Try SpotterGenerate an OpenSSL public key from its private key.
| "added in version" 2.3 of ansible.builtin"
Authors: Yanis Guenane (@Spredzy)
preview | supported by community
pipInstall with pip install ansible==2.4.4.0.post1
This module allows one to (re)generate OpenSSL public keys from their private keys. It uses the pyOpenSSL python library to interact with openssl. Keys are generated in PEM format. This module works only if the version of PyOpenSSL is recent enough (> 16.0.0). This module uses file common arguments to specify generated file permissions.
# Generate an OpenSSL public key in PEM format.
- openssl_publickey:
path: /etc/ssl/public/ansible.com.pem
privatekey_path: /etc/ssl/private/ansible.com.pem
# Generate an OpenSSL public key in OpenSSH v2 format.
- openssl_publickey:
path: /etc/ssl/public/ansible.com.pem
privatekey_path: /etc/ssl/private/ansible.com.pem
format: OpenSSH
# Generate an OpenSSL public key with a passphrase protected
# private key
- openssl_publickey:
path: /etc/ssl/public/ansible.com.pem
privatekey_path: /etc/ssl/private/ansible.com.pem
privatekey_passphrase: ansible
# Force regenerate an OpenSSL public key if it already exists
- openssl_publickey:
path: /etc/ssl/public/ansible.com.pem
privatekey_path: /etc/ssl/private/ansible.com.pem
force: True
# Remove an OpenSSL public key
- openssl_publickey:
path: /etc/ssl/public/ansible.com.pem
privatekey_path: /etc/ssl/private/ansible.com.pem
state: absent
path:
description:
- Name of the file in which the generated TLS/SSL public key will be written.
required: true
force:
choices:
- true
- false
default: false
description:
- Should the key be regenerated even it it already exists
required: false
state:
choices:
- present
- absent
default: present
description:
- Whether the public key should exist or not, taking action if the state is different
from what is stated.
required: false
format:
choices:
- PEM
- OpenSSH
default: PEM
description:
- The format of the public key.
required: false
version_added: '2.4'
version_added_collection: ansible.builtin
privatekey_path:
description:
- Path to the TLS/SSL private key from which to generate the public key.
required: true
privatekey_passphrase:
description:
- The passphrase for the privatekey.
required: false
version_added: '2.4'
version_added_collection: ansible.builtin
filename:
description: Path to the generated TLS/SSL public key file
returned: changed or success
sample: /etc/ssl/public/ansible.com.pem
type: string
fingerprint:
description: The fingerprint of the public key. Fingerprint will be generated for
each hashlib.algorithms available. Requires PyOpenSSL >= 16.0 for meaningful output.
returned: changed or success
sample:
md5: 84:75:71:72:8d:04:b5:6c:4d:37:6d:66:83:f5:4c:29
sha1: 51:cc:7c:68:5d:eb:41:43:88:7e:1a:ae:c7:f8:24:72:ee:71:f6:10
sha224: b1:19:a6:6c:14:ac:33:1d:ed:18:50:d3:06:5c:b2:32:91:f1:f1:52:8c:cb:d5:75:e9:f5:9b:46
sha256: 41:ab:c7:cb:d5:5f:30:60:46:99:ac:d4:00:70:cf:a1:76:4f:24:5d:10:24:57:5d:51:6e:09:97:df:2f:de:c7
sha384: 85:39:50:4e:de:d9:19:33:40:70:ae:10:ab:59:24:19:51:c3:a2:e4:0b:1c:b1:6e:dd:b3:0c:d9:9e:6a:46:af:da:18:f8:ef:ae:2e:c0:9a:75:2c:9b:b3:0f:3a:5f:3d
sha512: fd:ed:5e:39:48:5f:9f:fe:7f:25:06:3f:79:08:cd:ee:a5:e7:b3:3d:13:82:87:1f:84:e1:f5:c7:28:77:53:94:86:56:38:69:f0:d9:35:22:01:1e:a6:60:...:0f:9b
type: dict
format:
description: The format of the public key (PEM, OpenSSH, ...)
returned: changed or success
sample: PEM
type: string
privatekey:
description: Path to the TLS/SSL private key the public key was generated from
returned: changed or success
sample: /etc/ssl/private/ansible.com.pem
type: string