community.general.utm_ca_host_key_cert – create, update or destroy ca host_key_cert entry in Sophos UTM
Note
This plugin is part of the community.general collection (version 1.3.2).
To install it use: ansible-galaxy collection install community.general.
To use it in a playbook, specify: community.general.utm_ca_host_key_cert.
Synopsis
- Create, update or destroy a ca host_key_cert entry in SOPHOS UTM.
- This module needs to have the REST Ability of the UTM to be activated.
Parameters
| Parameter | Choices/Defaults | Comments |
|---|---|---|
| ca
string / required
|
A reference to an existing utm_ca_signing_ca or utm_ca_verification_ca object.
|
|
| certificate
string / required
|
The certificate in PEM format.
|
|
| comment
string
|
Optional comment string.
|
|
| encrypted
boolean
|
|
Optionally enable encryption.
|
| headers
dictionary
|
A dictionary of additional headers to be sent to POST and PUT requests.
Is needed for some modules
|
|
| key
string
|
Optional private key in PEM format.
|
|
| meta
string / required
|
A reference to an existing utm_ca_meta_x509 object.
|
|
| name
string / required
|
The name of the object. Will be used to identify the entry.
|
|
| state
string
|
|
The desired state of the object.
present will create or update an object
absent will delete an object if it was present
|
| utm_host
string / required
|
The REST Endpoint of the Sophos UTM.
|
|
| utm_port
integer
|
Default:
4444
|
The port of the REST interface.
|
| utm_protocol
string
|
|
The protocol of the REST Endpoint.
|
| utm_token
string / required
|
The token used to identify at the REST-API. See https://www.sophos.com/en-us/medialibrary/PDFs/documentation/UTMonAWS/Sophos-UTM-RESTful-API.pdf?la=en, Chapter 2.4.2.
|
|
| validate_certs
boolean
|
|
Whether the REST interface's ssl certificate should be verified or not.
|
Examples
- name: Create a ca_host_key_cert entry
community.general.utm_ca_host_key_cert:
utm_host: sophos.host.name
utm_token: abcdefghijklmno1234
name: TestHostKeyCertEntry
ca: REF_ca/signing_ca_OBJECT_STRING
meta: REF_ca/meta_x509_OBJECT_STRING
certificate: |
--- BEGIN CERTIFICATE ---
. . .
. . .
. . .
--- END CERTIFICATE ---
state: present
- name: Remove a ca_host_key_cert entry
community.general.utm_ca_host_key_cert:
utm_host: sophos.host.name
utm_token: abcdefghijklmno1234
name: TestHostKeyCertEntry
state: absent
- name: Read a ca_host_key_cert entry
community.general.utm_ca_host_key_cert:
utm_host: sophos.host.name
utm_token: abcdefghijklmno1234
name: TestHostKeyCertEntry
state: info
Return Values
Common return values are documented here, the following are the fields unique to this module:
| Key | Returned | Description | |
|---|---|---|---|
| result
complex
|
success |
The utm object that was created
|
|
| _locked
boolean
|
success |
Whether or not the object is currently locked
|
|
| _ref
string
|
success |
The reference name of the object
|
|
| _type
string
|
success |
The type of the object
|
|
| ca
string
|
success |
A reference to an existing utm_ca_signing_ca or utm_ca_verification_ca object.
|
|
| certificate
string
|
success |
The certificate in PEM format
|
|
| comment
string
|
success |
Comment string (may be empty string)
|
|
| encrypted
boolean
|
success |
If encryption is enabled
|
|
| key
string
|
success |
Private key in PEM format (may be empty string)
|
|
| meta
string
|
success |
A reference to an existing utm_ca_meta_x509 object.
|
|
| name
string
|
success |
The name of the object
|
|
Authors
- Stephan Schwarz (@stearz)
© 2012–2018 Michael DeHaan
© 2018–2019 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.10/collections/community/general/utm_ca_host_key_cert_module.html