dellemc / dellemc.powerscale / 3.0.0 / module / server_certificate Manage server certificates on a PowerScale Storage System | "added in version" 2.5.0 of dellemc.powerscale" Authors: Felix Stephen (@felixs88) <ansible.team@dell.com>dellemc.powerscale.server_certificate (3.0.0) — module
Install with ansible-galaxy collection install dellemc.powerscale:==3.0.0
collections: - name: dellemc.powerscale version: 3.0.0
Manage server certificates on a PowerScale Storage System includes import, update, set certificate to default, and delete server certificates.
- name: To import the new server certificate dellemc.powerscale.server_certificate: onefs_host: "{{ onefs_host }}" api_user: "{{ api_user }}" api_password: "{{ api_password }}" verify_ssl: "{{ verify_ssl }}" state: present alias_name: certificate_name description: The certificate description certificate_path: "/ifs/certificates/server.crt" certificate_key_path: "/ifs/certificates/server.key" certificate_key_password: "Secret@123"
- name: To import the new server certificate and set the certificate as default dellemc.powerscale.server_certificate: onefs_host: "{{ onefs_host }}" api_user: "{{ api_user }}" api_password: "{{ api_password }}" verify_ssl: "{{ verify_ssl }}" state: present alias_name: default_certificate description: The default certificate description certificate_path: "/ifs/certificates/server.crt" certificate_key_path: "/ifs/certificates/server.key" certificate_key_password: "Secret@123" is_default_certificate: true certificate_monitor_enabled: true certificate_pre_expiration_threshold: 300
- name: To update the server certificate dellemc.powerscale.server_certificate: onefs_host: "{{ onefs_host }}" api_user: "{{ api_user }}" api_password: "{{ api_password }}" verify_ssl: "{{ verify_ssl }}" state: present alias_name: certificate_new_name description: The updated certificate description
- name: To update the server certificate and set the certificate as default dellemc.powerscale.server_certificate: onefs_host: "{{ onefs_host }}" api_user: "{{ api_user }}" api_password: "{{ api_password }}" verify_ssl: "{{ verify_ssl }}" state: present certificate_id: "a851d9f3d7b16985be6fcb0402" description: The updated certificate description is_default_certificate: true certificate_monitor_enabled: true certificate_pre_expiration_threshold: 42949
- name: To delete the server certificate dellemc.powerscale.server_certificate: onefs_host: "{{ onefs_host }}" api_user: "{{ api_user }}" api_password: "{{ api_password }}" verify_ssl: "{{ verify_ssl }}" state: absent alias_name: certificate_new_name
- name: To delete the server certificate using certificate ID dellemc.powerscale.server_certificate: onefs_host: "{{ onefs_host }}" api_user: "{{ api_user }}" api_password: "{{ api_password }}" verify_ssl: "{{ verify_ssl }}" state: absent certificate_id: "a851d9f3d7b16985be6fcb0402"
state: choices: - absent - present default: present description: - The state option is used to mention the existence of server certificate. type: str port_no: default: '8080' description: - Port number of the PowerScale cluster.It defaults to 8080 if not specified. required: false type: str api_user: description: - username of the PowerScale cluster. required: true type: str alias_name: description: - The name of the certificate. - I(alias_name) is mutually exclusive with I(certificate_id). - The maximum length for I(alias_name) is 128. type: str onefs_host: description: - IP address or FQDN of the PowerScale cluster. required: true type: str verify_ssl: choices: - true - false description: - boolean variable to specify whether to validate SSL certificate or not. - C(true) - indicates that the SSL certificate should be verified. - C(false) - indicates that the SSL certificate should not be verified. required: true type: bool description: description: - The description of the certificate. - The maximum length for I(description) is 2048. - Setting an empty value is necessary to remove the certificate description. type: str api_password: description: - the password of the PowerScale cluster. required: true type: str certificate_id: description: - The ID of the imported certificate. - I(certificate_id) is mutually exclusive with I(alias_name). type: str new_alias_name: description: - The I(alias_name) of the certificate. - The maximum length for I(new_alias_name) is 128. type: str certificate_path: description: - The path of the certificate file. type: path certificate_key_path: description: - The path of the certificate key file. type: path is_default_certificate: default: false description: - To set the certificate as the default. - If the C(True) is selected, the server certificate is set to default. - Another certificate must be selected as default to designate a certificate as non-default. type: bool certificate_key_password: description: - The password of the certificate key. - The maximum length for I(certificate_key_password) is 256. type: str certificate_monitor_enabled: description: - Boolean value indicating whether certificate expiration monitoring is enabled. - This option is applicable if I(is_default_certificate) is C(True). type: bool certificate_pre_expiration_threshold: description: - The number of seconds before certificate expiration that the certificate expiration monitor will start raising alerts. - The range for this value is from 0 to 4294967295. - This option is applicable if I(is_default_certificate) is C(True). type: int
certificate_details: contains: certificate_monitor_enabled: description: Boolean value indicating whether certificate expiration monitoring is enabled. type: bool certificate_pre_expiration_threshold: description: The number of seconds before certificate expiration that the certificate expiration monitor will start raising alerts. type: int description: description: Description of the certificate. type: str dnsnames: description: Subject alternative names of the certificate. type: list fingerprints: description: Fingerprint details of the certificate. type: str id: description: System assigned certificate id. type: str issuer: description: Name of the certificate issuer. type: str name: description: Name for the certificate. type: str not_after: description: The date and time from which the certificate becomes valid and can be used for authentication and encryption. type: str not_before: description: The date and time until which the certificate is valid and can be used for authentication and encryption. type: str status: description: Status of the certificate. type: str subject: description: Subject of the certificate. type: str description: The server certificate details. returned: always sample: certificate_monitor_enabled: true certificate_pre_expiration_threshold: 4294 description: This the example test description dnsnames: - powerscale fingerprints: - type: SHA1 value: 68:b2:d5:5d:cc:b0:70:f1:f0:39:3a:bb:e0:44:49:70:6e:05:c3:ed - type: SHA256 value: 69:99:b9:c0:29:49:c9:62:e8:4b:60:05:60:a8:fa:f0:01:ab:24:43:8a:47:4c:2f:66:2c:95:a1:7c:d8:10:34 id: 6999b9c02949c962e84b600560a8faf001ab24438a474c2f662c95a17cd81034 issuer: C=IN, ST=Karnataka, L=Bangalore, O=Dell, OU=ISG, CN=powerscale, emailAddress=contact@dell.com name: test not_after: 1769586969 not_before: 1706514969 status: valid subject: C=IN, ST=Karnataka, L=Bangalore, O=Dell, OU=ISG, CN=powerscale, emailAddress=contact@dell.com type: dict changed: description: A boolean indicating if the task had to make changes. returned: always sample: 'false' type: bool