Try SpotterCertificate operations for PowerStore Storage System
| "added in version" 1.4.0 of dellemc.powerstore"
Authors: Trisha Datta (@Trisha_Datta) <ansible.team@dell.com>
Install with ansible-galaxy collection install dellemc.powerstore:==3.2.0
collections:
- name: dellemc.powerstore
version: 3.2.0Supports the provisioning operations on a certificate such as add/import, modify, reset, exchange and get the details of a certificate.
- name: Get details of certificate with certificate_id
dellemc.powerstore.certificate:
array_ip: "{{array_ip}}"
user: "{{user}}"
password: "{{password}}"
validate_certs: "{{validate_certs}}"
certificate_id: "e940144f-393f-4e9c-8f54-9a4d57b38c48"
state: "present"
- name: Reset certificates
dellemc.powerstore.certificate:
array_ip: "{{array_ip}}"
user: "{{user}}"
password: "{{password}}"
validate_certs: "{{validate_certs}}"
service: "VASA_HTTP"
state: "present"
- name: Exchange certificates
dellemc.powerstore.certificate:
array_ip: "{{array_ip}}"
user: "{{user}}"
password: "{{password}}"
validate_certs: "{{validate_certs}}"
service: "Replication_HTTP"
remote_address: "{{remote_array_ip}}"
remote_port: 443
remote_user: "{{remote_user}}"
remote_password: "{{remote_password}}"
state: "present"
- name: Add/import a certificate
dellemc.powerstore.certificate:
array_ip: "{{array_ip}}"
user: "{{user}}"
password: "{{password}}"
validate_certs: "{{validate_certs}}"
certificate_type: "CA_Client_Validation"
service: "VASA_HTTP"
certificate: "{{certificate_string}}"
is_current: true
state: "present"
- name: Modify certificate
dellemc.powerstore.certificate:
array_ip: "{{array_ip}}"
user: "{{user}}"
password: "{{password}}"
validate_certs: "{{validate_certs}}"
certificate_id: "37b76535-612b-456a-a694-1389f17632c7"
is_current: true
state: "present"
port:
description:
- Port number for the PowerStore array.
- If not passed, it will take 443 as default.
type: int
user:
description:
- The username of the PowerStore host.
required: true
type: str
scope:
description:
- Defines a subset of certificates belonging to one service.
type: str
state:
choices:
- absent
- present
description:
- Define whether the certificate should exist or not.
required: true
type: str
service:
choices:
- Management_HTTP
- Replication_HTTP
- VASA_HTTP
- Import_HTTP
- LDAP_HTTP
- Syslog_HTTP
description:
- Type of the service for which the certificate is used.
- Mandatory for reset and exchange operation.
type: str
timeout:
default: 120
description:
- Time after which the connection will get terminated.
- It is to be mentioned in seconds.
type: int
array_ip:
description:
- IP or FQDN of the PowerStore management system.
required: true
type: str
password:
description:
- The password of the PowerStore host.
required: true
type: str
is_current:
description:
- Indicates whether this is the current X509 certificate to be used by the service
or this X509 Certificate will be used in the future.
type: bool
certificate:
description:
- Concatenated PEM encoded x509_certificate string from end-entity certificate to
root certificate.
type: str
remote_port:
description:
- The port address of the remote cluster.
type: int
remote_user:
description:
- The username of the remote cluster.
type: str
certificate_id:
description:
- Unique identifier of the certificate.
- Mandatory only for modify operation.
type: str
remote_address:
description:
- IPv4 or DNS name of the remote cluster.
type: str
validate_certs:
aliases:
- verifycert
default: true
description:
- Boolean variable to specify whether to validate SSL certificate or not.
- C(true) - indicates that the SSL certificate should be verified. Set the environment
variable REQUESTS_CA_BUNDLE to the path of the SSL certificate.
- C(false) - indicates that the SSL certificate should not be verified.
type: bool
remote_password:
description:
- The password of the remote cluster.
type: str
certificate_type:
choices:
- Server
- Client
- CA_Client_Validation
- CA_Server_Validation
description:
- Type of the certificate.
type: str
certificate_details:
contains:
id:
description: The system generated ID given to the certificate.
type: str
is_current:
description: Whether the certificate can be used now or not.
type: bool
is_valid:
description: Indicates whether this is a valid X509 certificate.
type: bool
members:
contains:
certificate:
description: Base64 encoded certificate without any line breaks.
type: str
depth:
description: Depth indicates the position of this member certificate in
the X509 Certificate chain.
type: str
issuer:
description: Distinguished name of the certificate issuer.
type: str
key_length:
description: Private key length.
type: int
public_key_algorithm:
description: Public key algorithm used to generate the key pair.
type: str
serial_number:
description: Certificate serial number.
type: str
signature_algorithm:
description: Certificate signature algorithm.
type: str
subject:
description: Certificate subject or so called distinguished name.
type: str
subject_alternative_names:
description: Additional DNS names or IP addresses in the x509_certificate.
type: list
thumbprint:
description: CeHash value of the certificate.
type: str
thumbprint_algorithm:
description: The thumbprint algorithm.
type: str
thumbprint_algorithm_l10n:
description: Localized message string corresponding to thumbprint_algorithm.
type: str
valid_from:
description: Date and time when the certificate becomes valid.
type: str
valid_to:
description: Date and time when the certificate will expire.
type: str
description: Member certificates included in this x509_certificate.
type: complex
service:
description: Type of the service for which the certificate is used.
type: str
service_l10n:
description: Localized message string corresponding to service.
type: str
type:
description: Type of the certificate.
type: str
type_l10n:
description: Localized message string corresponding to type.
type: str
description: Details of the certificate.
returned: When certificate exists
sample:
id: 1f0fd938-f122-482a-97b3-72ab1500d007
is_current: true
is_valid: true
members:
- certificate: MIIFejCCA2KgAwIBAgIJAPru9o7dBIwFMA0GCSqGSIb3D QEBCwUAMFcxCzAJBgNVBAYTAlVTMQswCQ
depth: 1
issuer: CN=Dell Technologies PowerStore CA LBSD548W,O=Dell Technologies,ST=MA,C=US
key_length: 4096
public_key_algorithm: SHA256withRSA
subject: CN=Dell Technologies PowerStore CA LBSD548W,O=Dell Technologies,ST=MA,C=US
subject_alternative_names: []
thumbprint: 5ff9bc0108dffb0374189d08bc11a6a97eaedac5add511e8a30e7ce283a0ced6
thumbprint_algorithm: SHA-256
thumbprint_algorithm_l10n: SHA-256
valid_from: '2021-02-02T17:35:29.0Z'
valid_to: '2026-01-16T17:35:29.0Z'
scope: 1.2.3.4
service: Management_HTTP
service_l10n: Management_HTTP
type: Server
type_l10n: Server
type: complex
changed:
description: Whether or not the resource has changed.
returned: always
sample: 'false'
type: bool