCRIPTION Binding object showing the ecccurve that can be bound to sslservice. .PARAMETER Servicename Name of the SSL service for which to set advanced configuration. .PARAMETER Ecccurvename Named ECC curve bound to service/vserver. Possible values = ALL, P_224, P_256, P_384, P_521 .PARAMETER PassThru Return details about the created sslservice_ecccurve_binding item. .EXAMPLE PS C:\>Invoke-ADCAddSslserviceecccurvebinding -servicename <string> An example how to add sslservice_ecccurve_binding configuration Object(s). .NOTES File Name : Invoke-ADCAddSslserviceecccurvebinding Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslservice_ecccurve_binding/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(Mandatory)] [ValidateScript({ $_.Length -gt 1 })] [string]$Servicename, [ValidateSet('ALL', 'P_224', 'P_256', 'P_384', 'P_521')] [string]$Ecccurvename, [Switch]$PassThru ) begin { Write-Verbose "Invoke-ADCAddSslserviceecccurvebinding: Starting" } process { try { $payload = @{ servicename = $servicename } if ( $PSBoundParameters.ContainsKey('ecccurvename') ) { $payload.Add('ecccurvename', $ecccurvename) } if ( $PSCmdlet.ShouldProcess("sslservice_ecccurve_binding", "Add SSL configuration Object") ) { $result = Invoke-ADCNitroApi -ADCSession $ADCSession -Method PUT -NitroPath nitro/v1/config -Type sslservice_ecccurve_binding -Payload $payload -GetWarning #HTTP Status Code on Success: 201 Created #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error if ( $PSBoundParameters.ContainsKey('PassThru') ) { Write-Output (Invoke-ADCGetSslserviceecccurvebinding -Filter $payload) } else { Write-Output $result } } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCAddSslserviceecccurvebinding: Finished" } } function Invoke-ADCDeleteSslserviceecccurvebinding { <# .SYNOPSIS Delete SSL configuration Object. .DESCRIPTION Binding object showing the ecccurve that can be bound to sslservice. .PARAMETER Servicename Name of the SSL service for which to set advanced configuration. .PARAMETER Ecccurvename Named ECC curve bound to service/vserver. Possible values = ALL, P_224, P_256, P_384, P_521 .EXAMPLE PS C:\>Invoke-ADCDeleteSslserviceecccurvebinding -Servicename <string> An example how to delete sslservice_ecccurve_binding configuration Object(s). .NOTES File Name : Invoke-ADCDeleteSslserviceecccurvebinding Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslservice_ecccurve_binding/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(Mandatory)] [string]$Servicename, [string]$Ecccurvename ) begin { Write-Verbose "Invoke-ADCDeleteSslserviceecccurvebinding: Starting" } process { try { $arguments = @{ } if ( $PSBoundParameters.ContainsKey('Ecccurvename') ) { $arguments.Add('ecccurvename', $Ecccurvename) } if ( $PSCmdlet.ShouldProcess("$servicename", "Delete SSL configuration Object") ) { $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method DELETE -Type sslservice_ecccurve_binding -NitroPath nitro/v1/config -Resource $servicename -Arguments $arguments #HTTP Status Code on Success: 200 OK #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error Write-Output $response } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCDeleteSslserviceecccurvebinding: Finished" } } function Invoke-ADCGetSslserviceecccurvebinding { <# .SYNOPSIS Get SSL configuration object(s). .DESCRIPTION Binding object showing the ecccurve that can be bound to sslservice. .PARAMETER Servicename Name of the SSL service for which to set advanced configuration. .PARAMETER GetAll Retrieve all sslservice_ecccurve_binding object(s). .PARAMETER Count If specified, the count of the sslservice_ecccurve_binding object(s) will be returned. .PARAMETER Filter Specify a filter. -Filter @{ 'name'='<value>' } .PARAMETER ViewSummary When specified, only a summary of information is returned. .EXAMPLE PS C:\>Invoke-ADCGetSslserviceecccurvebinding Get data. .EXAMPLE PS C:\>Invoke-ADCGetSslserviceecccurvebinding -GetAll Get all sslservice_ecccurve_binding data. .EXAMPLE PS C:\>Invoke-ADCGetSslserviceecccurvebinding -Count Get the number of sslservice_ecccurve_binding objects. .EXAMPLE PS C:\>Invoke-ADCGetSslserviceecccurvebinding -name <string> Get sslservice_ecccurve_binding object by specifying for example the name. .EXAMPLE PS C:\>Invoke-ADCGetSslserviceecccurvebinding -Filter @{ 'name'='<value>' } Get sslservice_ecccurve_binding data with a filter. .NOTES File Name : Invoke-ADCGetSslserviceecccurvebinding Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslservice_ecccurve_binding/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(DefaultParameterSetName = "GetAll")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(ParameterSetName = 'GetByResource')] [ValidateScript({ $_.Length -gt 1 })] [string]$Servicename, [Parameter(ParameterSetName = 'Count', Mandatory)] [Switch]$Count, [hashtable]$Filter = @{ }, [Parameter(ParameterSetName = 'GetAll')] [Switch]$GetAll ) begin { Write-Verbose "Invoke-ADCGetSslserviceecccurvebinding: Beginning" } process { try { if ( $PsCmdlet.ParameterSetName -eq 'GetAll' ) { $query = @{ bulkbindings = 'yes' } Write-Verbose "Retrieving all sslservice_ecccurve_binding objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslservice_ecccurve_binding -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'Count' ) { if ( $PSBoundParameters.ContainsKey('Count') ) { $query = @{ 'count' = 'yes' } } Write-Verbose "Retrieving total count for sslservice_ecccurve_binding objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslservice_ecccurve_binding -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByArgument' ) { Write-Verbose "Retrieving sslservice_ecccurve_binding objects by arguments" $arguments = @{ } $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslservice_ecccurve_binding -NitroPath nitro/v1/config -Arguments $arguments -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByResource' ) { Write-Verbose "Retrieving sslservice_ecccurve_binding configuration for property 'servicename'" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslservice_ecccurve_binding -NitroPath nitro/v1/config -Resource $servicename -Summary:$ViewSummary -Filter $Filter -GetWarning } else { Write-Verbose "Retrieving sslservice_ecccurve_binding configuration objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslservice_ecccurve_binding -NitroPath nitro/v1/config -Summary:$ViewSummary -Query $query -Filter $Filter -GetWarning } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" $response = $null } Write-Output $response } end { Write-Verbose "Invoke-ADCGetSslserviceecccurvebinding: Ended" } } function Invoke-ADCAddSslservicesslcertkeybinding { <# .SYNOPSIS Add SSL configuration Object. .DESCRIPTION Binding object showing the sslcertkey that can be bound to sslservice. .PARAMETER Servicename Name of the SSL service for which to set advanced configuration. .PARAMETER Certkeyname The certificate key pair binding. .PARAMETER Ca CA certificate. .PARAMETER Crlcheck The state of the CRL check parameter. (Mandatory/Optional). Possible values = Mandatory, Optional .PARAMETER Skipcaname The flag is used to indicate whether this particular CA certificate's CA_Name needs to be sent to the SSL client while requesting for client certificate in a SSL handshake. .PARAMETER Snicert The name of the CertKey. Use this option to bind Certkey(s) which will be used in SNI processing. .PARAMETER Ocspcheck Rule to use for the OCSP responder associated with the CA certificate during client authentication. If MANDATORY is specified, deny all SSL clients if the OCSP check fails because of connectivity issues with the remote OCSP server, or any other reason that prevents the OCSP check. With the OPTIONAL setting, allow SSL clients even if the OCSP check fails except when the client certificate is revoked. Possible values = Mandatory, Optional .PARAMETER PassThru Return details about the created sslservice_sslcertkey_binding item. .EXAMPLE PS C:\>Invoke-ADCAddSslservicesslcertkeybinding -servicename <string> An example how to add sslservice_sslcertkey_binding configuration Object(s). .NOTES File Name : Invoke-ADCAddSslservicesslcertkeybinding Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslservice_sslcertkey_binding/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(Mandatory)] [ValidateScript({ $_.Length -gt 1 })] [string]$Servicename, [string]$Certkeyname, [boolean]$Ca, [ValidateSet('Mandatory', 'Optional')] [string]$Crlcheck, [boolean]$Skipcaname, [boolean]$Snicert, [ValidateSet('Mandatory', 'Optional')] [string]$Ocspcheck, [Switch]$PassThru ) begin { Write-Verbose "Invoke-ADCAddSslservicesslcertkeybinding: Starting" } process { try { $payload = @{ servicename = $servicename } if ( $PSBoundParameters.ContainsKey('certkeyname') ) { $payload.Add('certkeyname', $certkeyname) } if ( $PSBoundParameters.ContainsKey('ca') ) { $payload.Add('ca', $ca) } if ( $PSBoundParameters.ContainsKey('crlcheck') ) { $payload.Add('crlcheck', $crlcheck) } if ( $PSBoundParameters.ContainsKey('skipcaname') ) { $payload.Add('skipcaname', $skipcaname) } if ( $PSBoundParameters.ContainsKey('snicert') ) { $payload.Add('snicert', $snicert) } if ( $PSBoundParameters.ContainsKey('ocspcheck') ) { $payload.Add('ocspcheck', $ocspcheck) } if ( $PSCmdlet.ShouldProcess("sslservice_sslcertkey_binding", "Add SSL configuration Object") ) { $result = Invoke-ADCNitroApi -ADCSession $ADCSession -Method PUT -NitroPath nitro/v1/config -Type sslservice_sslcertkey_binding -Payload $payload -GetWarning #HTTP Status Code on Success: 201 Created #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error if ( $PSBoundParameters.ContainsKey('PassThru') ) { Write-Output (Invoke-ADCGetSslservicesslcertkeybinding -Filter $payload) } else { Write-Output $result } } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCAddSslservicesslcertkeybinding: Finished" } } function Invoke-ADCDeleteSslservicesslcertkeybinding { <# .SYNOPSIS Delete SSL configuration Object. .DESCRIPTION Binding object showing the sslcertkey that can be bound to sslservice. .PARAMETER Servicename Name of the SSL service for which to set advanced configuration. .PARAMETER Certkeyname The certificate key pair binding. .PARAMETER Ca CA certificate. .PARAMETER Crlcheck The state of the CRL check parameter. (Mandatory/Optional). Possible values = Mandatory, Optional .PARAMETER Snicert The name of the CertKey. Use this option to bind Certkey(s) which will be used in SNI processing. .EXAMPLE PS C:\>Invoke-ADCDeleteSslservicesslcertkeybinding -Servicename <string> An example how to delete sslservice_sslcertkey_binding configuration Object(s). .NOTES File Name : Invoke-ADCDeleteSslservicesslcertkeybinding Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslservice_sslcertkey_binding/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(Mandatory)] [string]$Servicename, [string]$Certkeyname, [boolean]$Ca, [string]$Crlcheck, [boolean]$Snicert ) begin { Write-Verbose "Invoke-ADCDeleteSslservicesslcertkeybinding: Starting" } process { try { $arguments = @{ } if ( $PSBoundParameters.ContainsKey('Certkeyname') ) { $arguments.Add('certkeyname', $Certkeyname) } if ( $PSBoundParameters.ContainsKey('Ca') ) { $arguments.Add('ca', $Ca) } if ( $PSBoundParameters.ContainsKey('Crlcheck') ) { $arguments.Add('crlcheck', $Crlcheck) } if ( $PSBoundParameters.ContainsKey('Snicert') ) { $arguments.Add('snicert', $Snicert) } if ( $PSCmdlet.ShouldProcess("$servicename", "Delete SSL configuration Object") ) { $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method DELETE -Type sslservice_sslcertkey_binding -NitroPath nitro/v1/config -Resource $servicename -Arguments $arguments #HTTP Status Code on Success: 200 OK #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error Write-Output $response } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCDeleteSslservicesslcertkeybinding: Finished" } } function Invoke-ADCGetSslservicesslcertkeybinding { <# .SYNOPSIS Get SSL configuration object(s). .DESCRIPTION Binding object showing the sslcertkey that can be bound to sslservice. .PARAMETER Servicename Name of the SSL service for which to set advanced configuration. .PARAMETER GetAll Retrieve all sslservice_sslcertkey_binding object(s). .PARAMETER Count If specified, the count of the sslservice_sslcertkey_binding object(s) will be returned. .PARAMETER Filter Specify a filter. -Filter @{ 'name'='<value>' } .PARAMETER ViewSummary When specified, only a summary of information is returned. .EXAMPLE PS C:\>Invoke-ADCGetSslservicesslcertkeybinding Get data. .EXAMPLE PS C:\>Invoke-ADCGetSslservicesslcertkeybinding -GetAll Get all sslservice_sslcertkey_binding data. .EXAMPLE PS C:\>Invoke-ADCGetSslservicesslcertkeybinding -Count Get the number of sslservice_sslcertkey_binding objects. .EXAMPLE PS C:\>Invoke-ADCGetSslservicesslcertkeybinding -name <string> Get sslservice_sslcertkey_binding object by specifying for example the name. .EXAMPLE PS C:\>Invoke-ADCGetSslservicesslcertkeybinding -Filter @{ 'name'='<value>' } Get sslservice_sslcertkey_binding data with a filter. .NOTES File Name : Invoke-ADCGetSslservicesslcertkeybinding Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslservice_sslcertkey_binding/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(DefaultParameterSetName = "GetAll")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(ParameterSetName = 'GetByResource')] [ValidateScript({ $_.Length -gt 1 })] [string]$Servicename, [Parameter(ParameterSetName = 'Count', Mandatory)] [Switch]$Count, [hashtable]$Filter = @{ }, [Parameter(ParameterSetName = 'GetAll')] [Switch]$GetAll ) begin { Write-Verbose "Invoke-ADCGetSslservicesslcertkeybinding: Beginning" } process { try { if ( $PsCmdlet.ParameterSetName -eq 'GetAll' ) { $query = @{ bulkbindings = 'yes' } Write-Verbose "Retrieving all sslservice_sslcertkey_binding objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslservice_sslcertkey_binding -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'Count' ) { if ( $PSBoundParameters.ContainsKey('Count') ) { $query = @{ 'count' = 'yes' } } Write-Verbose "Retrieving total count for sslservice_sslcertkey_binding objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslservice_sslcertkey_binding -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByArgument' ) { Write-Verbose "Retrieving sslservice_sslcertkey_binding objects by arguments" $arguments = @{ } $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslservice_sslcertkey_binding -NitroPath nitro/v1/config -Arguments $arguments -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByResource' ) { Write-Verbose "Retrieving sslservice_sslcertkey_binding configuration for property 'servicename'" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslservice_sslcertkey_binding -NitroPath nitro/v1/config -Resource $servicename -Summary:$ViewSummary -Filter $Filter -GetWarning } else { Write-Verbose "Retrieving sslservice_sslcertkey_binding configuration objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslservice_sslcertkey_binding -NitroPath nitro/v1/config -Summary:$ViewSummary -Query $query -Filter $Filter -GetWarning } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" $response = $null } Write-Output $response } end { Write-Verbose "Invoke-ADCGetSslservicesslcertkeybinding: Ended" } } function Invoke-ADCAddSslservicesslciphersuitebinding { <# .SYNOPSIS Add SSL configuration Object. .DESCRIPTION Binding object showing the sslciphersuite that can be bound to sslservice. .PARAMETER Servicename Name of the SSL service for which to set advanced configuration. .PARAMETER Ciphername The cipher group/alias/individual cipher configuration. .PARAMETER PassThru Return details about the created sslservice_sslciphersuite_binding item. .EXAMPLE PS C:\>Invoke-ADCAddSslservicesslciphersuitebinding -servicename <string> An example how to add sslservice_sslciphersuite_binding configuration Object(s). .NOTES File Name : Invoke-ADCAddSslservicesslciphersuitebinding Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslservice_sslciphersuite_binding/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(Mandatory)] [ValidateScript({ $_.Length -gt 1 })] [string]$Servicename, [string]$Ciphername, [Switch]$PassThru ) begin { Write-Verbose "Invoke-ADCAddSslservicesslciphersuitebinding: Starting" } process { try { $payload = @{ servicename = $servicename } if ( $PSBoundParameters.ContainsKey('ciphername') ) { $payload.Add('ciphername', $ciphername) } if ( $PSCmdlet.ShouldProcess("sslservice_sslciphersuite_binding", "Add SSL configuration Object") ) { $result = Invoke-ADCNitroApi -ADCSession $ADCSession -Method PUT -NitroPath nitro/v1/config -Type sslservice_sslciphersuite_binding -Payload $payload -GetWarning #HTTP Status Code on Success: 201 Created #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error if ( $PSBoundParameters.ContainsKey('PassThru') ) { Write-Output (Invoke-ADCGetSslservicesslciphersuitebinding -Filter $payload) } else { Write-Output $result } } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCAddSslservicesslciphersuitebinding: Finished" } } function Invoke-ADCDeleteSslservicesslciphersuitebinding { <# .SYNOPSIS Delete SSL configuration Object. .DESCRIPTION Binding object showing the sslciphersuite that can be bound to sslservice. .PARAMETER Servicename Name of the SSL service for which to set advanced configuration. .PARAMETER Ciphername The cipher group/alias/individual cipher configuration. .EXAMPLE PS C:\>Invoke-ADCDeleteSslservicesslciphersuitebinding -Servicename <string> An example how to delete sslservice_sslciphersuite_binding configuration Object(s). .NOTES File Name : Invoke-ADCDeleteSslservicesslciphersuitebinding Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslservice_sslciphersuite_binding/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(Mandatory)] [string]$Servicename, [string]$Ciphername ) begin { Write-Verbose "Invoke-ADCDeleteSslservicesslciphersuitebinding: Starting" } process { try { $arguments = @{ } if ( $PSBoundParameters.ContainsKey('Ciphername') ) { $arguments.Add('ciphername', $Ciphername) } if ( $PSCmdlet.ShouldProcess("$servicename", "Delete SSL configuration Object") ) { $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method DELETE -Type sslservice_sslciphersuite_binding -NitroPath nitro/v1/config -Resource $servicename -Arguments $arguments #HTTP Status Code on Success: 200 OK #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error Write-Output $response } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCDeleteSslservicesslciphersuitebinding: Finished" } } function Invoke-ADCGetSslservicesslciphersuitebinding { <# .SYNOPSIS Get SSL configuration object(s). .DESCRIPTION Binding object showing the sslciphersuite that can be bound to sslservice. .PARAMETER Servicename Name of the SSL service for which to set advanced configuration. .PARAMETER GetAll Retrieve all sslservice_sslciphersuite_binding object(s). .PARAMETER Count If specified, the count of the sslservice_sslciphersuite_binding object(s) will be returned. .PARAMETER Filter Specify a filter. -Filter @{ 'name'='<value>' } .PARAMETER ViewSummary When specified, only a summary of information is returned. .EXAMPLE PS C:\>Invoke-ADCGetSslservicesslciphersuitebinding Get data. .EXAMPLE PS C:\>Invoke-ADCGetSslservicesslciphersuitebinding -GetAll Get all sslservice_sslciphersuite_binding data. .EXAMPLE PS C:\>Invoke-ADCGetSslservicesslciphersuitebinding -Count Get the number of sslservice_sslciphersuite_binding objects. .EXAMPLE PS C:\>Invoke-ADCGetSslservicesslciphersuitebinding -name <string> Get sslservice_sslciphersuite_binding object by specifying for example the name. .EXAMPLE PS C:\>Invoke-ADCGetSslservicesslciphersuitebinding -Filter @{ 'name'='<value>' } Get sslservice_sslciphersuite_binding data with a filter. .NOTES File Name : Invoke-ADCGetSslservicesslciphersuitebinding Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslservice_sslciphersuite_binding/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(DefaultParameterSetName = "GetAll")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(ParameterSetName = 'GetByResource')] [ValidateScript({ $_.Length -gt 1 })] [string]$Servicename, [Parameter(ParameterSetName = 'Count', Mandatory)] [Switch]$Count, [hashtable]$Filter = @{ }, [Parameter(ParameterSetName = 'GetAll')] [Switch]$GetAll ) begin { Write-Verbose "Invoke-ADCGetSslservicesslciphersuitebinding: Beginning" } process { try { if ( $PsCmdlet.ParameterSetName -eq 'GetAll' ) { $query = @{ bulkbindings = 'yes' } Write-Verbose "Retrieving all sslservice_sslciphersuite_binding objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslservice_sslciphersuite_binding -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'Count' ) { if ( $PSBoundParameters.ContainsKey('Count') ) { $query = @{ 'count' = 'yes' } } Write-Verbose "Retrieving total count for sslservice_sslciphersuite_binding objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslservice_sslciphersuite_binding -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByArgument' ) { Write-Verbose "Retrieving sslservice_sslciphersuite_binding objects by arguments" $arguments = @{ } $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslservice_sslciphersuite_binding -NitroPath nitro/v1/config -Arguments $arguments -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByResource' ) { Write-Verbose "Retrieving sslservice_sslciphersuite_binding configuration for property 'servicename'" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslservice_sslciphersuite_binding -NitroPath nitro/v1/config -Resource $servicename -Summary:$ViewSummary -Filter $Filter -GetWarning } else { Write-Verbose "Retrieving sslservice_sslciphersuite_binding configuration objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslservice_sslciphersuite_binding -NitroPath nitro/v1/config -Summary:$ViewSummary -Query $query -Filter $Filter -GetWarning } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" $response = $null } Write-Output $response } end { Write-Verbose "Invoke-ADCGetSslservicesslciphersuitebinding: Ended" } } function Invoke-ADCAddSslservicesslcipherbinding { <# .SYNOPSIS Add SSL configuration Object. .DESCRIPTION Binding object showing the sslcipher that can be bound to sslservice. .PARAMETER Servicename Name of the SSL service for which to set advanced configuration. .PARAMETER Ciphername Name of the individual cipher, user-defined cipher group, or predefined (built-in) cipher alias. .PARAMETER PassThru Return details about the created sslservice_sslcipher_binding item. .EXAMPLE PS C:\>Invoke-ADCAddSslservicesslcipherbinding -servicename <string> An example how to add sslservice_sslcipher_binding configuration Object(s). .NOTES File Name : Invoke-ADCAddSslservicesslcipherbinding Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslservice_sslcipher_binding/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(Mandatory)] [ValidateScript({ $_.Length -gt 1 })] [string]$Servicename, [string]$Ciphername, [Switch]$PassThru ) begin { Write-Verbose "Invoke-ADCAddSslservicesslcipherbinding: Starting" } process { try { $payload = @{ servicename = $servicename } if ( $PSBoundParameters.ContainsKey('ciphername') ) { $payload.Add('ciphername', $ciphername) } if ( $PSCmdlet.ShouldProcess("sslservice_sslcipher_binding", "Add SSL configuration Object") ) { $result = Invoke-ADCNitroApi -ADCSession $ADCSession -Method PUT -NitroPath nitro/v1/config -Type sslservice_sslcipher_binding -Payload $payload -GetWarning #HTTP Status Code on Success: 201 Created #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error if ( $PSBoundParameters.ContainsKey('PassThru') ) { Write-Output (Invoke-ADCGetSslservicesslcipherbinding -Filter $payload) } else { Write-Output $result } } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCAddSslservicesslcipherbinding: Finished" } } function Invoke-ADCDeleteSslservicesslcipherbinding { <# .SYNOPSIS Delete SSL configuration Object. .DESCRIPTION Binding object showing the sslcipher that can be bound to sslservice. .PARAMETER Servicename Name of the SSL service for which to set advanced configuration. .PARAMETER Ciphername Name of the individual cipher, user-defined cipher group, or predefined (built-in) cipher alias. .EXAMPLE PS C:\>Invoke-ADCDeleteSslservicesslcipherbinding -Servicename <string> An example how to delete sslservice_sslcipher_binding configuration Object(s). .NOTES File Name : Invoke-ADCDeleteSslservicesslcipherbinding Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslservice_sslcipher_binding/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(Mandatory)] [string]$Servicename, [string]$Ciphername ) begin { Write-Verbose "Invoke-ADCDeleteSslservicesslcipherbinding: Starting" } process { try { $arguments = @{ } if ( $PSBoundParameters.ContainsKey('Ciphername') ) { $arguments.Add('ciphername', $Ciphername) } if ( $PSCmdlet.ShouldProcess("$servicename", "Delete SSL configuration Object") ) { $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method DELETE -Type sslservice_sslcipher_binding -NitroPath nitro/v1/config -Resource $servicename -Arguments $arguments #HTTP Status Code on Success: 200 OK #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error Write-Output $response } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCDeleteSslservicesslcipherbinding: Finished" } } function Invoke-ADCGetSslservicesslcipherbinding { <# .SYNOPSIS Get SSL configuration object(s). .DESCRIPTION Binding object showing the sslcipher that can be bound to sslservice. .PARAMETER Servicename Name of the SSL service for which to set advanced configuration. .PARAMETER GetAll Retrieve all sslservice_sslcipher_binding object(s). .PARAMETER Count If specified, the count of the sslservice_sslcipher_binding object(s) will be returned. .PARAMETER Filter Specify a filter. -Filter @{ 'name'='<value>' } .PARAMETER ViewSummary When specified, only a summary of information is returned. .EXAMPLE PS C:\>Invoke-ADCGetSslservicesslcipherbinding Get data. .EXAMPLE PS C:\>Invoke-ADCGetSslservicesslcipherbinding -GetAll Get all sslservice_sslcipher_binding data. .EXAMPLE PS C:\>Invoke-ADCGetSslservicesslcipherbinding -Count Get the number of sslservice_sslcipher_binding objects. .EXAMPLE PS C:\>Invoke-ADCGetSslservicesslcipherbinding -name <string> Get sslservice_sslcipher_binding object by specifying for example the name. .EXAMPLE PS C:\>Invoke-ADCGetSslservicesslcipherbinding -Filter @{ 'name'='<value>' } Get sslservice_sslcipher_binding data with a filter. .NOTES File Name : Invoke-ADCGetSslservicesslcipherbinding Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslservice_sslcipher_binding/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(DefaultParameterSetName = "GetAll")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(ParameterSetName = 'GetByResource')] [ValidateScript({ $_.Length -gt 1 })] [string]$Servicename, [Parameter(ParameterSetName = 'Count', Mandatory)] [Switch]$Count, [hashtable]$Filter = @{ }, [Parameter(ParameterSetName = 'GetAll')] [Switch]$GetAll ) begin { Write-Verbose "Invoke-ADCGetSslservicesslcipherbinding: Beginning" } process { try { if ( $PsCmdlet.ParameterSetName -eq 'GetAll' ) { $query = @{ bulkbindings = 'yes' } Write-Verbose "Retrieving all sslservice_sslcipher_binding objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslservice_sslcipher_binding -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'Count' ) { if ( $PSBoundParameters.ContainsKey('Count') ) { $query = @{ 'count' = 'yes' } } Write-Verbose "Retrieving total count for sslservice_sslcipher_binding objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslservice_sslcipher_binding -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByArgument' ) { Write-Verbose "Retrieving sslservice_sslcipher_binding objects by arguments" $arguments = @{ } $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslservice_sslcipher_binding -NitroPath nitro/v1/config -Arguments $arguments -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByResource' ) { Write-Verbose "Retrieving sslservice_sslcipher_binding configuration for property 'servicename'" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslservice_sslcipher_binding -NitroPath nitro/v1/config -Resource $servicename -Summary:$ViewSummary -Filter $Filter -GetWarning } else { Write-Verbose "Retrieving sslservice_sslcipher_binding configuration objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslservice_sslcipher_binding -NitroPath nitro/v1/config -Summary:$ViewSummary -Query $query -Filter $Filter -GetWarning } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" $response = $null } Write-Output $response } end { Write-Verbose "Invoke-ADCGetSslservicesslcipherbinding: Ended" } } function Invoke-ADCAddSslservicesslpolicybinding { <# .SYNOPSIS Add SSL configuration Object. .DESCRIPTION Binding object showing the sslpolicy that can be bound to sslservice. .PARAMETER Servicename Name of the SSL service for which to set advanced configuration. .PARAMETER Policyname The SSL policy binding. .PARAMETER Priority The priority of the policies bound to this SSL service. .PARAMETER Gotopriorityexpression Expression specifying the priority of the next policy which will get evaluated if the current policy rule evaluates to TRUE. .PARAMETER Invoke Invoke flag. This attribute is relevant only for ADVANCED policies. .PARAMETER Labeltype Type of policy label invocation. Possible values = vserver, service, policylabel .PARAMETER Labelname Name of the label to invoke if the current policy rule evaluates to TRUE. .PARAMETER PassThru Return details about the created sslservice_sslpolicy_binding item. .EXAMPLE PS C:\>Invoke-ADCAddSslservicesslpolicybinding -servicename <string> An example how to add sslservice_sslpolicy_binding configuration Object(s). .NOTES File Name : Invoke-ADCAddSslservicesslpolicybinding Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslservice_sslpolicy_binding/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(Mandatory)] [ValidateScript({ $_.Length -gt 1 })] [string]$Servicename, [string]$Policyname, [ValidateRange(0, 65534)] [double]$Priority, [string]$Gotopriorityexpression, [boolean]$Invoke, [ValidateSet('vserver', 'service', 'policylabel')] [string]$Labeltype, [string]$Labelname, [Switch]$PassThru ) begin { Write-Verbose "Invoke-ADCAddSslservicesslpolicybinding: Starting" } process { try { $payload = @{ servicename = $servicename } if ( $PSBoundParameters.ContainsKey('policyname') ) { $payload.Add('policyname', $policyname) } if ( $PSBoundParameters.ContainsKey('priority') ) { $payload.Add('priority', $priority) } if ( $PSBoundParameters.ContainsKey('gotopriorityexpression') ) { $payload.Add('gotopriorityexpression', $gotopriorityexpression) } if ( $PSBoundParameters.ContainsKey('invoke') ) { $payload.Add('invoke', $invoke) } if ( $PSBoundParameters.ContainsKey('labeltype') ) { $payload.Add('labeltype', $labeltype) } if ( $PSBoundParameters.ContainsKey('labelname') ) { $payload.Add('labelname', $labelname) } if ( $PSCmdlet.ShouldProcess("sslservice_sslpolicy_binding", "Add SSL configuration Object") ) { $result = Invoke-ADCNitroApi -ADCSession $ADCSession -Method PUT -NitroPath nitro/v1/config -Type sslservice_sslpolicy_binding -Payload $payload -GetWarning #HTTP Status Code on Success: 201 Created #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error if ( $PSBoundParameters.ContainsKey('PassThru') ) { Write-Output (Invoke-ADCGetSslservicesslpolicybinding -Filter $payload) } else { Write-Output $result } } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCAddSslservicesslpolicybinding: Finished" } } function Invoke-ADCDeleteSslservicesslpolicybinding { <# .SYNOPSIS Delete SSL configuration Object. .DESCRIPTION Binding object showing the sslpolicy that can be bound to sslservice. .PARAMETER Servicename Name of the SSL service for which to set advanced configuration. .PARAMETER Policyname The SSL policy binding. .PARAMETER Priority The priority of the policies bound to this SSL service. .EXAMPLE PS C:\>Invoke-ADCDeleteSslservicesslpolicybinding -Servicename <string> An example how to delete sslservice_sslpolicy_binding configuration Object(s). .NOTES File Name : Invoke-ADCDeleteSslservicesslpolicybinding Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslservice_sslpolicy_binding/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(Mandatory)] [string]$Servicename, [string]$Policyname, [double]$Priority ) begin { Write-Verbose "Invoke-ADCDeleteSslservicesslpolicybinding: Starting" } process { try { $arguments = @{ } if ( $PSBoundParameters.ContainsKey('Policyname') ) { $arguments.Add('policyname', $Policyname) } if ( $PSBoundParameters.ContainsKey('Priority') ) { $arguments.Add('priority', $Priority) } if ( $PSCmdlet.ShouldProcess("$servicename", "Delete SSL configuration Object") ) { $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method DELETE -Type sslservice_sslpolicy_binding -NitroPath nitro/v1/config -Resource $servicename -Arguments $arguments #HTTP Status Code on Success: 200 OK #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error