Class: Ansible::Ruby::Modules::Openssl_certificate

Inherits:

Base

• Object
• Ansible::Ruby::Models::Base
• Base
• Ansible::Ruby::Modules::Openssl_certificate

Defined in:

lib/ansible/ruby/modules/generated/crypto/openssl_certificate.rb

Overview

This module allows one to (re)generate OpenSSL certificates. It implements a notion of provider (ie. C(selfsigned), C(ownca), C(acme), C(assertonly)) for your certificate. The ‘assertonly’ provider is intended for use cases where one is only interested in checking properties of a supplied certificate. The ‘ownca’ provider is intended for generate OpenSSL certificate signed with your own CA (Certificate Authority) certificate (self-signed certificate). Many properties that can be specified in this module are for validation of an existing or newly generated certificate. The proper place to specify them, if you want to receive a certificate with these properties is a CSR (Certificate Signing Request). It uses the pyOpenSSL python library to interact with OpenSSL.

Instance Method Summary

• #acme_accountkey_path ⇒ String^?

  Path to the accountkey for the C(acme) provider.

• #acme_chain ⇒ Boolean^?

  Include the intermediate certificate to the generated certificate.

• #acme_challenge_path ⇒ String^?

  Path to the ACME challenge directory that is served on U(http://<HOST>:80/.well-known/acme-challenge/).

• #csr_path ⇒ String^?

  Path to the Certificate Signing Request (CSR) used to generate this certificate.

• #extended_key_usage ⇒ Array<String>, ...

  The I(extended_key_usage) extension field must contain all these values.

• #extended_key_usage_strict ⇒ Symbol^?

  If set to True, the I(extended_key_usage) extension field must contain only these values.

• #force ⇒ Symbol^?

  Generate the certificate, even if it already exists.

• #has_expired ⇒ Symbol^?

  Checks if the certificate is expired/not expired at the time the module is executed.

• #invalid_at ⇒ Object^?

  The certificate must be invalid at this point in time.

• #issuer ⇒ Hash^?

  Key/value pairs that must be present in the issuer name field of the certificate.

• #issuer_strict ⇒ Symbol^?

  If set to True, the I(issuer) field must contain only these values.

• #key_usage ⇒ Array<String>, ...

  The I(key_usage) extension field must contain all these values.

• #key_usage_strict ⇒ Symbol^?

  If set to True, the I(key_usage) extension field must contain only these values.

• #not_after ⇒ Object^?

  The certificate must expire at this point in time.

• #not_before ⇒ Object^?

  The certificate must start to become valid at this point in time.

• #ownca_digest ⇒ String^?

  Digest algorithm to be used for the C(ownca) certificate.

• #ownca_not_after ⇒ Object^?

  The timestamp at which the certificate stops being valid.

• #ownca_not_before ⇒ Object^?

  The timestamp at which the certificate starts being valid.

• #ownca_path ⇒ String^?

  Remote absolute path of the CA (Certificate Authority) certificate.

• #ownca_privatekey_passphrase ⇒ Object^?

  The passphrase for the I(ownca_privatekey_path).

• #ownca_privatekey_path ⇒ String^?

  Path to the CA (Certificate Authority) private key to use when signing the certificate.

• #ownca_version ⇒ Integer^?

  Version of the C(ownca) certificate.

• #path ⇒ String

  Remote absolute path where the generated certificate file should be created or is already located.

• #privatekey_passphrase ⇒ Object^?

  The passphrase for the I(privatekey_path).

• #privatekey_path ⇒ String^?

  Path to the private key to use when signing the certificate.

• #provider ⇒ :selfsigned, ...

  Name of the provider to use to generate/retrieve the OpenSSL certificate.

• #selfsigned_digest ⇒ String^?

  Digest algorithm to be used when self-signing the certificate.

• #selfsigned_not_after ⇒ Object^?

  The timestamp at which the certificate stops being valid.

• #selfsigned_not_before ⇒ Object^?

  The timestamp at which the certificate starts being valid.

• #selfsigned_version ⇒ Integer^?

  Version of the C(selfsigned) certificate.

• #signature_algorithms ⇒ Array<String>, ...

  List of algorithms that you would accept the certificate to be signed with (e.g. [‘sha256WithRSAEncryption’, ‘sha512WithRSAEncryption’]).

• #state ⇒ :present, ...

  Whether the certificate should exist or not, taking action if the state is different from what is stated.

• #subject ⇒ Object^?

  Key/value pairs that must be present in the subject name field of the certificate.

• #subject_alt_name ⇒ Array<String>, ...

  The I(subject_alt_name) extension field must contain these values.

• #subject_alt_name_strict ⇒ Symbol^?

  If set to True, the I(subject_alt_name) extension field must contain only these values.

• #subject_strict ⇒ Symbol^?

  If set to True, the I(subject) field must contain only these values.

• #valid_at ⇒ String^?

  The certificate must be valid at this point in time.

• #valid_in ⇒ Integer^?

  The certificate must still be valid in I(valid_in) seconds from now.

• #version ⇒ Object^?

  Version of the certificate.

Methods inherited from Base

#ansible_name, #to_h

Methods inherited from Ansible::Ruby::Models::Base

attr_option, attr_options, attribute, #initialize, remove_existing_validations, #to_h, validates

Constructor Details

This class inherits a constructor from Ansible::Ruby::Models::Base

Instance Method Details

#acme_accountkey_path ⇒ String^?

# File 'lib/ansible/ruby/modules/generated/crypto/openssl_certificate.rb', line 78

attribute :acme_accountkey_path

#acme_chain ⇒ Boolean^?

# File 'lib/ansible/ruby/modules/generated/crypto/openssl_certificate.rb', line 86

attribute :acme_chain

#acme_challenge_path ⇒ String^?

