ansible / ansible.builtin / v2.7.16 / module / java_cert Uses keytool to import/remove key from java keystore(cacerts) | "added in version" 2.3 of ansible.builtin" Authors: Adam Hamsik (@haad) preview | supported by communityansible.builtin.java_cert (v2.7.16) — module
pip
Install with pip install ansible==2.7.16
This is a wrapper module around keytool. Which can be used to import/remove certificates from a given java keystore.
- name: Import SSL certificate from google.com to a given cacerts keystore java_cert: cert_url: google.com cert_port: 443 keystore_path: /usr/lib/jvm/jre7/lib/security/cacerts keystore_pass: changeit state: present
- name: Remove certificate with given alias from a keystore java_cert: cert_url: google.com keystore_path: /usr/lib/jvm/jre7/lib/security/cacerts keystore_pass: changeit executable: /usr/lib/jvm/jre7/bin/keytool state: absent
- name: Import SSL certificate from google.com to a keystore, create it if it doesn't exist java_cert: cert_url: google.com keystore_path: /tmp/cacerts keystore_pass: changeit keystore_create: yes state: present
- name: Import a pkcs12 keystore with a specified alias, create it if it doesn't exist java_cert: pkcs12_path: "/tmp/importkeystore.p12" cert_alias: default keystore_path: /opt/wildfly/standalone/configuration/defaultkeystore.jks keystore_pass: changeit keystore_create: yes state: present
state: choices: - absent - present default: present description: - Defines action which can be either certificate import or removal. cert_url: description: - Basic URL to fetch SSL certificate from. One of cert_url or cert_path is required to load certificate. cert_path: description: - Local path to load certificate from. One of cert_url or cert_path is required to load certificate. cert_port: default: 443 description: - Port to connect to URL. This will be used to create server URL:PORT cert_alias: description: - Imported certificate alias. executable: default: keytool description: - Path to keytool binary if not used we search in PATH for it. pkcs12_path: description: - Local path to load PKCS12 keystore from. version_added: '2.4' version_added_collection: ansible.builtin pkcs12_alias: default: 1 description: - Alias in the PKCS12 keystore. version_added: '2.4' version_added_collection: ansible.builtin keystore_pass: description: - Keystore password. required: true keystore_path: description: - Path to keystore. keystore_create: description: - Create keystore if it doesn't exist pkcs12_password: default: '' description: - Password for importing from PKCS12 keystore. version_added: '2.4' version_added_collection: ansible.builtin
cmd: description: Executed command to get action done returned: success sample: keytool -importcert -noprompt -keystore type: string msg: description: Output from stdout of keytool command after execution of given command. returned: success sample: Module require existing keystore at keystore_path '/tmp/test/cacerts' type: string rc: description: Keytool command execution return value returned: success sample: '0' type: int