mirror.MikroTik/ansible-collections.community.routeros
1
0
Fork 0
mirror of https://github.com/ansible-collections/community.routeros.git synced 2025-06-25 11:18:44 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

deploy: 2333efcf0f

Browse source
This commit is contained in:
felixfontein 2023-06-22 18:46:32 +00:00
parent 581f29a187
commit cda70580f8
11 changed files with 170 additions and 170 deletions
Download patch file Download diff file Expand all files Collapse all files

8
branch/main/docsite/api-guide.html
View file

@ -222,16 +222,16 @@
</section>
<section id="setting-up-encryption">
<h2>Setting up encryption<a class="headerlink" href="#setting-up-encryption" title="Permalink to this heading"></a></h2>
<p>It is recommended to always use <code class="docutils literal notranslate"><span class="pre">tls:</span> <span class="pre">true</span></code> when connecting with the API, even if you are only connecting to the device through a trusted network. The following options control how TLS/SSL is used:</p>
<p>It is recommended to always use <code class="ansible-option-value docutils literal notranslate"><span class="pre">tls=true</span></code> when connecting with the API, even if you are only connecting to the device through a trusted network. The following options control how TLS/SSL is used:</p>
<dl class="field-list simple">
<dt class="field-odd">force_no_cert<span class="colon">:</span></dt>
<dd class="field-odd"><p>Setting to <code class="docutils literal notranslate"><span class="pre">true</span></code> connects to the device without a certificate. <strong>This is discouraged to use in production and is susceptible to Man-in-the-Middle attacks</strong>, but might be useful when setting the device up. The default value is <code class="docutils literal notranslate"><span class="pre">false</span></code>.</p>
<dd class="field-odd"><p>Setting to <code class="ansible-value docutils literal notranslate"><span class="pre">true</span></code> connects to the device without a certificate. <strong>This is discouraged to use in production and is susceptible to Man-in-the-Middle attacks</strong>, but might be useful when setting the device up. The default value is <code class="ansible-value docutils literal notranslate"><span class="pre">false</span></code>.</p>
</dd>
<dt class="field-even">validate_certs<span class="colon">:</span></dt>
<dd class="field-even"><p>Setting to <code class="docutils literal notranslate"><span class="pre">false</span></code> disables any certificate validation. <strong>This is discouraged to use in production</strong>, but is needed when setting the device up. The default value is <code class="docutils literal notranslate"><span class="pre">true</span></code>.</p>
<dd class="field-even"><p>Setting to <code class="ansible-value docutils literal notranslate"><span class="pre">false</span></code> disables any certificate validation. <strong>This is discouraged to use in production</strong>, but is needed when setting the device up. The default value is <code class="ansible-value docutils literal notranslate"><span class="pre">true</span></code>.</p>
</dd>
<dt class="field-odd">validate_cert_hostname<span class="colon">:</span></dt>
<dd class="field-odd"><p>Setting to <code class="docutils literal notranslate"><span class="pre">false</span></code> (default) disables hostname verification during certificate validation. This is needed if the hostnames specified in the certificate do not match the hostname used for connecting (usually the devices IP). It is recommended to set up the certificate correctly and set this to <code class="docutils literal notranslate"><span class="pre">true</span></code>; the default <code class="docutils literal notranslate"><span class="pre">false</span></code> is chosen for backwards compatibility to an older version of the module.</p>
<dd class="field-odd"><p>Setting to <code class="ansible-value docutils literal notranslate"><span class="pre">false</span></code> (default) disables hostname verification during certificate validation. This is needed if the hostnames specified in the certificate do not match the hostname used for connecting (usually the devices IP). It is recommended to set up the certificate correctly and set this to <code class="ansible-value docutils literal notranslate"><span class="pre">true</span></code>; the default <code class="ansible-value docutils literal notranslate"><span class="pre">false</span></code> is chosen for backwards compatibility to an older version of the module.</p>
</dd>
<dt class="field-even">ca_path<span class="colon">:</span></dt>
<dd class="field-even"><p>If you are not using a commerically trusted CA certificate to sign your devices certificate, or have not included your CA certificate in Pythons truststore, you need to point this option to the CA certificate.</p>