Invoke ADCAddSslaction - j81blog/J81.ADCToolkit GitHub Wiki

Invoke-ADCAddSslaction

SYNOPSIS

Add SSL configuration Object.

SYNTAX

Invoke-ADCAddSslaction [-Name] <String> [[-Clientauth] <String>] [[-Clientcertverification] <String>]
 [[-Ssllogprofile] <String>] [[-Clientcert] <String>] [[-Certheader] <String>]
 [[-Clientcertserialnumber] <String>] [[-Certserialheader] <String>] [[-Clientcertsubject] <String>]
 [[-Certsubjectheader] <String>] [[-Clientcerthash] <String>] [[-Certhashheader] <String>]
 [[-Clientcertfingerprint] <String>] [[-Certfingerprintheader] <String>] [[-Certfingerprintdigest] <String>]
 [[-Clientcertissuer] <String>] [[-Certissuerheader] <String>] [[-Sessionid] <String>]
 [[-Sessionidheader] <String>] [[-Cipher] <String>] [[-Cipherheader] <String>]
 [[-Clientcertnotbefore] <String>] [[-Certnotbeforeheader] <String>] [[-Clientcertnotafter] <String>]
 [[-Certnotafterheader] <String>] [[-Owasupport] <String>] [[-Forward] <String>] [[-Cacertgrpname] <String>]
 [-PassThru] [-WhatIf] [-Confirm] [<CommonParameters>]

DESCRIPTION

Configuration for SSL action resource.

EXAMPLES

EXAMPLE 1

Invoke-ADCAddSslaction -name <string>

An example how to add sslaction configuration Object(s).

PARAMETERS

-Name

Name for the SSL action. Must begin with an ASCII alphanumeric or underscore (_) character, and must contain only ASCII alphanumeric, underscore, hash (#), period (.), space, colon (:), at (@), equals (=), and hyphen (-) characters. Cannot be changed after the action is created.

Type: String
Parameter Sets: (All)
Aliases:

Required: True
Position: 2
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-Clientauth

Perform client certificate authentication. Possible values = DOCLIENTAUTH, NOCLIENTAUTH

Type: String
Parameter Sets: (All)
Aliases:

Required: False
Position: 3
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-Clientcertverification

Client certificate verification is mandatory or optional. Possible values = Mandatory, Optional

Type: String
Parameter Sets: (All)
Aliases:

Required: False
Position: 4
Default value: Mandatory
Accept pipeline input: False
Accept wildcard characters: False

-Ssllogprofile

The name of the ssllogprofile.

Type: String
Parameter Sets: (All)
Aliases:

Required: False
Position: 5
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-Clientcert

Insert the entire client certificate into the HTTP header of the request being sent to the web server. The certificate is inserted in ASCII (PEM) format. Possible values = ENABLED, DISABLED

Type: String
Parameter Sets: (All)
Aliases:

Required: False
Position: 6
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-Certheader

Name of the header into which to insert the client certificate.

Type: String
Parameter Sets: (All)
Aliases:

Required: False
Position: 7
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-Clientcertserialnumber

Insert the entire client serial number into the HTTP header of the request being sent to the web server. Possible values = ENABLED, DISABLED

Type: String
Parameter Sets: (All)
Aliases:

Required: False
Position: 8
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-Certserialheader

Name of the header into which to insert the client serial number.

Type: String
Parameter Sets: (All)
Aliases:

Required: False
Position: 9
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-Clientcertsubject

Insert the client certificate subject, also known as the distinguished name (DN), into the HTTP header of the request being sent to the web server. Possible values = ENABLED, DISABLED

Type: String
Parameter Sets: (All)
Aliases:

Required: False
Position: 10
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-Certsubjectheader

Name of the header into which to insert the client certificate subject.

Type: String
Parameter Sets: (All)
Aliases:

Required: False
Position: 11
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-Clientcerthash

Insert the certificate's signature into the HTTP header of the request being sent to the web server. The signature is the value extracted directly from the X.509 certificate signature field. All X.509 certificates contain a signature field. Possible values = ENABLED, DISABLED

Type: String
Parameter Sets: (All)
Aliases:

Required: False
Position: 12
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-Certhashheader

Name of the header into which to insert the client certificate signature (hash).

Type: String
Parameter Sets: (All)
Aliases:

Required: False
Position: 13
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-Clientcertfingerprint

Insert the certificate's fingerprint into the HTTP header of the request being sent to the web server. The fingerprint is derived by computing the specified hash value (SHA256, for example) of the DER-encoding of the client certificate. Possible values = ENABLED, DISABLED

Type: String
Parameter Sets: (All)
Aliases:

Required: False
Position: 14
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-Certfingerprintheader

Name of the header into which to insert the client certificate fingerprint.