Write-Output $response } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCDeleteSslservicesslpolicybinding: Finished" } } function Invoke-ADCGetSslservicesslpolicybinding { <# .SYNOPSIS Get SSL configuration object(s). .DESCRIPTION Binding object showing the sslpolicy that can be bound to sslservice. .PARAMETER Servicename Name of the SSL service for which to set advanced configuration. .PARAMETER GetAll Retrieve all sslservice_sslpolicy_binding object(s). .PARAMETER Count If specified, the count of the sslservice_sslpolicy_binding object(s) will be returned. .PARAMETER Filter Specify a filter. -Filter @{ 'name'='<value>' } .PARAMETER ViewSummary When specified, only a summary of information is returned. .EXAMPLE PS C:\>Invoke-ADCGetSslservicesslpolicybinding Get data. .EXAMPLE PS C:\>Invoke-ADCGetSslservicesslpolicybinding -GetAll Get all sslservice_sslpolicy_binding data. .EXAMPLE PS C:\>Invoke-ADCGetSslservicesslpolicybinding -Count Get the number of sslservice_sslpolicy_binding objects. .EXAMPLE PS C:\>Invoke-ADCGetSslservicesslpolicybinding -name <string> Get sslservice_sslpolicy_binding object by specifying for example the name. .EXAMPLE PS C:\>Invoke-ADCGetSslservicesslpolicybinding -Filter @{ 'name'='<value>' } Get sslservice_sslpolicy_binding data with a filter. .NOTES File Name : Invoke-ADCGetSslservicesslpolicybinding Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslservice_sslpolicy_binding/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(DefaultParameterSetName = "GetAll")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(ParameterSetName = 'GetByResource')] [ValidateScript({ $_.Length -gt 1 })] [string]$Servicename, [Parameter(ParameterSetName = 'Count', Mandatory)] [Switch]$Count, [hashtable]$Filter = @{ }, [Parameter(ParameterSetName = 'GetAll')] [Switch]$GetAll ) begin { Write-Verbose "Invoke-ADCGetSslservicesslpolicybinding: Beginning" } process { try { if ( $PsCmdlet.ParameterSetName -eq 'GetAll' ) { $query = @{ bulkbindings = 'yes' } Write-Verbose "Retrieving all sslservice_sslpolicy_binding objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslservice_sslpolicy_binding -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'Count' ) { if ( $PSBoundParameters.ContainsKey('Count') ) { $query = @{ 'count' = 'yes' } } Write-Verbose "Retrieving total count for sslservice_sslpolicy_binding objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslservice_sslpolicy_binding -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByArgument' ) { Write-Verbose "Retrieving sslservice_sslpolicy_binding objects by arguments" $arguments = @{ } $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslservice_sslpolicy_binding -NitroPath nitro/v1/config -Arguments $arguments -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByResource' ) { Write-Verbose "Retrieving sslservice_sslpolicy_binding configuration for property 'servicename'" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslservice_sslpolicy_binding -NitroPath nitro/v1/config -Resource $servicename -Summary:$ViewSummary -Filter $Filter -GetWarning } else { Write-Verbose "Retrieving sslservice_sslpolicy_binding configuration objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslservice_sslpolicy_binding -NitroPath nitro/v1/config -Summary:$ViewSummary -Query $query -Filter $Filter -GetWarning } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" $response = $null } Write-Output $response } end { Write-Verbose "Invoke-ADCGetSslservicesslpolicybinding: Ended" } } function Invoke-ADCUpdateSslvserver { <# .SYNOPSIS Update SSL configuration Object. .DESCRIPTION Configuration for SSL virtual server resource. .PARAMETER Vservername Name of the SSL virtual server for which to set advanced configuration. .PARAMETER Cleartextport Port on which clear-text data is sent by the appliance to the server. Do not specify this parameter for SSL offloading with end-to-end encryption. .PARAMETER Dh State of Diffie-Hellman (DH) key exchange. Possible values = ENABLED, DISABLED .PARAMETER Dhfile Name of and, optionally, path to the DH parameter file, in PEM format, to be installed. /nsconfig/ssl/ is the default path. .PARAMETER Dhcount Number of interactions, between the client and the Citrix ADC, after which the DH private-public pair is regenerated. A value of zero (0) specifies refresh every time. .PARAMETER Dhkeyexpsizelimit This option enables the use of NIST recommended (NIST Special Publication 800-56A) bit size for private-key size. For example, for DH params of size 2048bit, the private-key size recommended is 224bits. This is rounded-up to 256bits. Possible values = ENABLED, DISABLED .PARAMETER Ersa State of Ephemeral RSA (eRSA) key exchange. Ephemeral RSA allows clients that support only export ciphers to communicate with the secure server even if the server certificate does not support export clients. The ephemeral RSA key is automatically generated when you bind an export cipher to an SSL or TCP-based SSL virtual server or service. When you remove the export cipher, the eRSA key is not deleted. It is reused at a later date when another export cipher is bound to an SSL or TCP-based SSL virtual server or service. The eRSA key is deleted when the appliance restarts. Possible values = ENABLED, DISABLED .PARAMETER Ersacount Refresh count for regeneration of the RSA public-key and private-key pair. Zero (0) specifies infinite usage (no refresh). .PARAMETER Sessreuse State of session reuse. Establishing the initial handshake requires CPU-intensive public key encryption operations. With the ENABLED setting, session key exchange is avoided for session resumption requests received from the client. Possible values = ENABLED, DISABLED .PARAMETER Sesstimeout Time, in seconds, for which to keep the session active. Any session resumption request received after the timeout period will require a fresh SSL handshake and establishment of a new SSL session. .PARAMETER Cipherredirect State of Cipher Redirect. If cipher redirect is enabled, you can configure an SSL virtual server or service to display meaningful error messages if the SSL handshake fails because of a cipher mismatch between the virtual server or service and the client. Possible values = ENABLED, DISABLED .PARAMETER Cipherurl The redirect URL to be used with the Cipher Redirect feature. .PARAMETER Sslv2redirect State of SSLv2 Redirect. If SSLv2 redirect is enabled, you can configure an SSL virtual server or service to display meaningful error messages if the SSL handshake fails because of a protocol version mismatch between the virtual server or service and the client. Possible values = ENABLED, DISABLED .PARAMETER Sslv2url URL of the page to which to redirect the client in case of a protocol version mismatch. Typically, this page has a clear explanation of the error or an alternative location that the transaction can continue from. .PARAMETER Clientauth State of client authentication. If client authentication is enabled, the virtual server terminates the SSL handshake if the SSL client does not provide a valid certificate. Possible values = ENABLED, DISABLED .PARAMETER Clientcert Type of client authentication. If this parameter is set to MANDATORY, the appliance terminates the SSL handshake if the SSL client does not provide a valid certificate. With the OPTIONAL setting, the appliance requests a certificate from the SSL clients but proceeds with the SSL transaction even if the client presents an invalid certificate. Caution: Define proper access control policies before changing this setting to Optional. Possible values = Mandatory, Optional .PARAMETER Sslredirect State of HTTPS redirects for the SSL virtual server. For an SSL session, if the client browser receives a redirect message, the browser tries to connect to the new location. However, the secure SSL session breaks if the object has moved from a secure site (https://) to an unsecure site (http://). Typically, a warning message appears on the screen, prompting the user to continue or disconnect. If SSL Redirect is ENABLED, the redirect message is automatically converted from http:// to https:// and the SSL session does not break. Possible values = ENABLED, DISABLED .PARAMETER Redirectportrewrite State of the port rewrite while performing HTTPS redirect. If this parameter is ENABLED and the URL from the server does not contain the standard port, the port is rewritten to the standard. Possible values = ENABLED, DISABLED .PARAMETER Ssl2 State of SSLv2 protocol support for the SSL Virtual Server. Possible values = ENABLED, DISABLED .PARAMETER Ssl3 State of SSLv3 protocol support for the SSL Virtual Server. Note: On platforms with SSL acceleration chips, if the SSL chip does not support SSLv3, this parameter cannot be set to ENABLED. Possible values = ENABLED, DISABLED .PARAMETER Tls1 State of TLSv1.0 protocol support for the SSL Virtual Server. Possible values = ENABLED, DISABLED .PARAMETER Tls11 State of TLSv1.1 protocol support for the SSL Virtual Server. Possible values = ENABLED, DISABLED .PARAMETER Tls12 State of TLSv1.2 protocol support for the SSL Virtual Server. Possible values = ENABLED, DISABLED .PARAMETER Tls13 State of TLSv1.3 protocol support for the SSL Virtual Server. Possible values = ENABLED, DISABLED .PARAMETER Dtls1 State of DTLSv1.0 protocol support for the SSL Virtual Server. Possible values = ENABLED, DISABLED .PARAMETER Dtls12 State of DTLSv1.2 protocol support for the SSL Virtual Server. Possible values = ENABLED, DISABLED .PARAMETER Snienable State of the Server Name Indication (SNI) feature on the virtual server and service-based offload. SNI helps to enable SSL encryption on multiple domains on a single virtual server or service if the domains are controlled by the same organization and share the same second-level domain name. For example, *.sports.net can be used to secure domains such as login.sports.net and help.sports.net. Possible values = ENABLED, DISABLED .PARAMETER Ocspstapling State of OCSP stapling support on the SSL virtual server. Supported only if the protocol used is higher than SSLv3. Possible values: ENABLED: The appliance sends a request to the OCSP responder to check the status of the server certificate and caches the response for the specified time. If the response is valid at the time of SSL handshake with the client, the OCSP-based server certificate status is sent to the client during the handshake. DISABLED: The appliance does not check the status of the server certificate. . Possible values = ENABLED, DISABLED .PARAMETER Pushenctrigger Trigger encryption on the basis of the PUSH flag value. Available settings function as follows: * ALWAYS - Any PUSH packet triggers encryption. * IGNORE - Ignore PUSH packet for triggering encryption. * MERGE - For a consecutive sequence of PUSH packets, the last PUSH packet triggers encryption. * TIMER - PUSH packet triggering encryption is delayed by the time defined in the set ssl parameter command or in the Change Advanced SSL Settings dialog box. Possible values = Always, Merge, Ignore, Timer .PARAMETER Sendclosenotify Enable sending SSL Close-Notify at the end of a transaction. Possible values = YES, NO .PARAMETER Dtlsprofilename Name of the DTLS profile whose settings are to be applied to the virtual server. .PARAMETER Sslprofile Name of the SSL profile that contains SSL settings for the virtual server. .PARAMETER Hsts State of HSTS protocol support for the SSL Virtual Server. Using HSTS, a server can enforce the use of an HTTPS connection for all communication with a client. Possible values = ENABLED, DISABLED .PARAMETER Maxage Set the maximum time, in seconds, in the strict transport security (STS) header during which the client must send only HTTPS requests to the server. .PARAMETER Includesubdomains Enable HSTS for subdomains. If set to Yes, a client must send only HTTPS requests for subdomains. Possible values = YES, NO .PARAMETER Preload Flag indicates the consent of the site owner to have their domain preloaded. Possible values = YES, NO .PARAMETER Strictsigdigestcheck Parameter indicating to check whether peer entity certificate during TLS1.2 handshake is signed with one of signature-hash combination supported by Citrix ADC. Possible values = ENABLED, DISABLED .PARAMETER Zerorttearlydata State of TLS 1.3 0-RTT early data support for the SSL Virtual Server. This setting only has an effect if resumption is enabled, as early data cannot be sent along with an initial handshake. Early application data has significantly different security properties - in particular there is no guarantee that the data cannot be replayed. Possible values = ENABLED, DISABLED .PARAMETER Tls13sessionticketsperauthcontext Number of tickets the SSL Virtual Server will issue anytime TLS 1.3 is negotiated, ticket-based resumption is enabled, and either (1) a handshake completes or (2) post-handhsake client auth completes. This value can be increased to enable clients to open multiple parallel connections using a fresh ticket for each connection. No tickets are sent if resumption is disabled. .PARAMETER Dhekeyexchangewithpsk Whether or not the SSL Virtual Server will require a DHE key exchange to occur when a PSK is accepted during a TLS 1.3 resumption handshake. A DHE key exchange ensures forward secrecy even in the event that ticket keys are compromised, at the expense of an additional round trip and resources required to carry out the DHE key exchange. If disabled, a DHE key exchange will be performed when a PSK is accepted but only if requested by the client. If enabled, the server will require a DHE key exchange when a PSK is accepted regardless of whether the client supports combined PSK-DHE key exchange. This setting only has an effect when resumption is enabled. Possible values = YES, NO .PARAMETER PassThru Return details about the created sslvserver item. .EXAMPLE PS C:\>Invoke-ADCUpdateSslvserver -vservername <string> An example how to update sslvserver configuration Object(s). .NOTES File Name : Invoke-ADCUpdateSslvserver Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslvserver/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(Mandatory)] [ValidateScript({ $_.Length -gt 1 })] [string]$Vservername, [ValidateRange(0, 65534)] [int]$Cleartextport, [ValidateSet('ENABLED', 'DISABLED')] [string]$Dh, [ValidateScript({ $_.Length -gt 1 })] [string]$Dhfile, [ValidateRange(0, 65534)] [double]$Dhcount, [ValidateSet('ENABLED', 'DISABLED')] [string]$Dhkeyexpsizelimit, [ValidateSet('ENABLED', 'DISABLED')] [string]$Ersa, [ValidateRange(0, 65534)] [double]$Ersacount, [ValidateSet('ENABLED', 'DISABLED')] [string]$Sessreuse, [ValidateRange(0, 4294967294)] [double]$Sesstimeout, [ValidateSet('ENABLED', 'DISABLED')] [string]$Cipherredirect, [string]$Cipherurl, [ValidateSet('ENABLED', 'DISABLED')] [string]$Sslv2redirect, [string]$Sslv2url, [ValidateSet('ENABLED', 'DISABLED')] [string]$Clientauth, [ValidateSet('Mandatory', 'Optional')] [string]$Clientcert, [ValidateSet('ENABLED', 'DISABLED')] [string]$Sslredirect, [ValidateSet('ENABLED', 'DISABLED')] [string]$Redirectportrewrite, [ValidateSet('ENABLED', 'DISABLED')] [string]$Ssl2, [ValidateSet('ENABLED', 'DISABLED')] [string]$Ssl3, [ValidateSet('ENABLED', 'DISABLED')] [string]$Tls1, [ValidateSet('ENABLED', 'DISABLED')] [string]$Tls11, [ValidateSet('ENABLED', 'DISABLED')] [string]$Tls12, [ValidateSet('ENABLED', 'DISABLED')] [string]$Tls13, [ValidateSet('ENABLED', 'DISABLED')] [string]$Dtls1, [ValidateSet('ENABLED', 'DISABLED')] [string]$Dtls12, [ValidateSet('ENABLED', 'DISABLED')] [string]$Snienable, [ValidateSet('ENABLED', 'DISABLED')] [string]$Ocspstapling, [ValidateSet('Always', 'Merge', 'Ignore', 'Timer')] [string]$Pushenctrigger, [ValidateSet('YES', 'NO')] [string]$Sendclosenotify, [ValidateLength(1, 127)] [string]$Dtlsprofilename, [ValidateLength(1, 127)] [string]$Sslprofile, [ValidateSet('ENABLED', 'DISABLED')] [string]$Hsts, [ValidateRange(0, 4294967294)] [double]$Maxage, [ValidateSet('YES', 'NO')] [string]$Includesubdomains, [ValidateSet('YES', 'NO')] [string]$Preload, [ValidateSet('ENABLED', 'DISABLED')] [string]$Strictsigdigestcheck, [ValidateSet('ENABLED', 'DISABLED')] [string]$Zerorttearlydata, [ValidateRange(1, 10)] [double]$Tls13sessionticketsperauthcontext, [ValidateSet('YES', 'NO')] [string]$Dhekeyexchangewithpsk, [Switch]$PassThru ) begin { Write-Verbose "Invoke-ADCUpdateSslvserver: Starting" } process { try { $payload = @{ vservername = $vservername } if ( $PSBoundParameters.ContainsKey('cleartextport') ) { $payload.Add('cleartextport', $cleartextport) } if ( $PSBoundParameters.ContainsKey('dh') ) { $payload.Add('dh', $dh) } if ( $PSBoundParameters.ContainsKey('dhfile') ) { $payload.Add('dhfile', $dhfile) } if ( $PSBoundParameters.ContainsKey('dhcount') ) { $payload.Add('dhcount', $dhcount) } if ( $PSBoundParameters.ContainsKey('dhkeyexpsizelimit') ) { $payload.Add('dhkeyexpsizelimit', $dhkeyexpsizelimit) } if ( $PSBoundParameters.ContainsKey('ersa') ) { $payload.Add('ersa', $ersa) } if ( $PSBoundParameters.ContainsKey('ersacount') ) { $payload.Add('ersacount', $ersacount) } if ( $PSBoundParameters.ContainsKey('sessreuse') ) { $payload.Add('sessreuse', $sessreuse) } if ( $PSBoundParameters.ContainsKey('sesstimeout') ) { $payload.Add('sesstimeout', $sesstimeout) } if ( $PSBoundParameters.ContainsKey('cipherredirect') ) { $payload.Add('cipherredirect', $cipherredirect) } if ( $PSBoundParameters.ContainsKey('cipherurl') ) { $payload.Add('cipherurl', $cipherurl) } if ( $PSBoundParameters.ContainsKey('sslv2redirect') ) { $payload.Add('sslv2redirect', $sslv2redirect) } if ( $PSBoundParameters.ContainsKey('sslv2url') ) { $payload.Add('sslv2url', $sslv2url) } if ( $PSBoundParameters.ContainsKey('clientauth') ) { $payload.Add('clientauth', $clientauth) } if ( $PSBoundParameters.ContainsKey('clientcert') ) { $payload.Add('clientcert', $clientcert) } if ( $PSBoundParameters.ContainsKey('sslredirect') ) { $payload.Add('sslredirect', $sslredirect) } if ( $PSBoundParameters.ContainsKey('redirectportrewrite') ) { $payload.Add('redirectportrewrite', $redirectportrewrite) } if ( $PSBoundParameters.ContainsKey('ssl2') ) { $payload.Add('ssl2', $ssl2) } if ( $PSBoundParameters.ContainsKey('ssl3') ) { $payload.Add('ssl3', $ssl3) } if ( $PSBoundParameters.ContainsKey('tls1') ) { $payload.Add('tls1', $tls1) } if ( $PSBoundParameters.ContainsKey('tls11') ) { $payload.Add('tls11', $tls11) } if ( $PSBoundParameters.ContainsKey('tls12') ) { $payload.Add('tls12', $tls12) } if ( $PSBoundParameters.ContainsKey('tls13') ) { $payload.Add('tls13', $tls13) } if ( $PSBoundParameters.ContainsKey('dtls1') ) { $payload.Add('dtls1', $dtls1) } if ( $PSBoundParameters.ContainsKey('dtls12') ) { $payload.Add('dtls12', $dtls12) } if ( $PSBoundParameters.ContainsKey('snienable') ) { $payload.Add('snienable', $snienable) } if ( $PSBoundParameters.ContainsKey('ocspstapling') ) { $payload.Add('ocspstapling', $ocspstapling) } if ( $PSBoundParameters.ContainsKey('pushenctrigger') ) { $payload.Add('pushenctrigger', $pushenctrigger) } if ( $PSBoundParameters.ContainsKey('sendclosenotify') ) { $payload.Add('sendclosenotify', $sendclosenotify) } if ( $PSBoundParameters.ContainsKey('dtlsprofilename') ) { $payload.Add('dtlsprofilename', $dtlsprofilename) } if ( $PSBoundParameters.ContainsKey('sslprofile') ) { $payload.Add('sslprofile', $sslprofile) } if ( $PSBoundParameters.ContainsKey('hsts') ) { $payload.Add('hsts', $hsts) } if ( $PSBoundParameters.ContainsKey('maxage') ) { $payload.Add('maxage', $maxage) } if ( $PSBoundParameters.ContainsKey('includesubdomains') ) { $payload.Add('includesubdomains', $includesubdomains) } if ( $PSBoundParameters.ContainsKey('preload') ) { $payload.Add('preload', $preload) } if ( $PSBoundParameters.ContainsKey('strictsigdigestcheck') ) { $payload.Add('strictsigdigestcheck', $strictsigdigestcheck) } if ( $PSBoundParameters.ContainsKey('zerorttearlydata') ) { $payload.Add('zerorttearlydata', $zerorttearlydata) } if ( $PSBoundParameters.ContainsKey('tls13sessionticketsperauthcontext') ) { $payload.Add('tls13sessionticketsperauthcontext', $tls13sessionticketsperauthcontext) } if ( $PSBoundParameters.ContainsKey('dhekeyexchangewithpsk') ) { $payload.Add('dhekeyexchangewithpsk', $dhekeyexchangewithpsk) } if ( $PSCmdlet.ShouldProcess("sslvserver", "Update SSL configuration Object") ) { $result = Invoke-ADCNitroApi -ADCSession $ADCSession -Method PUT -NitroPath nitro/v1/config -Type sslvserver -Payload $payload -GetWarning #HTTP Status Code on Success: 200 OK #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error if ( $PSBoundParameters.ContainsKey('PassThru') ) { Write-Output (Invoke-ADCGetSslvserver -Filter $payload) } else { Write-Output $result } } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCUpdateSslvserver: Finished" } } function Invoke-ADCUnsetSslvserver { <# .SYNOPSIS Unset SSL configuration Object. .DESCRIPTION Configuration for SSL virtual server resource. .PARAMETER Vservername Name of the SSL virtual server for which to set advanced configuration. .PARAMETER Cleartextport Port on which clear-text data is sent by the appliance to the server. Do not specify this parameter for SSL offloading with end-to-end encryption. .PARAMETER Dh State of Diffie-Hellman (DH) key exchange. Possible values = ENABLED, DISABLED .PARAMETER Dhfile Name of and, optionally, path to the DH parameter file, in PEM format, to be installed. /nsconfig/ssl/ is the default path. .PARAMETER Dhcount Number of interactions, between the client and the Citrix ADC, after which the DH private-public pair is regenerated. A value of zero (0) specifies refresh every time. .PARAMETER Dhkeyexpsizelimit This option enables the use of NIST recommended (NIST Special Publication 800-56A) bit size for private-key size. For example, for DH params of size 2048bit, the private-key size recommended is 224bits. This is rounded-up to 256bits. Possible values = ENABLED, DISABLED .PARAMETER Ersa State of Ephemeral RSA (eRSA) key exchange. Ephemeral RSA allows clients that support only export ciphers to communicate with the secure server even if the server certificate does not support export clients. The ephemeral RSA key is automatically generated when you bind an export cipher to an SSL or TCP-based SSL virtual server or service. When you remove the export cipher, the eRSA key is not deleted. It is reused at a later date when another export cipher is bound to an SSL or TCP-based SSL virtual server or service. The eRSA key is deleted when the appliance restarts. Possible values = ENABLED, DISABLED .PARAMETER Ersacount Refresh count for regeneration of the RSA public-key and private-key pair. Zero (0) specifies infinite usage (no refresh). .PARAMETER Sessreuse State of session reuse. Establishing the initial handshake requires CPU-intensive public key encryption operations. With the ENABLED setting, session key exchange is avoided for session resumption requests received from the client. Possible values = ENABLED, DISABLED .PARAMETER Sesstimeout Time, in seconds, for which to keep the session active. Any session resumption request received after the timeout period will require a fresh SSL handshake and establishment of a new SSL session. .PARAMETER Cipherredirect State of Cipher Redirect. If cipher redirect is enabled, you can configure an SSL virtual server or service to display meaningful error messages if the SSL handshake fails because of a cipher mismatch between the virtual server or service and the client. Possible values = ENABLED, DISABLED .PARAMETER Cipherurl The redirect URL to be used with the Cipher Redirect feature. .PARAMETER Sslv2redirect State of SSLv2 Redirect. If SSLv2 redirect is enabled, you can configure an SSL virtual server or service to display meaningful error messages if the SSL handshake fails because of a protocol version mismatch between the virtual server or service and the client. Possible values = ENABLED, DISABLED .PARAMETER Sslv2url URL of the page to which to redirect the client in case of a protocol version mismatch. Typically, this page has a clear explanation of the error or an alternative location that the transaction can continue from. .PARAMETER Clientauth State of client authentication. If client authentication is enabled, the virtual server terminates the SSL handshake if the SSL client does not provide a valid certificate. Possible values = ENABLED, DISABLED .PARAMETER Clientcert Type of client authentication. If this parameter is set to MANDATORY, the appliance terminates the SSL handshake if the SSL client does not provide a valid certificate. With the OPTIONAL setting, the appliance requests a certificate from the SSL clients but proceeds with the SSL transaction even if the client presents an invalid certificate. Caution: Define proper access control policies before changing this setting to Optional. Possible values = Mandatory, Optional .PARAMETER Sslredirect State of HTTPS redirects for the SSL virtual server. For an SSL session, if the client browser receives a redirect message, the browser tries to connect to the new location. However, the secure SSL session breaks if the object has moved from a secure site (https://) to an unsecure site (http://). Typically, a warning message appears on the screen, prompting the user to continue or disconnect. If SSL Redirect is ENABLED, the redirect message is automatically converted from http:// to https:// and the SSL session does not break. Possible values = ENABLED, DISABLED .PARAMETER Redirectportrewrite State of the port rewrite while performing HTTPS redirect. If this parameter is ENABLED and the URL from the server does not contain the standard port, the port is rewritten to the standard. Possible values = ENABLED, DISABLED .PARAMETER Ssl2 State of SSLv2 protocol support for the SSL Virtual Server. Possible values = ENABLED, DISABLED .PARAMETER Ssl3 State of SSLv3 protocol support for the SSL Virtual Server. Note: On platforms with SSL acceleration chips, if the SSL chip does not support SSLv3, this parameter cannot be set to ENABLED. Possible values = ENABLED, DISABLED .PARAMETER Tls1 State of TLSv1.0 protocol support for the SSL Virtual Server. Possible values = ENABLED, DISABLED .PARAMETER Tls11 State of TLSv1.1 protocol support for the SSL Virtual Server. Possible values = ENABLED, DISABLED .PARAMETER Tls12 State of TLSv1.2 protocol support for the SSL Virtual Server. Possible values = ENABLED, DISABLED .PARAMETER Tls13 State of TLSv1.3 protocol support for the SSL Virtual Server. Possible values = ENABLED, DISABLED .PARAMETER Dtls1 State of DTLSv1.0 protocol support for the SSL Virtual Server. Possible values = ENABLED, DISABLED .PARAMETER Dtls12 State of DTLSv1.2 protocol support for the SSL Virtual Server. Possible values = ENABLED, DISABLED .PARAMETER Snienable State of the Server Name Indication (SNI) feature on the virtual server and service-based offload. SNI helps to enable SSL encryption on multiple domains on a single virtual server or service if the domains are controlled by the same organization and share the same second-level domain name. For example, *.sports.net can be used to secure domains such as login.sports.net and help.sports.net. Possible values = ENABLED, DISABLED .PARAMETER Ocspstapling State of OCSP stapling support on the SSL virtual server. Supported only if the protocol used is higher than SSLv3. Possible values: ENABLED: The appliance sends a request to the OCSP responder to check the status of the server certificate and caches the response for the specified time. If the response is valid at the time of SSL handshake with the client, the OCSP-based server certificate status is sent to the client during the handshake. DISABLED: The appliance does not check the status of the server certificate. . Possible values = ENABLED, DISABLED .PARAMETER Sendclosenotify Enable sending SSL Close-Notify at the end of a transaction. Possible values = YES, NO .PARAMETER Dtlsprofilename Name of the DTLS profile whose settings are to be applied to the virtual server. .PARAMETER Sslprofile Name of the SSL profile that contains SSL settings for the virtual server. .PARAMETER Hsts State of HSTS protocol support for the SSL Virtual Server. Using HSTS, a server can enforce the use of an HTTPS connection for all communication with a client. Possible values = ENABLED, DISABLED .PARAMETER Maxage Set the maximum time, in seconds, in the strict transport security (STS) header during which the client must send only HTTPS requests to the server. .PARAMETER Includesubdomains Enable HSTS for subdomains. If set to Yes, a client must send only HTTPS requests for subdomains. Possible values = YES, NO .PARAMETER Preload Flag indicates the consent of the site owner to have their domain preloaded. Possible values = YES, NO .PARAMETER Strictsigdigestcheck Parameter indicating to check whether peer entity certificate during TLS1.2 handshake is signed with one of signature-hash combination supported by Citrix ADC. Possible values = ENABLED, DISABLED .PARAMETER Zerorttearlydata State of TLS 1.3 0-RTT early data support for the SSL Virtual Server. This setting only has an effect if resumption is enabled, as early data cannot be sent along with an initial handshake. Early application data has significantly different security properties - in particular there is no guarantee that the data cannot be replayed. Possible values = ENABLED, DISABLED .PARAMETER Tls13sessionticketsperauthcontext Number of tickets the SSL Virtual Server will issue anytime TLS 1.3 is negotiated, ticket-based resumption is enabled, and either (1) a handshake completes or (2) post-handhsake client auth completes. This value can be increased to enable clients to open multiple parallel connections using a fresh ticket for each connection. No tickets are sent if resumption is disabled. .PARAMETER Dhekeyexchangewithpsk Whether or not the SSL Virtual Server will require a DHE key exchange to occur when a PSK is accepted during a TLS 1.3 resumption handshake. A DHE key exchange ensures forward secrecy even in the event that ticket keys are compromised, at the expense of an additional round trip and resources required to carry out the DHE key exchange. If disabled, a DHE key exchange will be performed when a PSK is accepted but only if requested by the client. If enabled, the server will require a DHE key exchange when a PSK is accepted regardless of whether the client supports combined PSK-DHE key exchange. This setting only has an effect when resumption is enabled. Possible values = YES, NO .EXAMPLE PS C:\>Invoke-ADCUnsetSslvserver -vservername <string> An example how to unset sslvserver configuration Object(s). .NOTES File Name : Invoke-ADCUnsetSslvserver Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslvserver Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [ValidateScript({ $_.Length -gt 1 })] [string]$Vservername, [Boolean]$cleartextport, [Boolean]$dh, [Boolean]$dhfile, [Boolean]$dhcount, [Boolean]$dhkeyexpsizelimit, [Boolean]$ersa, [Boolean]$ersacount, [Boolean]$sessreuse, [Boolean]$sesstimeout, [Boolean]$cipherredirect, [Boolean]$cipherurl, [Boolean]$sslv2redirect, [Boolean]$sslv2url, [Boolean]$clientauth, [Boolean]$clientcert, [Boolean]$sslredirect, [Boolean]$redirectportrewrite, [Boolean]$ssl2, [Boolean]$ssl3, [Boolean]$tls1, [Boolean]$tls11, [Boolean]$tls12, [Boolean]$tls13, [Boolean]$dtls1, [Boolean]$dtls12, [Boolean]$snienable, [Boolean]$ocspstapling, [Boolean]$sendclosenotify, [Boolean]$dtlsprofilename, [Boolean]$sslprofile, [Boolean]$hsts, [Boolean]$maxage, [Boolean]$includesubdomains, [Boolean]$preload, [Boolean]$strictsigdigestcheck, [Boolean]$zerorttearlydata, [Boolean]$tls13sessionticketsperauthcontext, [Boolean]$dhekeyexchangewithpsk ) begin { Write-Verbose "Invoke-ADCUnsetSslvserver: Starting" } process { try { $payload = @{ vservername = $vservername } if ( $PSBoundParameters.ContainsKey('cleartextport') ) { $payload.Add('cleartextport', $cleartextport) } if ( $PSBoundParameters.ContainsKey('dh') ) { $payload.Add('dh', $dh) } if ( $PSBoundParameters.ContainsKey('dhfile') ) { $payload.Add('dhfile', $dhfile) } if ( $PSBoundParameters.ContainsKey('dhcount') ) { $payload.Add('dhcount', $dhcount) } if ( $PSBoundParameters.ContainsKey('dhkeyexpsizelimit') ) { $payload.Add('dhkeyexpsizelimit', $dhkeyexpsizelimit) } if ( $PSBoundParameters.ContainsKey('ersa') ) { $payload.Add('ersa', $ersa) } if ( $PSBoundParameters.ContainsKey('ersacount') ) { $payload.Add('ersacount', $ersacount) } if ( $PSBoundParameters.ContainsKey('sessreuse') ) { $payload.Add('sessreuse', $sessreuse) } if ( $PSBoundParameters.ContainsKey('sesstimeout') ) { $payload.Add('sesstimeout', $sesstimeout) } if ( $PSBoundParameters.ContainsKey('cipherredirect') ) { $payload.Add('cipherredirect', $cipherredirect) } if ( $PSBoundParameters.ContainsKey('cipherurl') ) { $payload.Add('cipherurl', $cipherurl) } if ( $PSBoundParameters.ContainsKey('sslv2redirect') ) { $payload.Add('sslv2redirect', $sslv2redirect) } if ( $PSBoundParameters.ContainsKey('sslv2url') ) { $payload.Add('sslv2url', $sslv2url) } if ( $PSBoundParameters.ContainsKey('clientauth') ) { $payload.Add('clientauth', $clientauth) } if ( $PSBoundParameters.ContainsKey('clientcert') ) { $payload.Add('clientcert', $clientcert) } if ( $PSBoundParameters.ContainsKey('sslredirect') ) { $payload.Add('sslredirect', $sslredirect) } if ( $PSBoundParameters.ContainsKey('redirectportrewrite') ) { $payload.Add('redirectportrewrite', $redirectportrewrite) } if ( $PSBoundParameters.ContainsKey('ssl2') ) { $payload.Add('ssl2', $ssl2) } if ( $PSBoundParameters.ContainsKey('ssl3') ) { $payload.Add('ssl3', $ssl3) } if ( $PSBoundParameters.ContainsKey('tls1') ) { $payload.Add('tls1', $tls1) } if ( $PSBoundParameters.ContainsKey('tls11') ) { $payload.Add('tls11', $tls11) } if ( $PSBoundParameters.ContainsKey('tls12') ) { $payload.Add('tls12', $tls12) } if ( $PSBoundParameters.ContainsKey('tls13') ) { $payload.Add('tls13', $tls13) } if ( $PSBoundParameters.ContainsKey('dtls1') ) { $payload.Add('dtls1', $dtls1) } if ( $PSBoundParameters.ContainsKey('dtls12') ) { $payload.Add('dtls12', $dtls12) } if ( $PSBoundParameters.ContainsKey('snienable') ) { $payload.Add('snienable', $snienable) } if ( $PSBoundParameters.ContainsKey('ocspstapling') ) { $payload.Add('ocspstapling', $ocspstapling) } if ( $PSBoundParameters.ContainsKey('sendclosenotify') ) { $payload.Add('sendclosenotify', $sendclosenotify) } if ( $PSBoundParameters.ContainsKey('dtlsprofilename') ) { $payload.Add('dtlsprofilename', $dtlsprofilename) } if ( $PSBoundParameters.ContainsKey('sslprofile') ) { $payload.Add('sslprofile', $sslprofile) } if ( $PSBoundParameters.ContainsKey('hsts') ) { $payload.Add('hsts', $hsts) } if ( $PSBoundParameters.ContainsKey('maxage') ) { $payload.Add('maxage', $maxage) } if ( $PSBoundParameters.ContainsKey('includesubdomains') ) { $payload.Add('includesubdomains', $includesubdomains) } if ( $PSBoundParameters.ContainsKey('preload') ) { $payload.Add('preload', $preload) } if ( $PSBoundParameters.ContainsKey('strictsigdigestcheck') ) { $payload.Add('strictsigdigestcheck', $strictsigdigestcheck) } if ( $PSBoundParameters.ContainsKey('zerorttearlydata') ) { $payload.Add('zerorttearlydata', $zerorttearlydata) } if ( $PSBoundParameters.ContainsKey('tls13sessionticketsperauthcontext') ) { $payload.Add('tls13sessionticketsperauthcontext', $tls13sessionticketsperauthcontext) } if ( $PSBoundParameters.ContainsKey('dhekeyexchangewithpsk') ) { $payload.Add('dhekeyexchangewithpsk', $dhekeyexchangewithpsk) } if ( $PSCmdlet.ShouldProcess("$vservername", "Unset SSL configuration Object") ) { $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method POST -Type sslvserver -NitroPath nitro/v1/config -Action unset -Payload $payload -GetWarning #HTTP Status Code on Success: 200 OK #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error Write-Output $response } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCUnsetSslvserver: Finished" } } function Invoke-ADCGetSslvserver { <# .SYNOPSIS Get SSL configuration object(s). .DESCRIPTION Configuration for SSL virtual server resource. .PARAMETER Vservername Name of the SSL virtual server for which to set advanced configuration. .PARAMETER GetAll Retrieve all sslvserver object(s). .PARAMETER Count If specified, the count of the sslvserver object(s) will be returned. .PARAMETER Filter Specify a filter. -Filter @{ 'name'='<value>' } .PARAMETER ViewSummary When specified, only a summary of information is returned. .EXAMPLE PS C:\>Invoke-ADCGetSslvserver Get data. .EXAMPLE PS C:\>Invoke-ADCGetSslvserver -GetAll Get all sslvserver data. .EXAMPLE PS C:\>Invoke-ADCGetSslvserver -Count Get the number of sslvserver objects. .EXAMPLE PS C:\>Invoke-ADCGetSslvserver -name <string> Get sslvserver object by specifying for example the name. .EXAMPLE PS C:\>Invoke-ADCGetSslvserver -Filter @{ 'name'='<value>' } Get sslvserver data with a filter. .NOTES File Name : Invoke-ADCGetSslvserver Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslvserver/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(DefaultParameterSetName = "GetAll")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(ParameterSetName = 'GetByResource')] [ValidateScript({ $_.Length -gt 1 })] [string]$Vservername, [Parameter(ParameterSetName = 'Count', Mandatory)] [Switch]$Count, [hashtable]$Filter = @{ }, [Parameter(ParameterSetName = 'GetAll')] [Switch]$GetAll, [Parameter(ParameterSetName = 'GetAll')] [Parameter(ParameterSetName = 'Get')] [Switch]$ViewSummary ) begin { Write-Verbose "Invoke-ADCGetSslvserver: Beginning" } process { try { if ( $PsCmdlet.ParameterSetName -eq 'GetAll' ) { $query = @{ } Write-Verbose "Retrieving all sslvserver objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslvserver -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'Count' ) { if ( $PSBoundParameters.ContainsKey('Count') ) { $query = @{ 'count' = 'yes' } } Write-Verbose "Retrieving total count for sslvserver objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslvserver -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByArgument' ) { Write-Verbose "Retrieving sslvserver objects by arguments" $arguments = @{ } $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslvserver -NitroPath nitro/v1/config -Arguments $arguments -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByResource' ) { Write-Verbose "Retrieving sslvserver configuration for property 'vservername'" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslvserver -NitroPath nitro/v1/config -Resource $vservername -Summary:$ViewSummary -Filter $Filter -GetWarning } else { Write-Verbose "Retrieving sslvserver configuration objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslvserver -NitroPath nitro/v1/config -Summary:$ViewSummary -Query $query -Filter $Filter -GetWarning } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" $response = $null } Write-Output $response } end { Write-Verbose "Invoke-ADCGetSslvserver: Ended" } } function Invoke-ADCGetSslvserverbinding { <# .SYNOPSIS Get SSL configuration object(s). .DESCRIPTION Binding object which returns the resources bound to sslvserver. .PARAMETER Vservername Name of the SSL virtual server for which to show detailed information. .PARAMETER GetAll Retrieve all sslvserver_binding object(s). .PARAMETER Count If specified, the count of the sslvserver_binding object(s) will be returned. .PARAMETER Filter Specify a filter. -Filter @{ 'name'='<value>' } .PARAMETER ViewSummary When specified, only a summary of information is returned. .EXAMPLE PS C:\>Invoke-ADCGetSslvserverbinding Get data. .EXAMPLE PS C:\>Invoke-ADCGetSslvserverbinding -GetAll Get all sslvserver_binding data. .EXAMPLE PS C:\>Invoke-ADCGetSslvserverbinding -name <string> Get sslvserver_binding object by specifying for example the name. .EXAMPLE PS C:\>Invoke-ADCGetSslvserverbinding -Filter @{ 'name'='<value>' } Get sslvserver_binding data with a filter. .NOTES File Name : Invoke-ADCGetSslvserverbinding Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslvserver_binding/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(DefaultParameterSetName = "GetAll")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(ParameterSetName = 'GetByResource')] [ValidateScript({ $_.Length -gt 1 })] [string]$Vservername, [hashtable]$Filter = @{ }, [Parameter(ParameterSetName = 'GetAll')] [Switch]$GetAll ) begin { Write-Verbose "Invoke-ADCGetSslvserverbinding: Beginning" } process { try { if ( $PsCmdlet.ParameterSetName -eq 'GetAll' ) { $query = @{ bulkbindings = 'yes' } Write-Verbose "Retrieving all sslvserver_binding objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslvserver_binding -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'Count' ) { if ( $PSBoundParameters.ContainsKey('Count') ) { $query = @{ 'count' = 'yes' } } Write-Verbose "Retrieving total count for sslvserver_binding objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslvserver_binding -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByArgument' ) { Write-Verbose "Retrieving sslvserver_binding objects by arguments" $arguments = @{ } $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslvserver_binding -NitroPath nitro/v1/config -Arguments $arguments -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByResource' ) { Write-Verbose "Retrieving sslvserver_binding configuration for property 'vservername'" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslvserver_binding -NitroPath nitro/v1/config -Resource $vservername -Summary:$ViewSummary -Filter $Filter -GetWarning } else { Write-Verbose "Retrieving sslvserver_binding configuration objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslvserver_binding -NitroPath nitro/v1/config -Summary:$ViewSummary -Query $query -Filter $Filter -GetWarning } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" $response = $null } Write-Output $response } end { Write-Verbose "Invoke-ADCGetSslvserverbinding: Ended" } } function Invoke-ADCAddSslvserverecccurvebinding { <# .SYNOPSIS Add SSL configuration Object. .DESCRIPTION Binding object showing the ecccurve that can be bound to sslvserver. .PARAMETER Vservername Name of the SSL virtual server. .PARAMETER Ecccurvename Named ECC curve bound to vserver/service. Possible values = ALL, P_224, P_256, P_384, P_521 .PARAMETER PassThru Return details about the created sslvserver_ecccurve_binding item. .EXAMPLE PS C:\>Invoke-ADCAddSslvserverecccurvebinding -vservername <string> An example how to add sslvserver_ecccurve_binding configuration Object(s). .NOTES File Name : Invoke-ADCAddSslvserverecccurvebinding Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslvserver_ecccurve_binding/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(Mandatory)] [ValidateScript({ $_.Length -gt 1 })] [string]$Vservername, [ValidateSet('ALL', 'P_224', 'P_256', 'P_384', 'P_521')] [string]$Ecccurvename, [Switch]$PassThru ) begin { Write-Verbose "Invoke-ADCAddSslvserverecccurvebinding: Starting" } process { try { $payload = @{ vservername = $vservername } if ( $PSBoundParameters.ContainsKey('ecccurvename') ) { $payload.Add('ecccurvename', $ecccurvename) } if ( $PSCmdlet.ShouldProcess("sslvserver_ecccurve_binding", "Add SSL configuration Object") ) { $result = Invoke-ADCNitroApi -ADCSession $ADCSession -Method PUT -NitroPath nitro/v1/config -Type sslvserver_ecccurve_binding -Payload $payload -GetWarning #HTTP Status Code on Success: 201 Created #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error if ( $PSBoundParameters.ContainsKey('PassThru') ) { Write-Output (Invoke-ADCGetSslvserverecccurvebinding -Filter $payload) } else { Write-Output $result } } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCAddSslvserverecccurvebinding: Finished" } } function Invoke-ADCDeleteSslvserverecccurvebinding { <# .SYNOPSIS Delete SSL configuration Object. .DESCRIPTION Binding object showing the ecccurve that can be bound to sslvserver. .PARAMETER Vservername Name of the SSL virtual server. .PARAMETER Ecccurvename Named ECC curve bound to vserver/service. Possible values = ALL, P_224, P_256, P_384, P_521 .EXAMPLE PS C:\>Invoke-ADCDeleteSslvserverecccurvebinding -Vservername <string> An example how to delete sslvserver_ecccurve_binding configuration Object(s). .NOTES File Name : Invoke-ADCDeleteSslvserverecccurvebinding Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslvserver_ecccurve_binding/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(Mandatory)] [string]$Vservername, [string]$Ecccurvename ) begin { Write-Verbose "Invoke-ADCDeleteSslvserverecccurvebinding: Starting" } process { try { $arguments = @{ } if ( $PSBoundParameters.ContainsKey('Ecccurvename') ) { $arguments.Add('ecccurvename', $Ecccurvename) } if ( $PSCmdlet.ShouldProcess("$vservername", "Delete SSL configuration Object") ) { $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method DELETE -Type sslvserver_ecccurve_binding -NitroPath nitro/v1/config -Resource $vservername -Arguments $arguments #HTTP Status Code on Success: 200 OK #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error Write-Output $response } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCDeleteSslvserverecccurvebinding: Finished" } } function Invoke-ADCGetSslvserverecccurvebinding { <# .SYNOPSIS Get SSL configuration object(s). .DESCRIPTION Binding object showing the ecccurve that can be bound to sslvserver. .PARAMETER Vservername Name of the SSL virtual server. .PARAMETER GetAll Retrieve all sslvserver_ecccurve_binding object(s). .PARAMETER Count If specified, the count of the sslvserver_ecccurve_binding object(s) will be returned. .PARAMETER Filter Specify a filter. -Filter @{ 'name'='<value>' } .PARAMETER ViewSummary When specified, only a summary of information is returned. .EXAMPLE PS C:\>Invoke-ADCGetSslvserverecccurvebinding Get data. .EXAMPLE PS C:\>Invoke-ADCGetSslvserverecccurvebinding -GetAll Get all sslvserver_ecccurve_binding data. .EXAMPLE PS C:\>Invoke-ADCGetSslvserverecccurvebinding -Count Get the number of sslvserver_ecccurve_binding objects. .EXAMPLE PS C:\>Invoke-ADCGetSslvserverecccurvebinding -name <string> Get sslvserver_ecccurve_binding object by specifying for example the name. .EXAMPLE PS C:\>Invoke-ADCGetSslvserverecccurvebinding -Filter @{ 'name'='<value>' } Get sslvserver_ecccurve_binding data with a filter. .NOTES File Name : Invoke-ADCGetSslvserverecccurvebinding Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslvserver_ecccurve_binding/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(DefaultParameterSetName = "GetAll")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(ParameterSetName = 'GetByResource')] [ValidateScript({ $_.Length -gt 1 })] [string]$Vservername, [Parameter(ParameterSetName = 'Count', Mandatory)] [Switch]$Count, [hashtable]$Filter = @{ }, [Parameter(ParameterSetName = 'GetAll')] [Switch]$GetAll ) begin { Write-Verbose "Invoke-ADCGetSslvserverecccurvebinding: Beginning" } process { try { if ( $PsCmdlet.ParameterSetName -eq 'GetAll' ) { $query = @{ bulkbindings = 'yes' } Write-Verbose "Retrieving all sslvserver_ecccurve_binding objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslvserver_ecccurve_binding -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'Count' ) { if ( $PSBoundParameters.ContainsKey('Count') ) { $query = @{ 'count' = 'yes' } } Write-Verbose "Retrieving total count for sslvserver_ecccurve_binding objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslvserver_ecccurve_binding -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByArgument' ) { Write-Verbose "Retrieving sslvserver_ecccurve_binding objects by arguments" $arguments = @{ } $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslvserver_ecccurve_binding -NitroPath nitro/v1/config -Arguments $arguments -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByResource' ) { Write-Verbose "Retrieving sslvserver_ecccurve_binding configuration for property 'vservername'" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslvserver_ecccurve_binding -NitroPath nitro/v1/config -Resource $vservername -Summary:$ViewSummary -Filter $Filter -GetWarning } else { Write-Verbose "Retrieving sslvserver_ecccurve_binding configuration objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslvserver_ecccurve_binding -NitroPath nitro/v1/config -Summary:$ViewSummary -Query $query -Filter $Filter -GetWarning } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" $response = $null } Write-Output $response } end { Write-Verbose "Invoke-ADCGetSslvserverecccurvebinding: Ended" } } function Invoke-ADCAddSslvserversslcertkeybinding { <# .SYNOPSIS Add SSL configuration Object. .DESCRIPTION Binding object showing the sslcertkey that can be bound to sslvserver. .PARAMETER Vservername Name of the SSL virtual server. .PARAMETER Certkeyname The name of the certificate key pair binding. .PARAMETER Ca CA certificate. .PARAMETER Crlcheck The state of the CRL check parameter. (Mandatory/Optional). Possible values = Mandatory, Optional .PARAMETER Skipcaname The flag is used to indicate whether this particular CA certificate's CA_Name needs to be sent to the SSL client while requesting for client certificate in a SSL handshake. .PARAMETER Snicert The name of the CertKey. Use this option to bind Certkey(s) which will be used in SNI processing. .PARAMETER Ocspcheck The state of the OCSP check parameter. (Mandatory/Optional). Possible values = Mandatory, Optional .PARAMETER PassThru Return details about the created sslvserver_sslcertkey_binding item. .EXAMPLE PS C:\>Invoke-ADCAddSslvserversslcertkeybinding -vservername <string> An example how to add sslvserver_sslcertkey_binding configuration Object(s). .NOTES File