XLAB Steampunk logo Try Spotter
 / home / maxhoesel / maxhoesel.smallstep / 0.24.5 / module / step_ca_revoke

maxhoesel.smallstep.step_ca_revoke (0.24.5) — module

Revoke a Certificate

| "added in version" 0.3.0 of maxhoesel.smallstep"

Authors: Max Hösel (@maxhoesel)

Install collection | Add to requirements.yml | Description | Requirements | Usage examples | Inputs

Install collection

Install with ansible-galaxy collection install maxhoesel.smallstep:==0.24.5


Add to requirements.yml

  collections:
    - name: maxhoesel.smallstep
      version: 0.24.5

Description

Revoke a Certificate


Requirements

Usage examples

Scanned by Steampunk Spotter
  • Success
    Steampunk Spotter scan finished with no errors, warnings or hints.
# See https://smallstep.com/docs/step-cli/reference/ca/revoke for more examples

- name: Revoke a local certificate
  maxhoesel.smallstep.step_ca_revoke:
    cert: internal.crt
    key: internal.key
    ca_url: https://ca.smallstep.com:9000
Scanned by Steampunk Spotter
  • Success
    Steampunk Spotter scan finished with no errors, warnings or hints.
- name: Revoke a certificate via serial number
  maxhoesel.smallstep.step_ca_revoke:
    serial_number: 308893286343609293989051180431574390766
    ca_url: https://ca.smallstep.com:9000
    token: "{{ ca_token }}"

Inputs

    
key:
    description: The path to the key corresponding to the cert that should be revoked.
      Can be let empty if I(serial_number) is defined.
    type: path

cert:
    description: The path to the cert that should be revoked. Can be let empty if I(serial_number)
      is defined.
    type: path

root:
    description: 'The path to the PEM file used as the root certificate authority. Used
      if the module is run in online mode (default) and the hosts C(step-cli) is not configured
      to trust the CA.

      '
    type: path

token:
    description: The one-time token used to authenticate with the CA in order to revoke
      the certificate.
    type: str

ca_url:
    description: 'URI of the targeted Step Certificate Authority. Used if the module is
      run in online mode (default) and the hosts C(step-cli) is not configured to trust
      the CA.

      '
    type: str

reason:
    description: The string representing the reason for which the cert is being revoked.
    type: str

offline:
    description: 'Don''t contact the CA. Offline mode uses the configuration, certificates,
      and keys created with step ca init, but can accept a different configuration file
      using the I(ca_config) flag.

      '
    type: bool

ca_config:
    description: The path to the certificate authority configuration file on the host.
    type: path

reason_code:
    description: 'The reasonCode specifies the reason for revocation - chose from a list
      of common revocation reasons. If unset, the default is Unspecified. See https://smallstep.com/docs/step-cli/reference/ca/revoke
      for more details

      '
    type: int

serial_number:
    description: 'The serial number of the certificate that should be revoked. Can be
      left blank when using I(cert) and I(key) params for revocation over mTLS.

      '
    type: int

step_cli_executable:
    default: step-cli
    description: Name (or absolute path) of the C(step-cli) executable to use
    type: path
Got feedback? steampunk@xlab.si | © 2024. All rights reserved.
Cookie policy-Privacy policy-Terms of use-Security policy