ansible / ansible.builtin / v2.8.15 / module / get_certificate Get a certificate from a host:port | "added in version" 2.8 of ansible.builtin" Authors: John Westcott IV (@john-westcott-iv) preview | supported by communityansible.builtin.get_certificate (v2.8.15) — module
pip
Install with pip install ansible==2.8.15
Makes a secure connection and returns information about the presented certificate
- name: Get the cert from an RDP port get_certificate: host: "1.2.3.4" port: 3389 delegate_to: localhost run_once: true register: cert
- name: Get a cert from an https port get_certificate: host: "www.google.com" port: 443 delegate_to: localhost run_once: true register: cert
- name: How many days until cert expires debug: msg: "cert expires in: {{ expire_days }} days." vars: expire_days: "{{ (( cert.not_after | to_datetime('%Y%m%d%H%M%SZ')) - (ansible_date_time.iso8601 | to_datetime('%Y-%m-%dT%H:%M:%SZ')) ).days }}"
host: description: - The host to get the cert for (IP is fine) required: true type: str port: description: - The port to connect to required: true type: int ca_cert: description: - A PEM file containing one or more root certificates; if present, the cert will be validated against these root certs. - Note that this only validates the certificate is signed by the chain; not that the cert is valid for the host presenting it. type: path timeout: default: 10 description: - The timeout in seconds type: int
cert: description: The certificate retrieved from the port returned: success type: str expired: description: Boolean indicating if the cert is expired returned: success type: bool extensions: description: Extensions applied to the cert returned: success type: list issuer: description: Information about the issuer of the cert returned: success type: dict not_after: description: Expiration date of the cert returned: success type: str not_before: description: Issue date of the cert returned: success type: str serial_number: description: The serial number of the cert returned: success type: str signature_algorithm: description: The algorithm used to sign the cert returned: success type: str subject: description: Information about the subject of the cert (OU, CN, etc) returned: success type: dict version: description: The version number of the certificate returned: success type: str