XLAB Steampunk logo Try Spotter
 / home / f5networks / f5networks.f5_bigip / 3.4.0 / module / bigip_ssl_key_cert

f5networks.f5_bigip.bigip_ssl_key_cert (3.4.0) — module

Import/Delete SSL keys and certs from BIG-IP

| "added in version" 1.0.0 of f5networks.f5_bigip"

Authors: Nitin Khanna (@nitinthewiz), Wojciech Wypior (@wojtek0806)

Install collection | Add to requirements.yml | Description | Usage examples | Inputs

Install collection

Install with ansible-galaxy collection install f5networks.f5_bigip:==3.4.0


Add to requirements.yml

  collections:
    - name: f5networks.f5_bigip
      version: 3.4.0

Description

This module imports/deletes SSL keys and certificates on a BIG-IP. Keys can be imported from key files on the local disk, in PEM format. Certificates can be imported from certificate and key files on the local disk, in PEM format.

Usage examples

Scanned by Steampunk Spotter
  • Success
    Steampunk Spotter scan finished with no errors, warnings or hints.
- name: Import both key and cert
  bigip_ssl_key_cert:
    key_content: "{{ lookup('file', 'key.pem') }}"
    key_name: cert1
    cert_content: "{{ lookup('file', 'cert.pem') }}"
    cert_name: cert1
    state: present
Scanned by Steampunk Spotter
  • Success
    Steampunk Spotter scan finished with no errors, warnings or hints.
- name: Import cert and key without appending .crt and .key extensions
  bigip_ssl_key_cert:
    key_content: "{{ lookup('file', 'key.pem') }}"
    key_name: key1
    cert_content: "{{ lookup('file', 'cert.pem') }}"
    cert_name: cert1
    true_names: true
    state: present

Inputs

    
state:
    choices:
    - present
    - absent
    default: present
    description:
    - When C(present), ensures the key and/or cert is uploaded to the device.
    - When C(absent), ensures the key and/or cert is removed from the device. If the key
      and/or cert is currently in use, the module will not be able to remove the key.
    type: str

key_name:
    description:
    - The name of the key.
    type: str

cert_name:
    description:
    - SSL Certificate Name. This is the cert name used when importing a certificate into
      the BIG-IP. It also determines the filenames of the objects on the LTM.
    type: str

partition:
    default: Common
    description:
    - Device partition on which to manage resources.
    type: str

passphrase:
    description:
    - Passphrase on key.
    type: str

true_names:
    default: false
    description:
    - If C(true), then the module does not append the C(.crt) and C(.key) extensions to
      the given certificate and key names.
    - If C(false), then the module appends the C(.crt) and C(.key) extensions to the given
      certificate and key names.
    type: bool
    version_added: 2.1.0
    version_added_collection: f5networks.f5_bigip

issuer_cert:
    description:
    - Issuer certificate used for OCSP monitoring.
    - This parameter is only valid on versions of BIG-IP 13.0.0 or above.
    type: str

key_content:
    description:
    - Sets the contents of a key directly to the specified value, used with lookup plugins,
      or for anything with formatting or templating.
    - Parameter must be provided when C(state) is C(present).
    type: str

cert_content:
    description:
    - Sets the contents of a certificate directly to the specified value, used with lookup
      plugins, or for anything with formatting or templating.
    - Parameter must be provided when C(state) is C(present).
    type: str
Got feedback? steampunk@xlab.si | © 2024. All rights reserved.
Cookie policy-Privacy policy-Terms of use-Security policy