New in version 2.3.
Parameter | Choices/Defaults | Comments |
---|---|---|
cert_alias | Imported certificate alias. | |
cert_path | Local path to load certificate from. One of cert_url or cert_path is required to load certificate. | |
cert_port | Default: 443 | Port to connect to URL. This will be used to create server URL:PORT |
cert_url | Basic URL to fetch SSL certificate from. One of cert_url or cert_path is required to load certificate. | |
executable | Default: keytool | Path to keytool binary if not used we search in PATH for it. |
keystore_create | Create keystore if it doesn't exist | |
keystore_pass required | Keystore password. | |
keystore_path | Path to keystore. | |
pkcs12_alias (added in 2.4) | Default: 1 | Alias in the PKCS12 keystore. |
pkcs12_password (added in 2.4) | Default: | Password for importing from PKCS12 keystore. |
pkcs12_path (added in 2.4) | Local path to load PKCS12 keystore from. | |
state |
| Defines action which can be either certificate import or removal. |
- name: Import SSL certificate from google.com to a given cacerts keystore java_cert: cert_url: google.com cert_port: 443 keystore_path: /usr/lib/jvm/jre7/lib/security/cacerts keystore_pass: changeit state: present - name: Remove certificate with given alias from a keystore java_cert: cert_url: google.com keystore_path: /usr/lib/jvm/jre7/lib/security/cacerts keystore_pass: changeit executable: /usr/lib/jvm/jre7/bin/keytool state: absent - name: Import SSL certificate from google.com to a keystore, create it if it doesn't exist java_cert: cert_url: google.com keystore_path: /tmp/cacerts keystore_pass: changeit keystore_create: yes state: present - name: Import a pkcs12 keystore with a specified alias, create it if it doesn't exist java_cert: pkcs12_path: "/tmp/importkeystore.p12" cert_alias: default keystore_path: /opt/wildfly/standalone/configuration/defaultkeystore.jks keystore_pass: changeit keystore_create: yes state: present
Common return values are documented here, the following are the fields unique to this module:
Key | Returned | Description |
---|---|---|
cmd string | success | Executed command to get action done Sample: keytool -importcert -noprompt -keystore |
msg string | success | Output from stdout of keytool command after execution of given command. Sample: Module require existing keystore at keystore_path '/tmp/test/cacerts' |
rc int | success | Keytool command execution return value Sample: 0 |
This module is flagged as preview which means that it is not guaranteed to have a backwards compatible interface.
This module is flagged as community which means that it is maintained by the Ansible Community. See Module Maintenance & Support for more info.
For a list of other modules that are also maintained by the Ansible Community, see here.
Hint
If you notice any issues in this documentation you can edit this document to improve it.
© 2012–2018 Michael DeHaan
© 2018 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.7/modules/java_cert_module.html