f5networks / f5networks.f5_bigip / 1.13.0 / module / bigip_ssl_key_cert Import/Delete SSL keys and certs from BIG-IP | "added in version" 1.0.0 of f5networks.f5_bigip" Authors: Nitin Khanna (@nitinthewiz), Wojciech Wypior (@wojtek0806)f5networks.f5_bigip.bigip_ssl_key_cert (1.13.0) — module
Install with ansible-galaxy collection install f5networks.f5_bigip:==1.13.0
collections: - name: f5networks.f5_bigip version: 1.13.0
This module imports/deletes SSL keys and certificates on a BIG-IP. Keys can be imported from key files on the local disk, in PEM format. Certificates can be imported from certificate and key files on the local disk, in PEM format.
- hosts: all collections: - f5networks.f5_bigip connection: httpapi vars: ansible_host: "lb.mydomain.com" ansible_user: "admin" ansible_httpapi_password: "secret" ansible_network_os: f5networks.f5_bigip.bigip ansible_httpapi_use_ssl: yes tasks: - name: Import both key and cert bigip_ssl_key_cert: key_content: "{{ lookup('file', 'key.pem') }}" key_name: cert1 cert_content: "{{ lookup('file', 'cert.pem') }}" cert_name: cert1 state: present
state: choices: - present - absent default: present description: - When C(present), ensures the key and/or cert is uploaded to the device. - When C(absent), ensures the key and/or cert is removed from the device. If the key and/or cert is currently in use, the module will not be able to remove the key. type: str key_name: description: - The name of the key. type: str cert_name: description: - SSL Certificate Name. This is the cert name used when importing a certificate into the BIG-IP. It also determines the filenames of the objects on the LTM. type: str partition: default: Common description: - Device partition to manage resources on. type: str passphrase: description: - Passphrase on key. type: str issuer_cert: description: - Issuer certificate used for OCSP monitoring. - This parameter is only valid on versions of BIG-IP 13.0.0 or above. type: str key_content: description: - Sets the contents of a key directly to the specified value, used with lookup plugins, or for anything with formatting or templating. - Parameter must be provided when C(state) is C(present). type: str cert_content: description: - Sets the contents of a certificate directly to the specified value, used with lookup plugins, or for anything with formatting or templating. - Parameter must be provided when C(state) is C(present). type: str