XLAB Steampunk logo Try Spotter
 / home / f5networks / f5networks.f5_bigip / 1.13.0 / module / bigip_ssl_key_cert

f5networks.f5_bigip.bigip_ssl_key_cert (1.13.0) — module

Import/Delete SSL keys and certs from BIG-IP

| "added in version" 1.0.0 of f5networks.f5_bigip"

Authors: Nitin Khanna (@nitinthewiz), Wojciech Wypior (@wojtek0806)

Install collection | Add to requirements.yml | Description | Usage examples | Inputs

Install collection

Install with ansible-galaxy collection install f5networks.f5_bigip:==1.13.0


Add to requirements.yml

  collections:
    - name: f5networks.f5_bigip
      version: 1.13.0

Description

This module imports/deletes SSL keys and certificates on a BIG-IP. Keys can be imported from key files on the local disk, in PEM format. Certificates can be imported from certificate and key files on the local disk, in PEM format.

Usage examples

Scanned by Steampunk Spotter
  • Success
    Steampunk Spotter scan finished with no errors, warnings or hints.
- hosts: all
  collections:
    - f5networks.f5_bigip
  connection: httpapi

  vars:
    ansible_host: "lb.mydomain.com"
    ansible_user: "admin"
    ansible_httpapi_password: "secret"
    ansible_network_os: f5networks.f5_bigip.bigip
    ansible_httpapi_use_ssl: yes

  tasks:
    - name: Import both key and cert
      bigip_ssl_key_cert:
        key_content: "{{ lookup('file', 'key.pem') }}"
        key_name: cert1
        cert_content: "{{ lookup('file', 'cert.pem') }}"
        cert_name: cert1
        state: present

Inputs

    
state:
    choices:
    - present
    - absent
    default: present
    description:
    - When C(present), ensures the key and/or cert is uploaded to the device.
    - When C(absent), ensures the key and/or cert is removed from the device. If the key
      and/or cert is currently in use, the module will not be able to remove the key.
    type: str

key_name:
    description:
    - The name of the key.
    type: str

cert_name:
    description:
    - SSL Certificate Name. This is the cert name used when importing a certificate into
      the BIG-IP. It also determines the filenames of the objects on the LTM.
    type: str

partition:
    default: Common
    description:
    - Device partition to manage resources on.
    type: str

passphrase:
    description:
    - Passphrase on key.
    type: str

issuer_cert:
    description:
    - Issuer certificate used for OCSP monitoring.
    - This parameter is only valid on versions of BIG-IP 13.0.0 or above.
    type: str

key_content:
    description:
    - Sets the contents of a key directly to the specified value, used with lookup plugins,
      or for anything with formatting or templating.
    - Parameter must be provided when C(state) is C(present).
    type: str

cert_content:
    description:
    - Sets the contents of a certificate directly to the specified value, used with lookup
      plugins, or for anything with formatting or templating.
    - Parameter must be provided when C(state) is C(present).
    type: str
Got feedback? steampunk@xlab.si | © 2024. All rights reserved.
Cookie policy-Privacy policy-Terms of use-Security policy