'Name for and, optionally, path to the generated certificate file. /nsconfig/ssl/ is the default path.',
},
{
displayName:'Certificate Format',
name:'certificateFormat',
type:'options',
options:[
{
name:'PEM',
value:'PEM',
},
{
name:'DER',
value:'DER',
},
],
required: true,
displayOptions:{
show:{
resource:['certificate'],
operation:['create'],
},
},
default:'PEM',
description:'Format in which the certificate is stored on the appliance',
},
{
displayName:'Certificate Type',
name:'certificateType',
type:'options',
options:[
{
name:'Root-CA',
value:'ROOT_CERT',
description:
'You must specify the key file name. The generated Root-CA certificate can be used for signing end-user client or server certificates or to create Intermediate-CA certificates.',
},
{
name:'Intermediate-CA',
value:'INTM_CERT',
description:'Intermediate-CA certificate',
},
{
name:'Server',
value:'SRVR_CERT',
description:'SSL server certificate used on SSL servers for end-to-end encryption',
},
{
name:'Client',
value:'CLNT_CERT',
description:'End-user client certificate used for client authentication',
},
],
required: true,
displayOptions:{
show:{
resource:['certificate'],
operation:['create'],
},
},
default:'ROOT_CERT',
},
{
displayName:'Certificate Request File Name',
name:'certificateRequestFileName',
type:'string',
default:'',
required: true,
displayOptions:{
show:{
operation:['create'],
resource:['certificate'],
},
},
description:
'Name for and, optionally, path to the certificate-signing request (CSR). /nsconfig/ssl/ is the default path.',
'Private key, associated with the CA certificate that is used to sign the Intermediate-CA certificate or the end-user client and server certificate. If the CA key file is password protected, the user is prompted to enter the pass phrase that was used to encrypt the key.',
'Name for and, optionally, path to the private key. You can either use an existing RSA or DSA key that you own or create a new private key on the Citrix ADC. This file is required only when creating a self-signed Root-CA certificate. The key file is stored in the /nsconfig/ssl directory by default.',
'Serial number file maintained for the CA certificate. This file contains the serial number of the next certificate to be issued or signed by the CA.',
description:'Format in which the key is stored on the appliance',
},
{
displayName:'Additional Fields',
name:'additionalFields',
type:'collection',
placeholder:'Add Field',
default:{},
displayOptions:{
show:{
resource:['certificate'],
operation:['create'],
},
},
options:[
{
displayName:'PEM Passphrase (For Encrypted Key)',
name:'pempassphrase',
type:'string',
displayOptions:{
show:{
'/certificateType':['ROOT_CERT'],
},
},
default:'',
description:
'Name for and, optionally, path to the private key. You can either use an existing RSA or DSA key that you own or create a new private key on the Citrix ADC. This file is required only when creating a self-signed Root-CA certificate. The key file is stored in the /nsconfig/ssl directory by default.',
},
{
displayName:'PEM Passphrase (For Encrypted CA Key)',
name:'pempassphrase',
type:'string',
displayOptions:{
hide:{
'/certificateType':['ROOT_CERT'],
},
},
default:'',
description:
'Name for and, optionally, path to the private key. You can either use an existing RSA or DSA key that you own or create a new private key on the Citrix ADC. This file is required only when creating a self-signed Root-CA certificate. The key file is stored in the /nsconfig/ssl directory by default.',
},
{
displayName:'Subject Alternative Name',
name:'subjectaltname',
type:'string',
default:'',
description:
'Subject Alternative Name (SAN) is an extension to X.509 that allows various values to be associated with a security certificate using a subjectAltName field',
},
{
displayName:'Validity Period (Number of Days)',
name:'days',
type:'string',
default:'',
description:
'Number of days for which the certificate will be valid, beginning with the time and day (system time) of creation',
description:'Name for the certificate and private-key pair',
},
{
displayName:'Certificate File Name',
name:'certificateFileName',
type:'string',
required: true,
displayOptions:{
show:{
resource:['certificate'],
operation:['install'],
},
},
default:'',
description:'Name of and, optionally, path to the X509 certificate file that is used to form the certificate-key pair. /nsconfig/ssl/ is the default path.',
},
{
displayName:'Private Key File Name',
name:'privateKeyFileName',
type:'string',
default:'',
required: true,
displayOptions:{
show:{
resource:['certificate'],
operation:['install'],
},
},
description:'Name of and, optionally, path to the X509 certificate file that is used to form the certificate-key pair. /nsconfig/ssl/ is the default path.',
},
{
displayName:'Certificate Format',
name:'certificateFormat',
type:'options',
options:[
{
name:'PEM',
value:'PEM',
},
{
name:'DER',
value:'DER',
},
],
required: true,
displayOptions:{
show:{
resource:['certificate'],
operation:['install'],
},
},
default:'PEM',
description:
'Input format of the certificate and the private-key files. The three formats supported by the appliance are: PEM - Privacy Enhanced Mail DER - Distinguished Encoding Rule PFX - Personal Information Exchange.',
},
{
displayName:'Password',
name:'password',
type:'string',
typeOptions:{
password: true,
},
required: true,
displayOptions:{
show:{
resource:['certificate'],
operation:['install'],
certificateFormat:['PEM'],
},
},
default:'',
description:
'Input format of the certificate and the private-key files. The three formats supported by the appliance are: PEM - Privacy Enhanced Mail DER - Distinguished Encoding Rule PFX - Personal Information Exchange.',
},
{
displayName:'Notify When Expires',
name:'notifyExpiration',
type:'boolean',
required: true,
displayOptions:{
show:{
resource:['certificate'],
operation:['install'],
},
},
default:false,
description:'Whether to alert when the certificate is about to expire',
},
{
displayName:'Notification Period (Days)',
name:'notificationPeriod',
type:'number',
default:10,
required: true,
typeOptions:{
minValue: 10,
maxValue: 100,
},
displayOptions:{
show:{
resource:['certificate'],
operation:['install'],
notifyExpiration:[true],
},
},
description:
'Time, in number of days, before certificate expiration, at which to generate an alert that the certificate is about to expire',
},
{
displayName:'Certificate Bundle',
name:'certificateBundle',
type:'boolean',
default:false,
displayOptions:{
show:{
resource:['certificate'],
operation:['install'],
certificateFormat:['PEM'],
},
},
description:
"Whether to parse the certificate chain as a single file after linking the server certificate to its issuer's certificate within the file",