Name : Invoke-ADCAddSslvserversslcertkeybinding Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslvserver_sslcertkey_binding/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(Mandatory)] [ValidateScript({ $_.Length -gt 1 })] [string]$Vservername, [string]$Certkeyname, [boolean]$Ca, [ValidateSet('Mandatory', 'Optional')] [string]$Crlcheck, [boolean]$Skipcaname, [boolean]$Snicert, [ValidateSet('Mandatory', 'Optional')] [string]$Ocspcheck, [Switch]$PassThru ) begin { Write-Verbose "Invoke-ADCAddSslvserversslcertkeybinding: Starting" } process { try { $payload = @{ vservername = $vservername } if ( $PSBoundParameters.ContainsKey('certkeyname') ) { $payload.Add('certkeyname', $certkeyname) } if ( $PSBoundParameters.ContainsKey('ca') ) { $payload.Add('ca', $ca) } if ( $PSBoundParameters.ContainsKey('crlcheck') ) { $payload.Add('crlcheck', $crlcheck) } if ( $PSBoundParameters.ContainsKey('skipcaname') ) { $payload.Add('skipcaname', $skipcaname) } if ( $PSBoundParameters.ContainsKey('snicert') ) { $payload.Add('snicert', $snicert) } if ( $PSBoundParameters.ContainsKey('ocspcheck') ) { $payload.Add('ocspcheck', $ocspcheck) } if ( $PSCmdlet.ShouldProcess("sslvserver_sslcertkey_binding", "Add SSL configuration Object") ) { $result = Invoke-ADCNitroApi -ADCSession $ADCSession -Method PUT -NitroPath nitro/v1/config -Type sslvserver_sslcertkey_binding -Payload $payload -GetWarning #HTTP Status Code on Success: 201 Created #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error if ( $PSBoundParameters.ContainsKey('PassThru') ) { Write-Output (Invoke-ADCGetSslvserversslcertkeybinding -Filter $payload) } else { Write-Output $result } } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCAddSslvserversslcertkeybinding: Finished" } } function Invoke-ADCDeleteSslvserversslcertkeybinding { <# .SYNOPSIS Delete SSL configuration Object. .DESCRIPTION Binding object showing the sslcertkey that can be bound to sslvserver. .PARAMETER Vservername Name of the SSL virtual server. .PARAMETER Certkeyname The name of the certificate key pair binding. .PARAMETER Ca CA certificate. .PARAMETER Crlcheck The state of the CRL check parameter. (Mandatory/Optional). Possible values = Mandatory, Optional .PARAMETER Snicert The name of the CertKey. Use this option to bind Certkey(s) which will be used in SNI processing. .PARAMETER Ocspcheck The state of the OCSP check parameter. (Mandatory/Optional). Possible values = Mandatory, Optional .EXAMPLE PS C:\>Invoke-ADCDeleteSslvserversslcertkeybinding -Vservername <string> An example how to delete sslvserver_sslcertkey_binding configuration Object(s). .NOTES File Name : Invoke-ADCDeleteSslvserversslcertkeybinding Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslvserver_sslcertkey_binding/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(Mandatory)] [string]$Vservername, [string]$Certkeyname, [boolean]$Ca, [string]$Crlcheck, [boolean]$Snicert, [string]$Ocspcheck ) begin { Write-Verbose "Invoke-ADCDeleteSslvserversslcertkeybinding: Starting" } process { try { $arguments = @{ } if ( $PSBoundParameters.ContainsKey('Certkeyname') ) { $arguments.Add('certkeyname', $Certkeyname) } if ( $PSBoundParameters.ContainsKey('Ca') ) { $arguments.Add('ca', $Ca) } if ( $PSBoundParameters.ContainsKey('Crlcheck') ) { $arguments.Add('crlcheck', $Crlcheck) } if ( $PSBoundParameters.ContainsKey('Snicert') ) { $arguments.Add('snicert', $Snicert) } if ( $PSBoundParameters.ContainsKey('Ocspcheck') ) { $arguments.Add('ocspcheck', $Ocspcheck) } if ( $PSCmdlet.ShouldProcess("$vservername", "Delete SSL configuration Object") ) { $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method DELETE -Type sslvserver_sslcertkey_binding -NitroPath nitro/v1/config -Resource $vservername -Arguments $arguments #HTTP Status Code on Success: 200 OK #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error Write-Output $response } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCDeleteSslvserversslcertkeybinding: Finished" } } function Invoke-ADCGetSslvserversslcertkeybinding { <# .SYNOPSIS Get SSL configuration object(s). .DESCRIPTION Binding object showing the sslcertkey that can be bound to sslvserver. .PARAMETER Vservername Name of the SSL virtual server. .PARAMETER GetAll Retrieve all sslvserver_sslcertkey_binding object(s). .PARAMETER Count If specified, the count of the sslvserver_sslcertkey_binding object(s) will be returned. .PARAMETER Filter Specify a filter. -Filter @{ 'name'='<value>' } .PARAMETER ViewSummary When specified, only a summary of information is returned. .EXAMPLE PS C:\>Invoke-ADCGetSslvserversslcertkeybinding Get data. .EXAMPLE PS C:\>Invoke-ADCGetSslvserversslcertkeybinding -GetAll Get all sslvserver_sslcertkey_binding data. .EXAMPLE PS C:\>Invoke-ADCGetSslvserversslcertkeybinding -Count Get the number of sslvserver_sslcertkey_binding objects. .EXAMPLE PS C:\>Invoke-ADCGetSslvserversslcertkeybinding -name <string> Get sslvserver_sslcertkey_binding object by specifying for example the name. .EXAMPLE PS C:\>Invoke-ADCGetSslvserversslcertkeybinding -Filter @{ 'name'='<value>' } Get sslvserver_sslcertkey_binding data with a filter. .NOTES File Name : Invoke-ADCGetSslvserversslcertkeybinding Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslvserver_sslcertkey_binding/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(DefaultParameterSetName = "GetAll")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(ParameterSetName = 'GetByResource')] [ValidateScript({ $_.Length -gt 1 })] [string]$Vservername, [Parameter(ParameterSetName = 'Count', Mandatory)] [Switch]$Count, [hashtable]$Filter = @{ }, [Parameter(ParameterSetName = 'GetAll')] [Switch]$GetAll ) begin { Write-Verbose "Invoke-ADCGetSslvserversslcertkeybinding: Beginning" } process { try { if ( $PsCmdlet.ParameterSetName -eq 'GetAll' ) { $query = @{ bulkbindings = 'yes' } Write-Verbose "Retrieving all sslvserver_sslcertkey_binding objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslvserver_sslcertkey_binding -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'Count' ) { if ( $PSBoundParameters.ContainsKey('Count') ) { $query = @{ 'count' = 'yes' } } Write-Verbose "Retrieving total count for sslvserver_sslcertkey_binding objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslvserver_sslcertkey_binding -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByArgument' ) { Write-Verbose "Retrieving sslvserver_sslcertkey_binding objects by arguments" $arguments = @{ } $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslvserver_sslcertkey_binding -NitroPath nitro/v1/config -Arguments $arguments -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByResource' ) { Write-Verbose "Retrieving sslvserver_sslcertkey_binding configuration for property 'vservername'" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslvserver_sslcertkey_binding -NitroPath nitro/v1/config -Resource $vservername -Summary:$ViewSummary -Filter $Filter -GetWarning } else { Write-Verbose "Retrieving sslvserver_sslcertkey_binding configuration objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslvserver_sslcertkey_binding -NitroPath nitro/v1/config -Summary:$ViewSummary -Query $query -Filter $Filter -GetWarning } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" $response = $null } Write-Output $response } end { Write-Verbose "Invoke-ADCGetSslvserversslcertkeybinding: Ended" } } function Invoke-ADCAddSslvserversslciphersuitebinding { <# .SYNOPSIS Add SSL configuration Object. .DESCRIPTION Binding object showing the sslciphersuite that can be bound to sslvserver. .PARAMETER Vservername Name of the SSL virtual server. .PARAMETER Ciphername The cipher group/alias/individual cipher configuration. .PARAMETER PassThru Return details about the created sslvserver_sslciphersuite_binding item. .EXAMPLE PS C:\>Invoke-ADCAddSslvserversslciphersuitebinding -vservername <string> An example how to add sslvserver_sslciphersuite_binding configuration Object(s). .NOTES File Name : Invoke-ADCAddSslvserversslciphersuitebinding Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslvserver_sslciphersuite_binding/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(Mandatory)] [ValidateScript({ $_.Length -gt 1 })] [string]$Vservername, [string]$Ciphername, [Switch]$PassThru ) begin { Write-Verbose "Invoke-ADCAddSslvserversslciphersuitebinding: Starting" } process { try { $payload = @{ vservername = $vservername } if ( $PSBoundParameters.ContainsKey('ciphername') ) { $payload.Add('ciphername', $ciphername) } if ( $PSCmdlet.ShouldProcess("sslvserver_sslciphersuite_binding", "Add SSL configuration Object") ) { $result = Invoke-ADCNitroApi -ADCSession $ADCSession -Method PUT -NitroPath nitro/v1/config -Type sslvserver_sslciphersuite_binding -Payload $payload -GetWarning #HTTP Status Code on Success: 201 Created #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error if ( $PSBoundParameters.ContainsKey('PassThru') ) { Write-Output (Invoke-ADCGetSslvserversslciphersuitebinding -Filter $payload) } else { Write-Output $result } } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCAddSslvserversslciphersuitebinding: Finished" } } function Invoke-ADCDeleteSslvserversslciphersuitebinding { <# .SYNOPSIS Delete SSL configuration Object. .DESCRIPTION Binding object showing the sslciphersuite that can be bound to sslvserver. .PARAMETER Vservername Name of the SSL virtual server. .PARAMETER Ciphername The cipher group/alias/individual cipher configuration. .EXAMPLE PS C:\>Invoke-ADCDeleteSslvserversslciphersuitebinding -Vservername <string> An example how to delete sslvserver_sslciphersuite_binding configuration Object(s). .NOTES File Name : Invoke-ADCDeleteSslvserversslciphersuitebinding Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslvserver_sslciphersuite_binding/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(Mandatory)] [string]$Vservername, [string]$Ciphername ) begin { Write-Verbose "Invoke-ADCDeleteSslvserversslciphersuitebinding: Starting" } process { try { $arguments = @{ } if ( $PSBoundParameters.ContainsKey('Ciphername') ) { $arguments.Add('ciphername', $Ciphername) } if ( $PSCmdlet.ShouldProcess("$vservername", "Delete SSL configuration Object") ) { $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method DELETE -Type sslvserver_sslciphersuite_binding -NitroPath nitro/v1/config -Resource $vservername -Arguments $arguments #HTTP Status Code on Success: 200 OK #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error Write-Output $response } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCDeleteSslvserversslciphersuitebinding: Finished" } } function Invoke-ADCGetSslvserversslciphersuitebinding { <# .SYNOPSIS Get SSL configuration object(s). .DESCRIPTION Binding object showing the sslciphersuite that can be bound to sslvserver. .PARAMETER Vservername Name of the SSL virtual server. .PARAMETER GetAll Retrieve all sslvserver_sslciphersuite_binding object(s). .PARAMETER Count If specified, the count of the sslvserver_sslciphersuite_binding object(s) will be returned. .PARAMETER Filter Specify a filter. -Filter @{ 'name'='<value>' } .PARAMETER ViewSummary When specified, only a summary of information is returned. .EXAMPLE PS C:\>Invoke-ADCGetSslvserversslciphersuitebinding Get data. .EXAMPLE PS C:\>Invoke-ADCGetSslvserversslciphersuitebinding -GetAll Get all sslvserver_sslciphersuite_binding data. .EXAMPLE PS C:\>Invoke-ADCGetSslvserversslciphersuitebinding -Count Get the number of sslvserver_sslciphersuite_binding objects. .EXAMPLE PS C:\>Invoke-ADCGetSslvserversslciphersuitebinding -name <string> Get sslvserver_sslciphersuite_binding object by specifying for example the name. .EXAMPLE PS C:\>Invoke-ADCGetSslvserversslciphersuitebinding -Filter @{ 'name'='<value>' } Get sslvserver_sslciphersuite_binding data with a filter. .NOTES File Name : Invoke-ADCGetSslvserversslciphersuitebinding Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslvserver_sslciphersuite_binding/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(DefaultParameterSetName = "GetAll")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(ParameterSetName = 'GetByResource')] [ValidateScript({ $_.Length -gt 1 })] [string]$Vservername, [Parameter(ParameterSetName = 'Count', Mandatory)] [Switch]$Count, [hashtable]$Filter = @{ }, [Parameter(ParameterSetName = 'GetAll')] [Switch]$GetAll ) begin { Write-Verbose "Invoke-ADCGetSslvserversslciphersuitebinding: Beginning" } process { try { if ( $PsCmdlet.ParameterSetName -eq 'GetAll' ) { $query = @{ bulkbindings = 'yes' } Write-Verbose "Retrieving all sslvserver_sslciphersuite_binding objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslvserver_sslciphersuite_binding -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'Count' ) { if ( $PSBoundParameters.ContainsKey('Count') ) { $query = @{ 'count' = 'yes' } } Write-Verbose "Retrieving total count for sslvserver_sslciphersuite_binding objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslvserver_sslciphersuite_binding -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByArgument' ) { Write-Verbose "Retrieving sslvserver_sslciphersuite_binding objects by arguments" $arguments = @{ } $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslvserver_sslciphersuite_binding -NitroPath nitro/v1/config -Arguments $arguments -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByResource' ) { Write-Verbose "Retrieving sslvserver_sslciphersuite_binding configuration for property 'vservername'" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslvserver_sslciphersuite_binding -NitroPath nitro/v1/config -Resource $vservername -Summary:$ViewSummary -Filter $Filter -GetWarning } else { Write-Verbose "Retrieving sslvserver_sslciphersuite_binding configuration objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslvserver_sslciphersuite_binding -NitroPath nitro/v1/config -Summary:$ViewSummary -Query $query -Filter $Filter -GetWarning } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" $response = $null } Write-Output $response } end { Write-Verbose "Invoke-ADCGetSslvserversslciphersuitebinding: Ended" } } function Invoke-ADCAddSslvserversslcipherbinding { <# .SYNOPSIS Add SSL configuration Object. .DESCRIPTION Binding object showing the sslcipher that can be bound to sslvserver. .PARAMETER Vservername Name of the SSL virtual server. .PARAMETER Ciphername Name of the individual cipher, user-defined cipher group, or predefined (built-in) cipher alias. .PARAMETER PassThru Return details about the created sslvserver_sslcipher_binding item. .EXAMPLE PS C:\>Invoke-ADCAddSslvserversslcipherbinding -vservername <string> An example how to add sslvserver_sslcipher_binding configuration Object(s). .NOTES File Name : Invoke-ADCAddSslvserversslcipherbinding Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslvserver_sslcipher_binding/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(Mandatory)] [ValidateScript({ $_.Length -gt 1 })] [string]$Vservername, [string]$Ciphername, [Switch]$PassThru ) begin { Write-Verbose "Invoke-ADCAddSslvserversslcipherbinding: Starting" } process { try { $payload = @{ vservername = $vservername } if ( $PSBoundParameters.ContainsKey('ciphername') ) { $payload.Add('ciphername', $ciphername) } if ( $PSCmdlet.ShouldProcess("sslvserver_sslcipher_binding", "Add SSL configuration Object") ) { $result = Invoke-ADCNitroApi -ADCSession $ADCSession -Method PUT -NitroPath nitro/v1/config -Type sslvserver_sslcipher_binding -Payload $payload -GetWarning #HTTP Status Code on Success: 201 Created #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error if ( $PSBoundParameters.ContainsKey('PassThru') ) { Write-Output (Invoke-ADCGetSslvserversslcipherbinding -Filter $payload) } else { Write-Output $result } } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCAddSslvserversslcipherbinding: Finished" } } function Invoke-ADCDeleteSslvserversslcipherbinding { <# .SYNOPSIS Delete SSL configuration Object. .DESCRIPTION Binding object showing the sslcipher that can be bound to sslvserver. .PARAMETER Vservername Name of the SSL virtual server. .PARAMETER Ciphername Name of the individual cipher, user-defined cipher group, or predefined (built-in) cipher alias. .EXAMPLE PS C:\>Invoke-ADCDeleteSslvserversslcipherbinding -Vservername <string> An example how to delete sslvserver_sslcipher_binding configuration Object(s). .NOTES File Name : Invoke-ADCDeleteSslvserversslcipherbinding Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslvserver_sslcipher_binding/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(Mandatory)] [string]$Vservername, [string]$Ciphername ) begin { Write-Verbose "Invoke-ADCDeleteSslvserversslcipherbinding: Starting" } process { try { $arguments = @{ } if ( $PSBoundParameters.ContainsKey('Ciphername') ) { $arguments.Add('ciphername', $Ciphername) } if ( $PSCmdlet.ShouldProcess("$vservername", "Delete SSL configuration Object") ) { $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method DELETE -Type sslvserver_sslcipher_binding -NitroPath nitro/v1/config -Resource $vservername -Arguments $arguments #HTTP Status Code on Success: 200 OK #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error Write-Output $response } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCDeleteSslvserversslcipherbinding: Finished" } } function Invoke-ADCGetSslvserversslcipherbinding { <# .SYNOPSIS Get SSL configuration object(s). .DESCRIPTION Binding object showing the sslcipher that can be bound to sslvserver. .PARAMETER Vservername Name of the SSL virtual server. .PARAMETER GetAll Retrieve all sslvserver_sslcipher_binding object(s). .PARAMETER Count If specified, the count of the sslvserver_sslcipher_binding object(s) will be returned. .PARAMETER Filter Specify a filter. -Filter @{ 'name'='<value>' } .PARAMETER ViewSummary When specified, only a summary of information is returned. .EXAMPLE PS C:\>Invoke-ADCGetSslvserversslcipherbinding Get data. .EXAMPLE PS C:\>Invoke-ADCGetSslvserversslcipherbinding -GetAll Get all sslvserver_sslcipher_binding data. .EXAMPLE PS C:\>Invoke-ADCGetSslvserversslcipherbinding -Count Get the number of sslvserver_sslcipher_binding objects. .EXAMPLE PS C:\>Invoke-ADCGetSslvserversslcipherbinding -name <string> Get sslvserver_sslcipher_binding object by specifying for example the name. .EXAMPLE PS C:\>Invoke-ADCGetSslvserversslcipherbinding -Filter @{ 'name'='<value>' } Get sslvserver_sslcipher_binding data with a filter. .NOTES File Name : Invoke-ADCGetSslvserversslcipherbinding Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslvserver_sslcipher_binding/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(DefaultParameterSetName = "GetAll")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(ParameterSetName = 'GetByResource')] [ValidateScript({ $_.Length -gt 1 })] [string]$Vservername, [Parameter(ParameterSetName = 'Count', Mandatory)] [Switch]$Count, [hashtable]$Filter = @{ }, [Parameter(ParameterSetName = 'GetAll')] [Switch]$GetAll ) begin { Write-Verbose "Invoke-ADCGetSslvserversslcipherbinding: Beginning" } process { try { if ( $PsCmdlet.ParameterSetName -eq 'GetAll' ) { $query = @{ bulkbindings = 'yes' } Write-Verbose "Retrieving all sslvserver_sslcipher_binding objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslvserver_sslcipher_binding -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'Count' ) { if ( $PSBoundParameters.ContainsKey('Count') ) { $query = @{ 'count' = 'yes' } } Write-Verbose "Retrieving total count for sslvserver_sslcipher_binding objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslvserver_sslcipher_binding -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByArgument' ) { Write-Verbose "Retrieving sslvserver_sslcipher_binding objects by arguments" $arguments = @{ } $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslvserver_sslcipher_binding -NitroPath nitro/v1/config -Arguments $arguments -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByResource' ) { Write-Verbose "Retrieving sslvserver_sslcipher_binding configuration for property 'vservername'" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslvserver_sslcipher_binding -NitroPath nitro/v1/config -Resource $vservername -Summary:$ViewSummary -Filter $Filter -GetWarning } else { Write-Verbose "Retrieving sslvserver_sslcipher_binding configuration objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslvserver_sslcipher_binding -NitroPath nitro/v1/config -Summary:$ViewSummary -Query $query -Filter $Filter -GetWarning } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" $response = $null } Write-Output $response } end { Write-Verbose "Invoke-ADCGetSslvserversslcipherbinding: Ended" } } function Invoke-ADCAddSslvserversslpolicybinding { <# .SYNOPSIS Add SSL configuration Object. .DESCRIPTION Binding object showing the sslpolicy that can be bound to sslvserver. .PARAMETER Vservername Name of the SSL virtual server. .PARAMETER Policyname The name of the SSL policy binding. .PARAMETER Priority The priority of the policies bound to this SSL service. .PARAMETER Gotopriorityexpression Expression specifying the priority of the next policy which will get evaluated if the current policy rule evaluates to TRUE. .PARAMETER Invoke Invoke flag. This attribute is relevant only for ADVANCED policies. .PARAMETER Labeltype Type of policy label invocation. Possible values = vserver, service, policylabel .PARAMETER Labelname Name of the label to invoke if the current policy rule evaluates to TRUE. .PARAMETER Type Bind point to which to bind the policy. Possible Values: REQUEST, INTERCEPT_REQ and CLIENTHELLO_REQ. These bindpoints mean: 1. REQUEST: Policy evaluation will be done at appplication above SSL. This bindpoint is default and is used for actions based on clientauth and client cert. 2. INTERCEPT_REQ: Policy evaluation will be done during SSL handshake to decide whether to intercept or not. Actions allowed with this type are: INTERCEPT, BYPASS and RESET. 3. CLIENTHELLO_REQ: Policy evaluation will be done during handling of Client Hello Request. Action allowed with this type is: RESET, FORWARD and PICKCACERTGRP. Possible values = INTERCEPT_REQ, REQUEST, CLIENTHELLO_REQ .PARAMETER PassThru Return details about the created sslvserver_sslpolicy_binding item. .EXAMPLE PS C:\>Invoke-ADCAddSslvserversslpolicybinding -vservername <string> An example how to add sslvserver_sslpolicy_binding configuration Object(s). .NOTES File Name : Invoke-ADCAddSslvserversslpolicybinding Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslvserver_sslpolicy_binding/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(Mandatory)] [ValidateScript({ $_.Length -gt 1 })] [string]$Vservername, [string]$Policyname, [ValidateRange(0, 65534)] [double]$Priority, [string]$Gotopriorityexpression, [boolean]$Invoke, [ValidateSet('vserver', 'service', 'policylabel')] [string]$Labeltype, [string]$Labelname, [ValidateSet('INTERCEPT_REQ', 'REQUEST', 'CLIENTHELLO_REQ')] [string]$Type = 'REQUEST', [Switch]$PassThru ) begin { Write-Verbose "Invoke-ADCAddSslvserversslpolicybinding: Starting" } process { try { $payload = @{ vservername = $vservername } if ( $PSBoundParameters.ContainsKey('policyname') ) { $payload.Add('policyname', $policyname) } if ( $PSBoundParameters.ContainsKey('priority') ) { $payload.Add('priority', $priority) } if ( $PSBoundParameters.ContainsKey('gotopriorityexpression') ) { $payload.Add('gotopriorityexpression', $gotopriorityexpression) } if ( $PSBoundParameters.ContainsKey('invoke') ) { $payload.Add('invoke', $invoke) } if ( $PSBoundParameters.ContainsKey('labeltype') ) { $payload.Add('labeltype', $labeltype) } if ( $PSBoundParameters.ContainsKey('labelname') ) { $payload.Add('labelname', $labelname) } if ( $PSBoundParameters.ContainsKey('type') ) { $payload.Add('type', $type) } if ( $PSCmdlet.ShouldProcess("sslvserver_sslpolicy_binding", "Add SSL configuration Object") ) { $result = Invoke-ADCNitroApi -ADCSession $ADCSession -Method PUT -NitroPath nitro/v1/config -Type sslvserver_sslpolicy_binding -Payload $payload -GetWarning #HTTP Status Code on Success: 201 Created #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error if ( $PSBoundParameters.ContainsKey('PassThru') ) { Write-Output (Invoke-ADCGetSslvserversslpolicybinding -Filter $payload) } else { Write-Output $result } } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCAddSslvserversslpolicybinding: Finished" } } function Invoke-ADCDeleteSslvserversslpolicybinding { <# .SYNOPSIS Delete SSL configuration Object. .DESCRIPTION Binding object showing the sslpolicy that can be bound to sslvserver. .PARAMETER Vservername Name of the SSL virtual server. .PARAMETER Policyname The name of the SSL policy binding. .PARAMETER Priority The priority of the policies bound to this SSL service. .PARAMETER Type Bind point to which to bind the policy. Possible Values: REQUEST, INTERCEPT_REQ and CLIENTHELLO_REQ. These bindpoints mean: 1. REQUEST: Policy evaluation will be done at appplication above SSL. This bindpoint is default and is used for actions based on clientauth and client cert. 2. INTERCEPT_REQ: Policy evaluation will be done during SSL handshake to decide whether to intercept or not. Actions allowed with this type are: INTERCEPT, BYPASS and RESET. 3. CLIENTHELLO_REQ: Policy evaluation will be done during handling of Client Hello Request. Action allowed with this type is: RESET, FORWARD and PICKCACERTGRP. Possible values = INTERCEPT_REQ, REQUEST, CLIENTHELLO_REQ .EXAMPLE PS C:\>Invoke-ADCDeleteSslvserversslpolicybinding -Vservername <string> An example how to delete sslvserver_sslpolicy_binding configuration Object(s). .NOTES File Name : Invoke-ADCDeleteSslvserversslpolicybinding Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslvserver_sslpolicy_binding/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(Mandatory)] [string]$Vservername, [string]$Policyname, [double]$Priority, [string]$Type ) begin { Write-Verbose "Invoke-ADCDeleteSslvserversslpolicybinding: Starting" } process { try { $arguments = @{ } if ( $PSBoundParameters.ContainsKey('Policyname') ) { $arguments.Add('policyname', $Policyname) } if ( $PSBoundParameters.ContainsKey('Priority') ) { $arguments.Add('priority', $Priority) } if ( $PSBoundParameters.ContainsKey('Type') ) { $arguments.Add('type', $Type) } if ( $PSCmdlet.ShouldProcess("$vservername", "Delete SSL configuration Object") ) { $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method DELETE -Type sslvserver_sslpolicy_binding -NitroPath nitro/v1/config -Resource $vservername -Arguments $arguments #HTTP Status Code on Success: 200 OK #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error Write-Output $response } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCDeleteSslvserversslpolicybinding: Finished" } } function Invoke-ADCGetSslvserversslpolicybinding { <# .SYNOPSIS Get SSL configuration object(s). .DESCRIPTION Binding object showing the sslpolicy that can be bound to sslvserver. .PARAMETER Vservername Name of the SSL virtual server. .PARAMETER GetAll Retrieve all sslvserver_sslpolicy_binding object(s). .PARAMETER Count If specified, the count of the sslvserver_sslpolicy_binding object(s) will be returned. .PARAMETER Filter Specify a filter. -Filter @{ 'name'='<value>' } .PARAMETER ViewSummary When specified, only a summary of information is returned. .EXAMPLE PS C:\>Invoke-ADCGetSslvserversslpolicybinding Get data. .EXAMPLE PS C:\>Invoke-ADCGetSslvserversslpolicybinding -GetAll Get all sslvserver_sslpolicy_binding data. .EXAMPLE PS C:\>Invoke-ADCGetSslvserversslpolicybinding -Count Get the number of sslvserver_sslpolicy_binding objects. .EXAMPLE PS C:\>Invoke-ADCGetSslvserversslpolicybinding -name <string> Get sslvserver_sslpolicy_binding object by specifying for example the name. .EXAMPLE PS C:\>Invoke-ADCGetSslvserversslpolicybinding -Filter @{ 'name'='<value>' } Get sslvserver_sslpolicy_binding data with a filter. .NOTES File Name : Invoke-ADCGetSslvserversslpolicybinding Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslvserver_sslpolicy_binding/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(DefaultParameterSetName = "GetAll")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(ParameterSetName = 'GetByResource')] [ValidateScript({ $_.Length -gt 1 })] [string]$Vservername, [Parameter(ParameterSetName = 'Count', Mandatory)] [Switch]$Count, [hashtable]$Filter = @{ }, [Parameter(ParameterSetName = 'GetAll')] [Switch]$GetAll ) begin { Write-Verbose "Invoke-ADCGetSslvserversslpolicybinding: Beginning" } process { try { if ( $PsCmdlet.ParameterSetName -eq 'GetAll' ) { $query = @{ bulkbindings = 'yes' } Write-Verbose "Retrieving all sslvserver_sslpolicy_binding objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslvserver_sslpolicy_binding -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'Count' ) { if ( $PSBoundParameters.ContainsKey('Count') ) { $query = @{ 'count' = 'yes' } } Write-Verbose "Retrieving total count for sslvserver_sslpolicy_binding objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslvserver_sslpolicy_binding -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByArgument' ) { Write-Verbose "Retrieving sslvserver_sslpolicy_binding objects by arguments" $arguments = @{ } $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslvserver_sslpolicy_binding -NitroPath nitro/v1/config -Arguments $arguments -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByResource' ) { Write-Verbose "Retrieving sslvserver_sslpolicy_binding configuration for property 'vservername'" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslvserver_sslpolicy_binding -NitroPath nitro/v1/config -Resource $vservername -Summary:$ViewSummary -Filter $Filter -GetWarning } else { Write-Verbose "Retrieving sslvserver_sslpolicy_binding configuration objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslvserver_sslpolicy_binding -NitroPath nitro/v1/config -Summary:$ViewSummary -Query $query -Filter $Filter -GetWarning } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" $response = $null } Write-Output $response } end { Write-Verbose "Invoke-ADCGetSslvserversslpolicybinding: Ended" } } function Invoke-ADCCreateSslwrapkey { <# .SYNOPSIS Create SSL configuration Object. .DESCRIPTION Configuration for WRAP key resource. .PARAMETER Wrapkeyname Name for the wrap key. Must begin with an ASCII alphanumeric or underscore (_) character, and must contain only ASCII alphanumeric, underscore, hash (#), period (.), space, colon (:), at (@), equals (=), and hyphen (-) characters. Cannot be changed after the wrap key is created. .PARAMETER Password Password string for the wrap key. .PARAMETER Salt Salt string for the wrap key. .EXAMPLE PS C:\>Invoke-ADCCreateSslwrapkey -wrapkeyname <string> -password <string> -salt <string> An example how to create sslwrapkey configuration Object(s). .NOTES File Name : Invoke-ADCCreateSslwrapkey Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslwrapkey/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(Mandatory)] [ValidateScript({ $_.Length -gt 1 })] [ValidatePattern('^(([a-zA-Z0-9]|[_])+([a-zA-Z0-9]|[_])+)$')] [string]$Wrapkeyname, [Parameter(Mandatory)] [ValidateScript({ $_.Length -gt 1 })] [string]$Password, [Parameter(Mandatory)] [ValidateScript({ $_.Length -gt 1 })] [string]$Salt ) begin { Write-Verbose "Invoke-ADCCreateSslwrapkey: Starting" } process { try { $payload = @{ wrapkeyname = $wrapkeyname password = $password salt = $salt } if ( $PSCmdlet.ShouldProcess($Name, "Create SSL configuration Object") ) { $result = Invoke-ADCNitroApi -ADCSession $ADCSession -Method POST -NitroPath nitro/v1/config -Type sslwrapkey -Action create -Payload $payload -GetWarning #HTTP Status Code on Success: 200 OK #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error Write-Output $result } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCCreateSslwrapkey: Finished" } } function Invoke-ADCDeleteSslwrapkey { <# .SYNOPSIS Delete SSL configuration Object. .DESCRIPTION Configuration for WRAP key resource. .PARAMETER Wrapkeyname Name for the wrap key. Must begin with an ASCII alphanumeric or underscore (_) character, and must contain only ASCII alphanumeric, underscore, hash (#), period (.), space, colon (:), at (@), equals (=), and hyphen (-) characters. Cannot be changed after the wrap key is created. .EXAMPLE PS C:\>Invoke-ADCDeleteSslwrapkey -Wrapkeyname <string> An example how to delete sslwrapkey configuration Object(s). .NOTES File Name : Invoke-ADCDeleteSslwrapkey Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslwrapkey/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = "Low")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(Mandatory)] [string]$Wrapkeyname ) begin { Write-Verbose "Invoke-ADCDeleteSslwrapkey: Starting" } process { try { $arguments = @{ } if ( $PSCmdlet.ShouldProcess("$wrapkeyname", "Delete SSL configuration Object") ) { $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method DELETE -Type sslwrapkey -NitroPath nitro/v1/config -Resource $wrapkeyname -Arguments $arguments #HTTP Status Code on Success: 200 OK #HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error Write-Output $response } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" throw $_ } } end { Write-Verbose "Invoke-ADCDeleteSslwrapkey: Finished" } } function Invoke-ADCGetSslwrapkey { <# .SYNOPSIS Get SSL configuration object(s). .DESCRIPTION Configuration for WRAP key resource. .PARAMETER GetAll Retrieve all sslwrapkey object(s). .PARAMETER Count If specified, the count of the sslwrapkey object(s) will be returned. .PARAMETER Filter Specify a filter. -Filter @{ 'name'='<value>' } .PARAMETER ViewSummary When specified, only a summary of information is returned. .EXAMPLE PS C:\>Invoke-ADCGetSslwrapkey Get data. .EXAMPLE PS C:\>Invoke-ADCGetSslwrapkey -GetAll Get all sslwrapkey data. .EXAMPLE PS C:\>Invoke-ADCGetSslwrapkey -Count Get the number of sslwrapkey objects. .EXAMPLE PS C:\>Invoke-ADCGetSslwrapkey -name <string> Get sslwrapkey object by specifying for example the name. .EXAMPLE PS C:\>Invoke-ADCGetSslwrapkey -Filter @{ 'name'='<value>' } Get sslwrapkey data with a filter. .NOTES File Name : Invoke-ADCGetSslwrapkey Version : v2204.0320 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslwrapkey/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed. .LINK https://blog.j81.nl #> [CmdletBinding(DefaultParameterSetName = "GetAll")] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUserNameAndPasswordParams', '')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseBOMForUnicodeEncodedFile', '')] param( [Parameter(DontShow)] [Object]$ADCSession = (Get-ADCSession), [Parameter(ParameterSetName = 'Count', Mandatory)] [Switch]$Count, [hashtable]$Filter = @{ }, [Parameter(ParameterSetName = 'GetAll')] [Switch]$GetAll, [Parameter(ParameterSetName = 'GetAll')] [Switch]$ViewSummary ) begin { Write-Verbose "Invoke-ADCGetSslwrapkey: Beginning" } process { try { if ( $PsCmdlet.ParameterSetName -eq 'GetAll' ) { $query = @{ } Write-Verbose "Retrieving all sslwrapkey objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslwrapkey -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'Count' ) { if ( $PSBoundParameters.ContainsKey('Count') ) { $query = @{ 'count' = 'yes' } } Write-Verbose "Retrieving total count for sslwrapkey objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslwrapkey -NitroPath nitro/v1/config -Query $query -Summary:$ViewSummary -Filter $Filter -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByArgument' ) { Write-Verbose "Retrieving sslwrapkey objects by arguments" $arguments = @{ } $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslwrapkey -NitroPath nitro/v1/config -Arguments $arguments -GetWarning } elseif ( $PsCmdlet.ParameterSetName -eq 'GetByResource' ) { Write-Verbose "Retrieving sslwrapkey configuration for property ''" } else { Write-Verbose "Retrieving sslwrapkey configuration objects" $response = Invoke-ADCNitroApi -ADCSession $ADCSession -Method GET -Type sslwrapkey -NitroPath nitro/v1/config -Summary:$ViewSummary -Query $query -Filter $Filter -GetWarning } } catch { Write-Verbose "ERROR: $($_.Exception.Message)" $response = $null } Write-Output $response } end { Write-Verbose "Invoke-ADCGetSslwrapkey: Ended" } } # SIG # Begin signature block # MIIkrQYJKoZIhvcNAQcCoIIknjCCJJoCAQExDzANBglghkgBZQMEAgEFADB5Bgor # BgEEAYI3AgEEoGswaTA0BgorBgEEAYI3AgEeMCYCAwEAAAQQH8w7YFlLCE63JNLG # KX7zUQIBAAIBAAIBAAIBAAIBADAxMA0GCWCGSAFlAwQCAQUABCDbId1l6wAJdfng # muLTA2wpQFqFhGM1sATvXP67vvJDy6CCHnAwggTzMIID26ADAgECAhAsJ03zZBC0 # i/247uUvWN5TMA0GCSqGSIb3DQEBCwUAMHwxCzAJBgNVBAYTAkdCMRswGQYDVQQI # ExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAOBgNVBAcTB1NhbGZvcmQxGDAWBgNVBAoT # D1NlY3RpZ28gTGltaXRlZDEkMCIGA1UEAxMbU2VjdGlnbyBSU0EgQ29kZSBTaWdu # aW5nIENBMB4XDTIxMDUwNTAwMDAwMFoXDTI0MDUwNDIzNTk1OVowWzELMAkGA1UE # BhMCTkwxEjAQBgNVBAcMCVZlbGRob3ZlbjEbMBkGA1UECgwSSm9oYW5uZXMgQmls # bGVrZW5zMRswGQYDVQQDDBJKb2hhbm5lcyBCaWxsZWtlbnMwggEiMA0GCSqGSIb3 # DQEBAQUAA4IBDwAwggEKAoIBAQCsfgRG81keOHalHfCUgxOa1Qy4VNOnGxB8SL8e # rjP9SfcF13McP7F1HGka5Be495pTZ+duGbaQMNozwg/5Dg9IRJEeBabeSSJJCbZo # SNpmUu7NNRRfidQxlPC81LxTVHxJ7In0MEfCVm7rWcri28MRCAuafqOfSE+hyb1Z # /tKyCyQ5RUq3kjs/CF+VfMHsJn6ZT63YqewRkwHuc7UogTTZKjhPJ9prGLTer8UX # UgvsGRbvhYZXIEuy+bmx/iJ1yRl1kX4nj6gUYzlhemOnlSDD66YOrkLDhXPMXLym # AN7h0/W5Bo//R5itgvdGBkXkWCKRASnq/9PTcoxW6mwtgU8xAgMBAAGjggGQMIIB # jDAfBgNVHSMEGDAWgBQO4TqoUzox1Yq+wbutZxoDha00DjAdBgNVHQ4EFgQUZWMy # gC0i1u2NZ1msk2Mm5nJm5AswDgYDVR0PAQH/BAQDAgeAMAwGA1UdEwEB/wQCMAAw # EwYDVR0lBAwwCgYIKwYBBQUHAwMwEQYJYIZIAYb4QgEBBAQDAgQQMEoGA1UdIARD # MEEwNQYMKwYBBAGyMQECAQMCMCUwIwYIKwYBBQUHAgEWF2h0dHBzOi8vc2VjdGln # by5jb20vQ1BTMAgGBmeBDAEEATBDBgNVHR8EPDA6MDigNqA0hjJodHRwOi8vY3Js # LnNlY3RpZ28uY29tL1NlY3RpZ29SU0FDb2RlU2lnbmluZ0NBLmNybDBzBggrBgEF # BQcBAQRnMGUwPgYIKwYBBQUHMAKGMmh0dHA6Ly9jcnQuc2VjdGlnby5jb20vU2Vj # dGlnb1JTQUNvZGVTaWduaW5nQ0EuY3J0MCMGCCsGAQUFBzABhhdodHRwOi8vb2Nz # cC5zZWN0aWdvLmNvbTANBgkqhkiG9w0BAQsFAAOCAQEARjv9ieRocb1DXRWm3XtY # jjuSRjlvkoPd9wS6DNfsGlSU42BFd9LCKSyRREZVu8FDq7dN0PhD4bBTT+k6AgrY # KG6f/8yUponOdxskv850SjN2S2FeVuR20pqActMrpd1+GCylG8mj8RGjdrLQ3QuX # qYKS68WJ39WWYdVB/8Ftajir5p6sAfwHErLhbJS6WwmYjGI/9SekossvU8mZjZwo # Gbu+fjZhPc4PhjbEh0ABSsPMfGjQQsg5zLFjg/P+cS6hgYI7qctToo0TexGe32DY # fFWHrHuBErW2qXEJvzSqM5OtLRD06a4lH5ZkhojhMOX9S8xDs/ArDKgX1j1Xm4Tu # DjCCBYEwggRpoAMCAQICEDlyRDr5IrdR19NsEN0xNZUwDQYJKoZIhvcNAQEMBQAw # ezELMAkGA1UEBhMCR0IxGzAZBgNVBAgMEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G # A1UEBwwHU2FsZm9yZDEaMBgGA1UECgwRQ29tb2RvIENBIExpbWl0ZWQxITAfBgNV # BAMMGEFBQSBDZXJ0aWZpY2F0ZSBTZXJ2aWNlczAeFw0xOTAzMTIwMDAwMDBaFw0y # ODEyMzEyMzU5NTlaMIGIMQswCQYDVQQGEwJVUzETMBEGA1UECBMKTmV3IEplcnNl # eTEUMBIGA1UEBxMLSmVyc2V5IENpdHkxHjAcBgNVBAoTFVRoZSBVU0VSVFJVU1Qg # TmV0d29yazEuMCwGA1UEAxMlVVNFUlRydXN0IFJTQSBDZXJ0aWZpY2F0aW9uIEF1 # dGhvcml0eTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAIASZRc2DsPb # CLPQrFcNdu3NJ9NMrVCDYeKqIE0JLWQJ3M6Jn8w9qez2z8Hc8dOx1ns3KBErR9o5 # xrw6GbRfpr19naNjQrZ28qk7K5H44m/Q7BYgkAk+4uh0yRi0kdRiZNt/owbxiBhq # kCI8vP4T8IcUe/bkH47U5FHGEWdGCFHLhhRUP7wz/n5snP8WnRi9UY41pqdmyHJn # 2yFmsdSbeAPAUDrozPDcvJ5M/q8FljUfV1q3/875PbcstvZU3cjnEjpNrkyKt1ya # tLcgPcp/IjSufjtoZgFE5wFORlObM2D3lL5TN5BzQ/Myw1Pv26r+dE5px2uMYJPe # xMcM3+EyrsyTO1F4lWeL7j1W/gzQaQ8bD/MlJmszbfduR/pzQ+V+DqVmsSl8MoRj # VYnEDcGTVDAZE6zTfTen6106bDVc20HXEtqpSQvf2ICKCZNijrVmzyWIzYS4sT+k # OQ/ZAp7rEkyVfPNrBaleFoPMuGfi6BOdzFuC00yz7Vv/3uVzrCM7LQC/NVV0CUnY # SVgaf5I25lGSDvMmfRxNF7zJ7EMm0L9BX0CpRET0medXh55QH1dUqD79dGMvsVBl # CeZYQi5DGky08CVHWfoEHpPUJkZKUIGy3r54t/xnFeHJV4QeD2PW6WK61l9VLupc # xigIBCU5uA4rqfJMlxwHPw1S9e3vL4IPAgMBAAGjgfIwge8wHwYDVR0jBBgwFoAU # oBEKIz6W8Qfs4q8p74Klf9AwpLQwHQYDVR0OBBYEFFN5v1qqK0rPVIDh2JvAnfKy # A2bLMA4GA1UdDwEB/wQEAwIBhjAPBgNVHRMBAf8EBTADAQH/MBEGA1UdIAQKMAgw # BgYEVR0gADBDBgNVHR8EPDA6MDigNqA0hjJodHRwOi8vY3JsLmNvbW9kb2NhLmNv # bS9BQUFDZXJ0aWZpY2F0ZVNlcnZpY2VzLmNybDA0BggrBgEFBQcBAQQoMCYwJAYI # KwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmNvbW9kb2NhLmNvbTANBgkqhkiG9w0BAQwF # AAOCAQEAGIdR3HQhPZyK4Ce3M9AuzOzw5steEd4ib5t1jp5y/uTW/qofnJYt7wNK # fq70jW9yPEM7wD/ruN9cqqnGrvL82O6je0P2hjZ8FODN9Pc//t64tIrwkZb+/UNk # fv3M0gGhfX34GRnJQisTv1iLuqSiZgR2iJFODIkUzqJNyTKzuugUGrxx8VvwQQuY # AAoiAxDlDLH5zZI3Ge078eQ6tvlFEyZ1r7uq7z97dzvSxAKRPRkA0xdcOds/exgN # Rc2ThZYvXd9ZFk8/Ub3VRRg/7UqO6AZhdCMWtQ1QcydER38QXYkqa4UxFMToqWpM # gLxqeM+4f452cpkMnf7XkQgWoaNflTCCBfUwggPdoAMCAQICEB2iSDBvmyYY0ILg # ln0z02owDQYJKoZIhvcNAQEMBQAwgYgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpO # ZXcgSmVyc2V5MRQwEgYDVQQHEwtKZXJzZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVT # RVJUUlVTVCBOZXR3b3JrMS4wLAYDVQQDEyVVU0VSVHJ1c3QgUlNBIENlcnRpZmlj # YXRpb24gQXV0aG9yaXR5MB4XDTE4MTEwMjAwMDAwMFoXDTMwMTIzMTIzNTk1OVow # fDELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G # A1UEBxMHU2FsZm9yZDEYMBYGA1UEChMPU2VjdGlnbyBMaW1pdGVkMSQwIgYDVQQD # ExtTZWN0aWdvIFJTQSBDb2RlIFNpZ25pbmcgQ0EwggEiMA0GCSqGSIb3DQEBAQUA # A4IBDwAwggEKAoIBAQCGIo0yhXoYn0nwli9jCB4t3HyfFM/jJrYlZilAhlRGdDFi # xRDtsocnppnLlTDAVvWkdcapDlBipVGREGrgS2Ku/fD4GKyn/+4uMyD6DBmJqGx7 # rQDDYaHcaWVtH24nlteXUYam9CflfGqLlR5bYNV+1xaSnAAvaPeX7Wpyvjg7Y96P # v25MQV0SIAhZ6DnNj9LWzwa0VwW2TqE+V2sfmLzEYtYbC43HZhtKn52BxHJAteJf # 7wtF/6POF6YtVbC3sLxUap28jVZTxvC6eVBJLPcDuf4vZTXyIuosB69G2flGHNyM # fHEo8/6nxhTdVZFuihEN3wYklX0Pp6F8OtqGNWHTAgMBAAGjggFkMIIBYDAfBgNV # HSMEGDAWgBRTeb9aqitKz1SA4dibwJ3ysgNmyzAdBgNVHQ4EFgQUDuE6qFM6MdWK # vsG7rWcaA4WtNA4wDgYDVR0PAQH/BAQDAgGGMBIGA1UdEwEB/wQIMAYBAf8CAQAw # HQYDVR0lBBYwFAYIKwYBBQUHAwMGCCsGAQUFBwMIMBEGA1UdIAQKMAgwBgYEVR0g # ADBQBgNVHR8ESTBHMEWgQ6BBhj9odHRwOi8vY3JsLnVzZXJ0cnVzdC5jb20vVVNF # UlRydXN0UlNBQ2VydGlmaWNhdGlvbkF1dGhvcml0eS5jcmwwdgYIKwYBBQUHAQEE # ajBoMD8GCCsGAQUFBzAChjNodHRwOi8vY3J0LnVzZXJ0cnVzdC5jb20vVVNFUlRy # dXN0UlNBQWRkVHJ1c3RDQS5jcnQwJQYIKwYBBQUHMAGGGWh0dHA6Ly9vY3NwLnVz # ZXJ0cnVzdC5jb20wDQYJKoZIhvcNAQEMBQADggIBAE1jUO1HNEphpNveaiqMm/EA # AB4dYns61zLC9rPgY7P7YQCImhttEAcET7646ol4IusPRuzzRl5ARokS9At3Wpwq # QTr81vTr5/cVlTPDoYMot94v5JT3hTODLUpASL+awk9KsY8k9LOBN9O3ZLCmI2pZ # aFJCX/8E6+F0ZXkI9amT3mtxQJmWunjxucjiwwgWsatjWsgVgG10Xkp1fqW4w2y1 # z99KeYdcx0BNYzX2MNPPtQoOCwR/oEuuu6Ol0IQAkz5TXTSlADVpbL6fICUQDRn7 # UJBhvjmPeo5N9p8OHv4HURJmgyYZSJXOSsnBf/M6BZv5b9+If8AjntIeQ3pFMcGc # TanwWbJZGehqjSkEAnd8S0vNcL46slVaeD68u28DECV3FTSK+TbMQ5Lkuk/xYpMo # JVcp+1EZx6ElQGqEV8aynbG8HArafGd+fS7pKEwYfsR7MUFxmksp7As9V1DSyt39 # ngVR5UR43QHesXWYDVQk/fBO4+L4g71yuss9Ou7wXheSaG3IYfmm8SoKC6W59J7u # mDIFhZ7r+YMp08Ysfb06dy6LN0KgaoLtO0qqlBCk4Q34F8W2WnkzGJLjtXX4oemO # CiUe5B7xn1qHI/+fpFGe+zmAEc3btcSnqIBv5VPU4OOiwtJbGvoyJi1qV3AcPKRY # LqPzW0sH3DJZ84enGm1YMIIG7DCCBNSgAwIBAgIQMA9vrN1mmHR8qUY2p3gtuTAN # BgkqhkiG9w0BAQwFADCBiDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJz # ZXkxFDASBgNVBAcTC0plcnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNU # IE5ldHdvcmsxLjAsBgNVBAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBB # dXRob3JpdHkwHhcNMTkwNTAyMDAwMDAwWhcNMzgwMTE4MjM1OTU5WjB9MQswCQYD # VQQGEwJHQjEbMBkGA1UECBMSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHEwdT # YWxmb3JkMRgwFgYDVQQKEw9TZWN0aWdvIExpbWl0ZWQxJTAjBgNVBAMTHFNlY3Rp # Z28gUlNBIFRpbWUgU3RhbXBpbmcgQ0EwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAw # ggIKAoICAQDIGwGv2Sx+iJl9AZg/IJC9nIAhVJO5z6A+U++zWsB21hoEpc5Hg7Xr # xMxJNMvzRWW5+adkFiYJ+9UyUnkuyWPCE5u2hj8BBZJmbyGr1XEQeYf0RirNxFrJ # 29ddSU1yVg/cyeNTmDoqHvzOWEnTv/M5u7mkI0Ks0BXDf56iXNc48RaycNOjxN+z # xXKsLgp3/A2UUrf8H5VzJD0BKLwPDU+zkQGObp0ndVXRFzs0IXuXAZSvf4DP0REK # V4TJf1bgvUacgr6Unb+0ILBgfrhN9Q0/29DqhYyKVnHRLZRMyIw80xSinL0m/9NT # IMdgaZtYClT0Bef9Maz5yIUXx7gpGaQpL0bj3duRX58/Nj4OMGcrRrc1r5a+2kxg # zKi7nw0U1BjEMJh0giHPYla1IXMSHv2qyghYh3ekFesZVf/QOVQtJu5FGjpvzdeE # 8NfwKMVPZIMC1Pvi3vG8Aij0bdonigbSlofe6GsO8Ft96XZpkyAcSpcsdxkrk5WY # nJee647BeFbGRCXfBhKaBi2fA179g6JTZ8qx+o2hZMmIklnLqEbAyfKm/31X2xJ2 # +opBJNQb/HKlFKLUrUMcpEmLQTkUAx4p+hulIq6lw02C0I3aa7fb9xhAV3PwcaP7 # Sn1FNsH3jYL6uckNU4B9+rY5WDLvbxhQiddPnTO9GrWdod6VQXqngwIDAQABo4IB # WjCCAVYwHwYDVR0jBBgwFoAUU3m/WqorSs9UgOHYm8Cd8rIDZsswHQYDVR0OBBYE # FBqh+GEZIA/DQXdFKI7RNV8GEgRVMA4GA1UdDwEB/wQEAwIBhjASBgNVHRMBAf8E # CDAGAQH/AgEAMBMGA1UdJQQMMAoGCCsGAQUFBwMIMBEGA1UdIAQKMAgwBgYEVR0g # ADBQBgNVHR8ESTBHMEWgQ6BBhj9odHRwOi8vY3JsLnVzZXJ0cnVzdC5jb20vVVNF # UlRydXN0UlNBQ2VydGlmaWNhdGlvbkF1dGhvcml0eS5jcmwwdgYIKwYBBQUHAQEE # ajBoMD8GCCsGAQUFBzAChjNodHRwOi8vY3J0LnVzZXJ0cnVzdC5jb20vVVNFUlRy # dXN0UlNBQWRkVHJ1c3RDQS5jcnQwJQYIKwYBBQUHMAGGGWh0dHA6Ly9vY3NwLnVz # ZXJ0cnVzdC5jb20wDQYJKoZIhvcNAQEMBQADggIBAG1UgaUzXRbhtVOBkXXfA3oy # Cy0lhBGysNsqfSoF9bw7J/RaoLlJWZApbGHLtVDb4n35nwDvQMOt0+LkVvlYQc/x # QuUQff+wdB+PxlwJ+TNe6qAcJlhc87QRD9XVw+K81Vh4v0h24URnbY+wQxAPjeT5 # OGK/EwHFhaNMxcyyUzCVpNb0llYIuM1cfwGWvnJSajtCN3wWeDmTk5SbsdyybUFt # Z83Jb5A9f0VywRsj1sJVhGbks8VmBvbz1kteraMrQoohkv6ob1olcGKBc2NeoLvY # 3NdK0z2vgwY4Eh0khy3k/ALWPncEvAQ2ted3y5wujSMYuaPCRx3wXdahc1cFaJqn # yTdlHb7qvNhCg0MFpYumCf/RoZSmTqo9CfUFbLfSZFrYKiLCS53xOV5M3kg9mzSW # mglfjv33sVKRzj+J9hyhtal1H3G/W0NdZT1QgW6r8NDT/LKzH7aZlib0PHmLXGTM # ze4nmuWgwAxyh8FuTVrTHurwROYybxzrF06Uw3hlIDsPQaof6aFBnf6xuKBlKjTg # 3qj5PObBMLvAoGMs/FwWAKjQxH/qEZ0eBsambTJdtDgJK0kHqv3sMNrxpy/Pt/36 # 0KOE2See+wFmd7lWEOEgbsausfm2usg1XTN2jvF8IAwqd661ogKGuinutFoAsYyr # 4/kKyVRd1LlqdJ69SK6YMIIHBzCCBO+gAwIBAgIRAIx3oACP9NGwxj2fOkiDjWsw # DQYJKoZIhvcNAQEMBQAwfTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIg # TWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEYMBYGA1UEChMPU2VjdGlnbyBM # aW1pdGVkMSUwIwYDVQQDExxTZWN0aWdvIFJTQSBUaW1lIFN0YW1waW5nIENBMB4X # DTIwMTAyMzAwMDAwMFoXDTMyMDEyMjIzNTk1OVowgYQxCzAJBgNVBAYTAkdCMRsw # GQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAOBgNVBAcTB1NhbGZvcmQxGDAW # BgNVBAoTD1NlY3RpZ28gTGltaXRlZDEsMCoGA1UEAwwjU2VjdGlnbyBSU0EgVGlt # ZSBTdGFtcGluZyBTaWduZXIgIzIwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK # AoICAQCRh0ssi8HxHqCe0wfGAcpSsL55eV0JZgYtLzV9u8D7J9pCalkbJUzq70DW # mn4yyGqBfbRcPlYQgTU6IjaM+/ggKYesdNAbYrw/ZIcCX+/FgO8GHNxeTpOHuJre # TAdOhcxwxQ177MPZ45fpyxnbVkVs7ksgbMk+bP3wm/Eo+JGZqvxawZqCIDq37+fW # uCVJwjkbh4E5y8O3Os2fUAQfGpmkgAJNHQWoVdNtUoCD5m5IpV/BiVhgiu/xrM2H # YxiOdMuEh0FpY4G89h+qfNfBQc6tq3aLIIDULZUHjcf1CxcemuXWmWlRx06mnSlv # 53mTDTJjU67MximKIMFgxvICLMT5yCLf+SeCoYNRwrzJghohhLKXvNSvRByWgiKV # KoVUrvH9Pkl0dPyOrj+lcvTDWgGqUKWLdpUbZuvv2t+ULtka60wnfUwF9/gjXcRX # yCYFevyBI19UCTgqYtWqyt/tz1OrH/ZEnNWZWcVWZFv3jlIPZvyYP0QGE2Ru6eEV # YFClsezPuOjJC77FhPfdCp3avClsPVbtv3hntlvIXhQcua+ELXei9zmVN29OfxzG # PATWMcV+7z3oUX5xrSR0Gyzc+Xyq78J2SWhi1Yv1A9++fY4PNnVGW5N2xIPugr4s # rjcS8bxWw+StQ8O3ZpZelDL6oPariVD6zqDzCIEa0USnzPe4MQIDAQABo4IBeDCC # AXQwHwYDVR0jBBgwFoAUGqH4YRkgD8NBd0UojtE1XwYSBFUwHQYDVR0OBBYEFGl1 # N3u7nTVCTr9X05rbnwHRrt7QMA4GA1UdDwEB/wQEAwIGwDAMBgNVHRMBAf8EAjAA # MBYGA1UdJQEB/wQMMAoGCCsGAQUFBwMIMEAGA1UdIAQ5MDcwNQYMKwYBBAGyMQEC # AQMIMCUwIwYIKwYBBQUHAgEWF2h0dHBzOi8vc2VjdGlnby5jb20vQ1BTMEQGA1Ud # HwQ9MDswOaA3oDWGM2h0dHA6Ly9jcmwuc2VjdGlnby5jb20vU2VjdGlnb1JTQVRp # bWVTdGFtcGluZ0NBLmNybDB0BggrBgEFBQcBAQRoMGYwPwYIKwYBBQUHMAKGM2h0 # dHA6Ly9jcnQuc2VjdGlnby5jb20vU2VjdGlnb1JTQVRpbWVTdGFtcGluZ0NBLmNy # dDAjBggrBgEFBQcwAYYXaHR0cDovL29jc3Auc2VjdGlnby5jb20wDQYJKoZIhvcN # AQEMBQADggIBAEoDeJBCM+x7GoMJNjOYVbudQAYwa0Vq8ZQOGVD/WyVeO+E5xFu6 # 6ZWQNze93/tk7OWCt5XMV1VwS070qIfdIoWmV7u4ISfUoCoxlIoHIZ6Kvaca9QIV # y0RQmYzsProDd6aCApDCLpOpviE0dWO54C0PzwE3y42i+rhamq6hep4TkxlVjwmQ # Lt/qiBcW62nW4SW9RQiXgNdUIChPynuzs6XSALBgNGXE48XDpeS6hap6adt1pD55 # aJo2i0OuNtRhcjwOhWINoF5w22QvAcfBoccklKOyPG6yXqLQ+qjRuCUcFubA1X9o # GsRlKTUqLYi86q501oLnwIi44U948FzKwEBcwp/VMhws2jysNvcGUpqjQDAXsCkW # mcmqt4hJ9+gLJTO1P22vn18KVt8SscPuzpF36CAT6Vwkx+pEC0rmE4QcTesNtbiG # oDCni6GftCzMwBYjyZHlQgNLgM7kTeYqAT7AXoWgJKEXQNXb2+eYEKTx6hkbgFT6 # R4nomIGpdcAO39BolHmhoJ6OtrdCZsvZ2WsvTdjePjIeIOTsnE1CjZ3HM5mCN0TU # JikmQI54L7nu+i/x8Y/+ULh43RSW3hwOcLAqhWqxbGjpKuQQK24h/dN8nTfkKgbW # w/HXaONPB3mBCBP+smRe6bE85tB4I7IJLOImYr87qZdRzMdEMoGyr8/fMYIFkzCC # BY8CAQEwgZAwfDELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hl # c3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEYMBYGA1UEChMPU2VjdGlnbyBMaW1pdGVk # MSQwIgYDVQQDExtTZWN0aWdvIFJTQSBDb2RlIFNpZ25pbmcgQ0ECECwnTfNkELSL # /bju5S9Y3lMwDQYJYIZIAWUDBAIBBQCggYQwGAYKKwYBBAGCNwIBDDEKMAigAoAA # oQKAADAZBgkqhkiG9w0BCQMxDAYKKwYBBAGCNwIBBDAcBgorBgEEAYI3AgELMQ4w # DAYKKwYBBAGCNwIBFTAvBgkqhkiG9w0BCQQxIgQgSgpNI6i3aE+u7WQC5W9MXnbg # AbbMMFghPlf+Rgnc3KswDQYJKoZIhvcNAQEBBQAEggEAj4ut7uvwyn81c6rrpsyq # Ukj5m/HHu+5hBZXyW8SmoJE8b/CHv42hM9YizdgBcu9koL/zJd+8Yeb8OTaPztSK # zakwb2MwG/u2v14E8IWZ1Lp48uOcr3KNT0S7UvJhXjT0YGCFNx/IrkpZQRPMGZBo # mOq45P/D7igri977+kbfEiTz8Mw7MuSYFdrFnB7ZbItetFdRWOIQtlYrYbcwchuT # /eA/cMran/kNb7pPSihkB0J6CDkNJyxxRPYXnOrbfa8Qh/790EyUOgTUqSG9Pxok # 0ypLqoUlpECc1+Z8C4xZO37f9HnU4Hqs7hTmuyofKSk8pz2iTikciWP+Aleg2ubY # naGCA0wwggNIBgkqhkiG9w0BCQYxggM5MIIDNQIBATCBkjB9MQswCQYDVQQGEwJH # QjEbMBkGA1UECBMSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHEwdTYWxmb3Jk # MRgwFgYDVQQKEw9TZWN0aWdvIExpbWl0ZWQxJTAjBgNVBAMTHFNlY3RpZ28gUlNB # IFRpbWUgU3RhbXBpbmcgQ0ECEQCMd6AAj/TRsMY9nzpIg41rMA0GCWCGSAFlAwQC # AgUAoHkwGAYJKoZIhvcNAQkDMQsGCSqGSIb3DQEHATAcBgkqhkiG9w0BCQUxDxcN # MjIwNDAzMTkwNzA5WjA/BgkqhkiG9w0BCQQxMgQwH6RzG39sTojwfrmbVfe/+7BR # c9EUMcfDxoWunAj70E+MR8oPUoQIDjUhDD/epKiDMA0GCSqGSIb3DQEBAQUABIIC # AGXRc1o6KFnTcErdS4H2rOJwhj7XEJXs8IveLRC/ksTipee4Vh5gNfAmLZRoGPbc # CYgFO6iEUmO4JXllB9y56zH7GB7OTyYIDE8pEqHnpJPdaaygrV19kk9Z/BPE5/nT # JW4paTeLHpHpVxabiSsUFzWyUg/5Vv+6xtOJc2YJaZLLYWXIRIoVo0mZIj4gUj4K # SjkT8R2Rb9md42grQEPlaXi9XnMh9IXb5w1slh7HynvIUPLMTo5JzDF6qcaxxuUv # Pyjs3gghi4jGGP8stTcQlgv8f9GVodz1UZ/i+/Zv6w7haLTfFmG6ZYc3B4lzXa4h # EVBAv1U2SHWnIi0LJ6K5p1SP9hEG76vTJEOtsKzAG07a+K71G2hOdPSrjLMoNzW1 # O4k07yOQ3TSPOr654vFnfYyhUAXjsPZHpSSvf9CcTiJ8MxZnBqsXS6W7O8rt6/Gw # MbRXHqL5q8OZEGTMJ9+oIUvQMrXPqTLhTcS/PDdq+pHnTn3wmjTSpC7q/9XP2tCR # wPydL8pMCnXvk6iiZAYoGLWoRGz05vhtimfGCinhoz9O6zvxesNcf1Uw1fqbwwhb # whFXxQ3c+J0plKbPf7DHERuQeQyd0BsJoufGiwIPIyG+G+NRsZtH06jxJLo3A2yY # Vk/OZKIklWF4k6Wlzq+IqnX3FRNExLd57b2/qrTWuaGw # SIG # End signature block |