Type: String
Parameter Sets: (All)
Aliases:

Required: False
Position: 15
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-Certfingerprintdigest

Digest algorithm used to compute the fingerprint of the client certificate. Possible values = SHA1, SHA224, SHA256, SHA384, SHA512

Type: String
Parameter Sets: (All)
Aliases:

Required: False
Position: 16
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-Clientcertissuer

Insert the certificate issuer details into the HTTP header of the request being sent to the web server. Possible values = ENABLED, DISABLED

Type: String
Parameter Sets: (All)
Aliases:

Required: False
Position: 17
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-Certissuerheader

Name of the header into which to insert the client certificate issuer details.

Type: String
Parameter Sets: (All)
Aliases:

Required: False
Position: 18
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-Sessionid

Insert the SSL session ID into the HTTP header of the request being sent to the web server. Every SSL connection that the client and the Citrix ADC share has a unique ID that identifies the specific connection. Possible values = ENABLED, DISABLED

Type: String
Parameter Sets: (All)
Aliases:

Required: False
Position: 19
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-Sessionidheader

Name of the header into which to insert the Session ID.

Type: String
Parameter Sets: (All)
Aliases:

Required: False
Position: 20
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-Cipher

Insert the cipher suite that the client and the Citrix ADC negotiated for the SSL session into the HTTP header of the request being sent to the web server. The appliance inserts the cipher-suite name, SSL protocol, export or non-export string, and cipher strength bit, depending on the type of browser connecting to the SSL virtual server or service (for example, Cipher-Suite: RC4- MD5 SSLv3 Non-Export 128-bit). Possible values = ENABLED, DISABLED

Type: String
Parameter Sets: (All)
Aliases:

Required: False
Position: 21
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-Cipherheader

Name of the header into which to insert the name of the cipher suite.

Type: String
Parameter Sets: (All)
Aliases:

Required: False
Position: 22
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-Clientcertnotbefore

Insert the date from which the certificate is valid into the HTTP header of the request being sent to the web server. Every certificate is configured with the date and time from which it is valid. Possible values = ENABLED, DISABLED

Type: String
Parameter Sets: (All)
Aliases:

Required: False
Position: 23
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-Certnotbeforeheader

Name of the header into which to insert the date and time from which the certificate is valid.

Type: String
Parameter Sets: (All)
Aliases:

Required: False
Position: 24
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-Clientcertnotafter

Insert the date of expiry of the certificate into the HTTP header of the request being sent to the web server. Every certificate is configured with the date and time at which the certificate expires. Possible values = ENABLED, DISABLED

Type: String
Parameter Sets: (All)
Aliases:

Required: False
Position: 25
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-Certnotafterheader

Name of the header into which to insert the certificate's expiry date.

Type: String
Parameter Sets: (All)
Aliases:

Required: False
Position: 26
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-Owasupport

If the appliance is in front of an Outlook Web Access (OWA) server, insert a special header field, FRONT-END-HTTPS: ON, into the HTTP requests going to the OWA server. This header communicates to the server that the transaction is HTTPS and not HTTP. Possible values = ENABLED, DISABLED

Type: String
Parameter Sets: (All)
Aliases:

Required: False
Position: 27
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-Forward

This action takes an argument a vserver name, to this vserver one will be able to forward all the packets.

Type: String
Parameter Sets: (All)
Aliases:

Required: False
Position: 28
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-Cacertgrpname

This action will allow to pick CA(s) from the specific CA group, to verify the client certificate.

Type: String
Parameter Sets: (All)
Aliases:

Required: False
Position: 29
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-PassThru

Return details about the created sslaction item.

Type: SwitchParameter
Parameter Sets: (All)
Aliases:

Required: False
Position: Named
Default value: False
Accept pipeline input: False
Accept wildcard characters: False

-WhatIf

Shows what would happen if the cmdlet runs. The cmdlet is not run.

Type: SwitchParameter
Parameter Sets: (All)
Aliases: wi

Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-Confirm

Prompts you for confirmation before running the cmdlet.

Type: SwitchParameter
Parameter Sets: (All)
Aliases: cf

Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

CommonParameters

This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.

INPUTS

OUTPUTS

NOTES

File Name : Invoke-ADCAddSslaction Version : v2111.2521 Author : John Billekens Reference : https://developer-docs.citrix.com/projects/citrix-adc-nitro-api-reference/en/latest/configuration/ssl/sslaction/ Requires : PowerShell v5.1 and up ADC 13.x and up. ADC 12 and lower may work, not guaranteed.

RELATED LINKS

https://blog.j81.nl

⚠️ **GitHub.com Fallback** ⚠️