AV-200557: Fix for application profile ssl_client_certificate_mode pr…

…operty

python/avi/migrationtools/nsxt_converter/profile_converter.py

@@ -249,3 +249,12 @@ def fast_profile_path(self, lb_pr):
             session_idle_timeout=lb_pr.get('idle_timeout')
         )
         return path
+
+
+def set_certificate_mode(t_obj_body, certificate_mode):
+    if 'http_profile' in t_obj_body.keys():
+        t_obj_body['http_profile']['ssl_client_certificate_mode'] = certificate_mode
+    else:
+        t_obj_body.update({"http_profile": {
+            "ssl_client_certificate_mode": certificate_mode
+        }})

python/avi/migrationtools/nsxt_converter/vs_converter.py

@@ -18,7 +18,7 @@
 
 from avi.migrationtools.nsxt_converter.pools_converter import skipped_pools_list, vs_pool_segment_list, \
     vs_sorry_pool_segment_list, pool_name_dict
-from avi.migrationtools.nsxt_converter.profile_converter import application_profile_list, network_profile_list
+from avi.migrationtools.nsxt_converter.profile_converter import application_profile_list, network_profile_list, set_certificate_mode
 from avi.migrationtools.nsxt_converter.ssl_profile_converter import ssl_profile_list
 
 LOG = logging.getLogger(__name__)
@@ -430,7 +430,7 @@ def convert(self, alb_config, nsx_lb_config, prefix, tenant, vs_state, controlle
                         for profile in alb_config["ApplicationProfile"]:
                             if merge_profile_name == profile["name"]:
                                 if client_ssl["client_auth"] == 'IGNORE':
-                                    profile["ssl_client_certificate_mode"] = 'SSL_CLIENT_CERTIFICATE_NONE'
+                                    set_certificate_mode(profile, 'SSL_CLIENT_CERTIFICATE_NONE')
                     if ssl_key_cert_refs:
                         alb_vs["ssl_key_and_certificate_refs"] = list(set(ssl_key_cert_refs))
                     skipped_client_ssl = [val for val in client_ssl.keys()