XLAB Steampunk logo Try Spotter
 / home / f5networks / f5networks.f5_modules / 1.28.0 / module / bigip_ssl_key

f5networks.f5_modules.bigip_ssl_key (1.28.0) — module

Import/Delete SSL keys from BIG-IP

| "added in version" 1.0.0 of f5networks.f5_modules"

Authors: Tim Rupp (@caphrim007), Wojciech Wypior (@wojtek0806)

Install collection | Add to requirements.yml | Description | Requirements | Usage examples | Inputs | Outputs

Install collection

Install with ansible-galaxy collection install f5networks.f5_modules:==1.28.0


Add to requirements.yml

  collections:
    - name: f5networks.f5_modules
      version: 1.28.0

Description

This module imports/deletes SSL keys on a BIG-IP. Keys can be imported from key files on the local disk, in PEM format.


Requirements

Usage examples

Scanned by Steampunk Spotter
  • Success
    Steampunk Spotter scan finished with no errors, warnings or hints.
- name: Use a file lookup to import key
  bigip_ssl_key:
    name: key-name
    state: present
    content: "{{ lookup('file', '/path/to/key.key') }}"
    provider:
      server: lb.mydomain.com
      user: admin
      password: secret
  delegate_to: localhost
Scanned by Steampunk Spotter
  • Success
    Steampunk Spotter scan finished with no errors, warnings or hints.
- name: Delete key
  bigip_ssl_key:
    name: key-name
    state: absent
    provider:
      server: lb.mydomain.com
      user: admin
      password: secret
  delegate_to: localhost

Inputs

    
name:
    description:
    - The name of the key.
    required: true
    type: str

state:
    choices:
    - present
    - absent
    default: present
    description:
    - When C(present), ensures the key is uploaded to the device. When C(absent), ensures
      the key is removed from the device. If the key is currently in use, the module is
      not able to remove the key.
    type: str

content:
    aliases:
    - key_content
    description:
    - Sets the contents of a key directly to the specified value. This is used with lookup
      plugins or for anything with formatting or templating. This must be provided when
      C(state) is C(present).
    type: str

provider:
    description:
    - A dict object containing connection details.
    suboptions:
      auth_provider:
        description:
        - Configures the auth provider for to obtain authentication tokens from the remote
          device.
        - This option is really used when working with BIG-IQ devices.
        type: str
      no_f5_teem:
        default: false
        description:
        - If C(yes), TEEM telemetry data is not sent to F5.
        - You may omit this option by setting the environment variable C(F5_TELEMETRY_OFF).
        - Previously used variable C(F5_TEEM) is deprecated as its name was confusing.
        type: bool
      password:
        aliases:
        - pass
        - pwd
        description:
        - The password for the user account used to connect to the BIG-IP or the BIG-IQ.
        - You may omit this option by setting the environment variable C(F5_PASSWORD).
        required: true
        type: str
      server:
        description:
        - The BIG-IP host or the BIG-IQ host.
        - You may omit this option by setting the environment variable C(F5_SERVER).
        required: true
        type: str
      server_port:
        default: 443
        description:
        - The BIG-IP server port.
        - You may omit this option by setting the environment variable C(F5_SERVER_PORT).
        type: int
      timeout:
        description:
        - Specifies the timeout in seconds for communicating with the network device for
          either connecting or sending commands.  If the timeout is exceeded before the
          operation is completed, the module will error.
        type: int
      transport:
        choices:
        - rest
        default: rest
        description:
        - Configures the transport connection to use when connecting to the remote device.
        type: str
      user:
        description:
        - The username to connect to the BIG-IP or the BIG-IQ. This user must have administrative
          privileges on the device.
        - You may omit this option by setting the environment variable C(F5_USER).
        required: true
        type: str
      validate_certs:
        default: true
        description:
        - If C(no), SSL certificates are not validated. Use this only on personally controlled
          sites using self-signed certificates.
        - You may omit this option by setting the environment variable C(F5_VALIDATE_CERTS).
        type: bool
    type: dict
    version_added: 1.0.0
    version_added_collection: f5networks.f5_modules

partition:
    default: Common
    description:
    - Device partition to manage resources on.
    type: str

passphrase:
    description:
    - Passphrase on key.
    type: str

true_names:
    default: false
    description:
    - When C(true), the module does not append C(.key) extension to the given key name.
    - When C(false), the module appends C(.key) extension to the given key name.
    type: bool
    version_added: 1.24.0
    version_added_collection: f5networks.f5_modules

Outputs

key_checksum:
  description: SHA1 checksum of the key.
  returned: changed and created
  sample: cf23df2207d99a74fbe169e3eba035e633b65d94
  type: str
key_filename:
  description:
  - The name of the SSL certificate key. The C(key_filename) and C(cert_filename)
    will be similar to each other, however the C(key_filename) will have a C(.key)
    extension.
  returned: created
  sample: cert1.key
  type: str
key_source_path:
  description: Path on BIG-IP where the source of the key is stored.
  returned: created
  sample: /var/config/rest/downloads/cert1.key
  type: str
Got feedback? steampunk@xlab.si | © 2024. All rights reserved.
Cookie policy-Privacy policy-Terms of use-Security policy