Error when updating Client SSL Template

daveitsme · December 3, 2025, 10:26am

#- 2025-12-03 11:09:25 ------------------------------------#

Hi,

I am having trouble updating a SSL Client Template with a new certificate/key pair when using this Ansible module: a10.acos_axapi.a10_slb_template_client_ssl.

vThunder A10: 5.2.1-P13

Ansible acos_axapi version: 5.2.1-p11-90624

Python version: 3.8.10

This is the playbook i am using:

- name: "Update Client-SSL Template Server Name List"

  a10.acos_axapi.a10_slb_template_client_ssl:

    a10_partition: "{{ server_a10_partition }}"

    name: "{{ server_a10_template_name }}"

    server_name_list:

- server_name: "{{ server_a10_server_name }}"

        server_cert: "{{ server_a10_server_name }}.pem"

        server_key: "{{ server_a10_server_name }}.key"

    ansible_host: "{{ server_hostname }}"

    ansible_username: "{{ a10_username }}"

    ansible_password: "{{ a10_password }}"

    ansible_port: "{{ a10_port }}"

This is the error:

[ERROR]: Task failed: Module failed: Can't remove certificate, template is currently in use.

When updating the Client SSL Template from the GUI then save and press ‘OK’, the template is updating fine and we can use the new certificate.

Is there anyway i can solve or work around this issue?

mdunn · December 5, 2025, 6:30pm

In doing some testing, I am seeing the same behavior. I found this workaround, but I will discuss internally regarding if this is expected behavior, and if we could make this more natively available in the playbook. Essentially we reference both the old and new in the same playbook.

- name: Update client SSL template
  connection: local
  hosts: vthunder
  vars:
    ssl_cert_file_old: cert_2025
    ssl_key_file_old: cert_2025
    ssl_cert_file_new: cert_2026
    ssl_key_file_new: cert_2026
  tasks:
  - name: Configure SSL cert template
    a10.acos_axapi.a10_slb_template_client_ssl:
      state: present
      name: test-client-ssl
      certificate_list:
        - cert: "{{ ssl_cert_file_old }}"
          key: "{{ ssl_key_file_old }}"
        - cert: "{{ ssl_cert_file_new }}"
          key: "{{ ssl_key_file_new }}"

daveitsme · December 10, 2025, 12:04pm

Unfortunately, i am getting the same error:

[ERROR]: Task failed: Module failed: Can't remove certificate, template is currently in use.

Only when i decouple the Client SSL Template from the virtual server the certificate gets replaced with the new certificate.

daveitsme · December 10, 2025, 1:47pm

Aah sorry, i made a mistake. Your solution does work.

Discussion		Replies	Views
Update SSL Template after Cert Upload via axapi SSLi - SSL Insight certificate , automation , tls-ssl	1	514	May 31, 2016
Unexpected Behavior a10.acos_axapi.a10_file_ssl_cert ADC - Application Delivery axapi , a10-thunder	4	32	February 19, 2026
REST API and updating slb client-ssl server-name-list ADC - Application Delivery certificate , axapi	0	247	August 17, 2021
ACME SSL certificate rotation not updated on HTTPS port ADC - Application Delivery certificate , slb-adc , a10-thunder	1	287	August 31, 2023
Disable TLS 1.0 and TLS 1.1 ADC - Application Delivery	25	1914	August 21, 2023

Error when updating Client SSL Template

Related topics