freeipa / freeipa.ansible_freeipa / 1.8.4 / module / ipaserver_setup_ca Setup CA Authors: Thomas Woerner preview | supported by communityfreeipa.ansible_freeipa.ipaserver_setup_ca (1.8.4) — module
Install with ansible-galaxy collection install freeipa.ansible_freeipa:==1.8.4
collections: - name: freeipa.ansible_freeipa version: 1.8.4
Setup CA
idmax: description: The max value for the IDs range (default idstart+199999) required: false realm: description: Kerberos realm name of the IPA deployment required: false domain: description: Primary DNS domain of the IPA deployment required: false idstart: description: The starting value for the IDs range (default random) required: false hostname: description: Fully qualified name of this host required: true password: description: Admin user kerberos password required: false setup_ca: description: Configure a dogtag CA required: true no_pkinit: description: Disable pkinit setup steps required: true setup_dns: description: Configure bind with our zone required: true setup_kra: description: Configure a dogtag KRA required: true ca_subject: description: The installer ca_subject setting required: true no_reverse: description: Do not create new reverse DNS zone required: true _ca_subject: description: The installer _ca_subject setting required: true dm_password: description: Directory Manager password required: false domainlevel: description: The domain level required: true external_ca: description: External ca setting required: true no_host_dns: description: Do not use DNS for hostname lookup during installation required: true ip_addresses: description: List of Master Server IP Addresses required: true subject_base: description: The certificate subject base (default O=<realm-name>). RDNs are in LDAP order (most specific RDN first). required: true _http_ca_cert: description: The installer _http_ca_cert setting required: true _subject_base: description: The installer _subject_base setting required: true no_hbac_allow: description: Don't install allow_all HBAC rule required: true reverse_zones: description: The reverse DNS zones to use required: true setup_adtrust: description: Configure AD trust capability required: true auto_forwarders: description: Use DNS forwarders configured in /etc/resolv.conf required: true master_password: description: kerberos master password (normally autogenerated) required: false external_ca_type: description: Type of the external CA required: true dirsrv_cert_files: description: Files containing the Directory Server SSL certificate and private key required: true dirsrv_config_file: description: The path to LDIF file that will be used to modify configuration of dse.ldif during installation of the directory server instance required: true _dirsrv_pkcs12_info: description: The installer _dirsrv_pkcs12_info setting required: true external_ca_profile: description: Specify the certificate profile/template to use at the external CA required: true external_cert_files: description: File containing the IPA CA certificate and the external CA certificate chain required: true pki_config_override: description: Path to ini file with config overrides required: true ca_signing_algorithm: description: Signing algorithm of the IPA CA certificate required: true _random_serial_numbers: description: The installer _random_serial_numbers setting required: true