/ home / ansible / ansible.builtin / v2.9.27 / module / java_keystore

ansible.builtin.java_keystore (v2.9.27) — module

Create or delete a Java keystore in JKS format.

| "added in version" 2.7 of ansible.builtin"

Authors: Guillaume Grossetie (@Mogztter)

preview | supported by community

Install Ansible via `pip`

Install with pip install ansible==2.9.27

Description

Create or delete a Java keystore in JKS format for a given certificate.

Requirements

openssl
keytool

Usage examples

Scanned by Steampunk Spotter

# Create a key store for the given certificate (inline)
- java_keystore:
    name: example
    certificate: |
      -----BEGIN CERTIFICATE-----
      h19dUZ2co2fI/ibYiwxWk4aeNE6KWvCaTQOMQ8t6Uo2XKhpL/xnjoAgh1uCQN/69
      MG+34+RhUWzCfdZH7T8/qDxJw2kEPKluaYh7KnMsba+5jHjmtzix5QIDAQABo4IB
      -----END CERTIFICATE-----
    private_key: |
      -----BEGIN RSA PRIVATE KEY-----
      DBVFTEVDVFJJQ0lURSBERSBGUkFOQ0UxFzAVBgNVBAsMDjAwMDIgNTUyMDgxMzE3
      GLlDNMw/uHyME7gHFsqJA7O11VY6O5WQ4IDP3m/s5ZV6s+Nn6Lerz17VZ99
      -----END RSA PRIVATE KEY-----
    password: changeit
    dest: /etc/security/keystore.jks

Scanned by Steampunk Spotter

# Create a key store for the given certificate (lookup)
- java_keystore:
    name: example
    certificate: "{{lookup('file', '/path/to/certificate.crt') }}"
    private_key: "{{lookup('file', '/path/to/private.key') }}"
    password: changeit
    dest: /etc/security/keystore.jks

Inputs

    
dest:
    description:
    - Absolute path where the jks should be generated.
    required: true

mode:
    description:
    - Mode the file should be.
    required: false

name:
    description:
    - Name of the certificate.
    required: true

force:
    default: 'no'
    description:
    - Key store will be created even if it already exists.
    required: false
    type: bool

group:
    description:
    - Name of the group that should own jks file.
    required: false

owner:
    description:
    - Name of the user that should own jks file.
    required: false

password:
    description:
    - Password that should be used to secure the key store.
    required: true

certificate:
    description:
    - Certificate that should be used to create the key store.
    required: true

private_key:
    description:
    - Private key that should be used to create the key store.
    required: true

Outputs

cmd:
  description: Executed command to get action done
  returned: changed and failure
  sample: openssl x509 -noout -in /tmp/cert.crt -fingerprint -sha256
  type: str
msg:
  description: Output from stdout of keytool/openssl command after execution of given
    command or an error.
  returned: changed and failure
  sample: Unable to find the current certificate fingerprint in ...
  type: str
rc:
  description: keytool/openssl command execution return value
  returned: changed and failure
  sample: '0'
  type: int