Try SpotterThis module allows to generate a CSR and upload the certificate
| "added in version" 2.1.0 of dellemc.openmanage"
Authors: Felix Stephen (@felixs88), Kritika Bhateja (@Kritika-Bhateja-03), Jennifer John (@Jennifer-John)
Install with ansible-galaxy collection install dellemc.openmanage:==9.1.0
collections:
- name: dellemc.openmanage
version: 9.1.0This module allows the generation a new certificate signing request (CSR) and to upload the certificate on OpenManage Enterprise.
---
- name: Generate a certificate signing request
dellemc.openmanage.ome_application_certificate:
hostname: "192.168.0.1"
username: "username"
password: "password"
ca_path: "/path/to/ca_cert.pem"
command: "generate_csr"
distinguished_name: "hostname.com"
department_name: "Remote Access Group"
business_name: "Dell Inc."
locality: "Round Rock"
country_state: "Texas"
country: "US"
email: "support@dell.com"
- name: Generate a certificate signing request with subject alternative names
dellemc.openmanage.ome_application_certificate:
hostname: "192.168.0.1"
username: "username"
password: "password"
ca_path: "/path/to/ca_cert.pem"
command: "generate_csr"
distinguished_name: "hostname.com"
subject_alternative_names: "hostname1.chassis.com,hostname2.chassis.com"
department_name: "Remote Access Group"
business_name: "Dell Inc."
locality: "Round Rock"
country_state: "Texas"
country: "US"
email: "support@dell.com"
- name: Upload the certificate
dellemc.openmanage.ome_application_certificate:
hostname: "192.168.0.1"
username: "username"
password: "password"
ca_path: "/path/to/ca_cert.pem"
command: "upload"
upload_file: "/path/certificate.cer"
port:
default: 443
description: OpenManage Enterprise or OpenManage Enterprise Modular HTTPS port.
type: int
email:
description: Email associated with the issuer. This option is applicable for C(generate_csr).
type: str
ca_path:
description:
- The Privacy Enhanced Mail (PEM) file that contains a CA certificate to be used for
the validation.
type: path
version_added: 5.0.0
version_added_collection: dellemc.openmanage
command:
choices:
- generate_csr
- upload
default: generate_csr
description: C(generate_csr) allows the generation of a CSR and C(upload) uploads
the certificate.
type: str
country:
description: Country in which the issuer resides. This option is applicable for C(generate_csr).
type: str
timeout:
default: 30
description: The socket level timeout in seconds.
type: int
version_added: 5.0.0
version_added_collection: dellemc.openmanage
hostname:
description: OpenManage Enterprise or OpenManage Enterprise Modular IP address or
hostname.
required: true
type: str
locality:
description: Local address of the issuer of the certificate. This option is applicable
for C(generate_csr).
type: str
password:
description:
- OpenManage Enterprise or OpenManage Enterprise Modular password.
- If the password is not provided, then the environment variable C(OME_PASSWORD) is
used.
- 'Example: export OME_PASSWORD=password'
required: true
type: str
username:
description:
- OpenManage Enterprise or OpenManage Enterprise Modular username.
- If the username is not provided, then the environment variable C(OME_USERNAME) is
used.
- 'Example: export OME_USERNAME=username'
required: true
type: str
upload_file:
description: Local path of the certificate file to be uploaded. This option is applicable
for C(upload). Once the certificate is uploaded, OpenManage Enterprise cannot be
accessed for a few seconds.
type: str
business_name:
description: Name of the business that issued the certificate. This option is applicable
for C(generate_csr).
type: str
country_state:
description: State in which the issuer resides. This option is applicable for C(generate_csr).
type: str
validate_certs:
default: true
description:
- If C(false), the SSL certificates will not be validated.
- Configure C(false) only on personally controlled sites where self-signed certificates
are used.
- Prior to collection version C(5.0.0), the I(validate_certs) is C(false) by default.
type: bool
version_added: 5.0.0
version_added_collection: dellemc.openmanage
department_name:
description: Name of the department that issued the certificate. This option is applicable
for C(generate_csr).
type: str
distinguished_name:
description: Name of the certificate issuer. This option is applicable for C(generate_csr).
type: str
subject_alternative_names:
description:
- Subject alternative name required for the certificate signing request generation.
- Supports up to 4 comma separated values starting from primary, secondary, Tertiary
and Quaternary values.
type: str
version_added: 8.1.0
version_added_collection: dellemc.openmanage
csr_status:
description: Details of the generated certificate.
returned: on success
sample:
CertificateData: '-----BEGIN CERTIFICATE REQUEST-----GHFSUEKLELE af3u4h2rkdkfjasczjfefhkrr/frjrfrjfrxnvzklf/nbcvxmzvndlskmcvbmzkdk
kafhaksksvklhfdjtrhhffgeth/tashdrfstkm@kdjFGD/sdlefrujjfvvsfeikdf yeufghdkatbavfdomehtdnske/tahndfavdtdfgeikjlagmdfbandfvfcrfgdtwxc
qwgfrteyupojmnsbajdkdbfs/ujdfgthedsygtamnsuhakmanfuarweyuiwruefjr etwuwurefefgfgurkjkdmbvfmvfvfk==-----END
CERTIFICATE REQUEST-----'
type: dict
error_info:
description: Details of the HTTP error.
returned: on HTTP error
sample:
error:
'@Message.ExtendedInfo':
- Message: Unable to upload the certificate because the certificate file provided
is invalid.
MessageArgs: []
MessageId: CSEC9002
RelatedProperties: []
Resolution: Make sure the CA certificate and private key are correct and retry
the operation.
Severity: Critical
code: Base.1.0.GeneralError
message: A general error has occurred. See ExtendedInfo for more information.
type: dict
msg:
description: Overall status of the certificate signing request.
returned: always
sample: Successfully generated certificate signing request.
type: str