ansible / ansible.builtin / v2.4.2.0-1 / module / openssl_privatekey Generate OpenSSL private keys. | "added in version" 2.3 of ansible.builtin" Authors: Yanis Guenane (@Spredzy) preview | supported by communityansible.builtin.openssl_privatekey (v2.4.2.0-1) — module
pip
Install with pip install ansible==2.4.2.0.post1
This module allows one to (re)generate OpenSSL private keys. It uses the pyOpenSSL python library to interact with openssl. One can generate either RSA or DSA private keys. Keys are generated in PEM format. This module uses file common arguments to specify generated file permissions.
# Generate an OpenSSL private key with the default values (4096 bits, RSA) - openssl_privatekey: path: /etc/ssl/private/ansible.com.pem
# Generate an OpenSSL private key with the default values (4096 bits, RSA) # and a passphrase - openssl_privatekey: path: /etc/ssl/private/ansible.com.pem passphrase: ansible cipher: aes256
# Generate an OpenSSL private key with a different size (2048 bits) - openssl_privatekey: path: /etc/ssl/private/ansible.com.pem size: 2048
# Force regenerate an OpenSSL private key if it already exists - openssl_privatekey: path: /etc/ssl/private/ansible.com.pem force: True
# Generate an OpenSSL private key with a different algorithm (DSA) - openssl_privatekey: path: /etc/ssl/private/ansible.com.pem type: DSA
path: description: - Name of the file in which the generated TLS/SSL private key will be written. It will have 0600 mode. required: true size: default: 4096 description: - Size (in bits) of the TLS/SSL key to generate required: false type: choices: - RSA - DSA default: RSA description: - The algorithm used to generate the TLS/SSL private key required: false force: choices: - true - false default: false description: - Should the key be regenerated even it it already exists required: false state: choices: - present - absent default: present description: - Whether the private key should exist or not, taking action if the state is different from what is stated. required: false cipher: description: - The cipher to encrypt the private key. (cipher can be found by running `openssl list-cipher-algorithms`) required: false version_added: '2.4' version_added_collection: ansible.builtin passphrase: description: - The passphrase for the private key. required: false version_added: '2.4' version_added_collection: ansible.builtin
filename: description: Path to the generated TLS/SSL private key file returned: changed or success sample: /etc/ssl/private/ansible.com.pem type: string fingerprint: description: The fingerprint of the public key. Fingerprint will be generated for each hashlib.algorithms available. Requires PyOpenSSL >= 16.0 for meaningful output. returned: changed or success sample: md5: 84:75:71:72:8d:04:b5:6c:4d:37:6d:66:83:f5:4c:29 sha1: 51:cc:7c:68:5d:eb:41:43:88:7e:1a:ae:c7:f8:24:72:ee:71:f6:10 sha224: b1:19:a6:6c:14:ac:33:1d:ed:18:50:d3:06:5c:b2:32:91:f1:f1:52:8c:cb:d5:75:e9:f5:9b:46 sha256: 41:ab:c7:cb:d5:5f:30:60:46:99:ac:d4:00:70:cf:a1:76:4f:24:5d:10:24:57:5d:51:6e:09:97:df:2f:de:c7 sha384: 85:39:50:4e:de:d9:19:33:40:70:ae:10:ab:59:24:19:51:c3:a2:e4:0b:1c:b1:6e:dd:b3:0c:d9:9e:6a:46:af:da:18:f8:ef:ae:2e:c0:9a:75:2c:9b:b3:0f:3a:5f:3d sha512: fd:ed:5e:39:48:5f:9f:fe:7f:25:06:3f:79:08:cd:ee:a5:e7:b3:3d:13:82:87:1f:84:e1:f5:c7:28:77:53:94:86:56:38:69:f0:d9:35:22:01:1e:a6:60:...:0f:9b type: dict size: description: Size (in bits) of the TLS/SSL private key returned: changed or success sample: 4096 type: int type: description: Algorithm used to generate the TLS/SSL private key returned: changed or success sample: RSA type: string