Try Spottergenerates a self-signed certificate using SSH protocol with SSH key
| "added in version" 1.0.0 of paloaltonetworks.panos"
Authors: Luigi Mori (@jtschichold), Ivan Bojer (@ivanbojer)
Install with ansible-galaxy collection install paloaltonetworks.panos:==2.19.1
collections:
- name: paloaltonetworks.panos
version: 2.19.1This module generates a self-signed certificate that can be used by GlobalProtect client, SSL connector, or
otherwise. Root certificate must be preset on the system first. This module depends on paramiko for ssh.
# Generates a new self-signed certificate using ssh
- name: generate self signed certificate
paloaltonetworks.panos.panos_cert_gen_ssh:
ip_address: "192.168.1.1"
username: "admin"
password: "paloalto"
cert_cn: "1.1.1.1"
cert_friendly_name: "test123"
signed_by: "root-ca"
cert_cn:
default: null
description:
- Certificate CN (common name) embedded in the certificate signature.
required: true
type: str
password:
default: null
description:
- Password credentials to use for auth. Either I(key_filename) or I(password) is required.
type: str
username:
default: admin
description:
- User name to use for auth. Default is admin.
required: false
type: str
rsa_nbits:
default: '2048'
description:
- Number of bits used by the RSA algorithm for the certificate generation.
required: false
type: str
signed_by:
default: null
description:
- Undersigning authority (CA) that MUST already be presents on the device.
required: true
type: str
ip_address:
default: null
description:
- IP address (or hostname) of PAN-OS device being configured.
required: true
type: str
key_filename:
default: null
description:
- Location of the filename that is used for the auth. Either I(key_filename) or I(password)
is required.
type: str
cert_friendly_name:
default: null
description:
- Human friendly certificate name (not CN but just a friendly name).
required: true
type: str