# File 'lib/ansible/ruby/modules/generated/crypto/openssl_certificate.rb', line 82

attribute :acme_challenge_path

#csr_path ⇒ String^?

# File 'lib/ansible/ruby/modules/generated/crypto/openssl_certificate.rb', line 28

attribute :csr_path

#extended_key_usage ⇒ Array<String>, ...

# File 'lib/ansible/ruby/modules/generated/crypto/openssl_certificate.rb', line 141

attribute :extended_key_usage

#extended_key_usage_strict ⇒ Symbol^?

# File 'lib/ansible/ruby/modules/generated/crypto/openssl_certificate.rb', line 145

attribute :extended_key_usage_strict

#force ⇒ Symbol^?

# File 'lib/ansible/ruby/modules/generated/crypto/openssl_certificate.rb', line 24

attribute :force

#has_expired ⇒ Symbol^?

# File 'lib/ansible/ruby/modules/generated/crypto/openssl_certificate.rb', line 109

attribute :has_expired

#invalid_at ⇒ Object^?

# File 'lib/ansible/ruby/modules/generated/crypto/openssl_certificate.rb', line 120

attribute :invalid_at

#issuer ⇒ Hash^?

# File 'lib/ansible/ruby/modules/generated/crypto/openssl_certificate.rb', line 94

attribute :issuer

#issuer_strict ⇒ Symbol^?

# File 'lib/ansible/ruby/modules/generated/crypto/openssl_certificate.rb', line 98

attribute :issuer_strict

#key_usage ⇒ Array<String>, ...

# File 'lib/ansible/ruby/modules/generated/crypto/openssl_certificate.rb', line 133

attribute :key_usage

#key_usage_strict ⇒ Symbol^?

# File 'lib/ansible/ruby/modules/generated/crypto/openssl_certificate.rb', line 137

attribute :key_usage_strict

#not_after ⇒ Object^?

# File 'lib/ansible/ruby/modules/generated/crypto/openssl_certificate.rb', line 126

attribute :not_after

#not_before ⇒ Object^?

# File 'lib/ansible/ruby/modules/generated/crypto/openssl_certificate.rb', line 123

attribute :not_before

#ownca_digest ⇒ String^?

# File 'lib/ansible/ruby/modules/generated/crypto/openssl_certificate.rb', line 64

attribute :ownca_digest

#ownca_not_after ⇒ Object^?

# File 'lib/ansible/ruby/modules/generated/crypto/openssl_certificate.rb', line 75

attribute :ownca_not_after

#ownca_not_before ⇒ Object^?

# File 'lib/ansible/ruby/modules/generated/crypto/openssl_certificate.rb', line 72

attribute :ownca_not_before

#ownca_path ⇒ String^?

# File 'lib/ansible/ruby/modules/generated/crypto/openssl_certificate.rb', line 53

attribute :ownca_path

#ownca_privatekey_passphrase ⇒ Object^?

# File 'lib/ansible/ruby/modules/generated/crypto/openssl_certificate.rb', line 61

attribute :ownca_privatekey_passphrase

#ownca_privatekey_path ⇒ String^?

# File 'lib/ansible/ruby/modules/generated/crypto/openssl_certificate.rb', line 57

attribute :ownca_privatekey_path

#ownca_version ⇒ Integer^?

# File 'lib/ansible/ruby/modules/generated/crypto/openssl_certificate.rb', line 68

attribute :ownca_version

#path ⇒ String

# File 'lib/ansible/ruby/modules/generated/crypto/openssl_certificate.rb', line 16

attribute :path

#privatekey_passphrase ⇒ Object^?

# File 'lib/ansible/ruby/modules/generated/crypto/openssl_certificate.rb', line 36

attribute :privatekey_passphrase

#privatekey_path ⇒ String^?

# File 'lib/ansible/ruby/modules/generated/crypto/openssl_certificate.rb', line 32

attribute :privatekey_path

#provider ⇒ :selfsigned, ...

# File 'lib/ansible/ruby/modules/generated/crypto/openssl_certificate.rb', line 20

attribute :provider

#selfsigned_digest ⇒ String^?

# File 'lib/ansible/ruby/modules/generated/crypto/openssl_certificate.rb', line 43

attribute :selfsigned_digest

#selfsigned_not_after ⇒ Object^?

# File 'lib/ansible/ruby/modules/generated/crypto/openssl_certificate.rb', line 50

attribute :selfsigned_not_after

#selfsigned_not_before ⇒ Object^?

# File 'lib/ansible/ruby/modules/generated/crypto/openssl_certificate.rb', line 47

attribute :selfsigned_not_before

#selfsigned_version ⇒ Integer^?

# File 'lib/ansible/ruby/modules/generated/crypto/openssl_certificate.rb', line 39

attribute :selfsigned_version

#signature_algorithms ⇒ Array<String>, ...

# File 'lib/ansible/ruby/modules/generated/crypto/openssl_certificate.rb', line 90

attribute :signature_algorithms

#state ⇒ :present, ...

# File 'lib/ansible/ruby/modules/generated/crypto/openssl_certificate.rb', line 12

attribute :state

#subject ⇒ Object^?

# File 'lib/ansible/ruby/modules/generated/crypto/openssl_certificate.rb', line 102

attribute :subject

#subject_alt_name ⇒ Array<String>, ...

# File 'lib/ansible/ruby/modules/generated/crypto/openssl_certificate.rb', line 149

attribute :subject_alt_name

#subject_alt_name_strict ⇒ Symbol^?

# File 'lib/ansible/ruby/modules/generated/crypto/openssl_certificate.rb', line 153

attribute :subject_alt_name_strict

#subject_strict ⇒ Symbol^?

# File 'lib/ansible/ruby/modules/generated/crypto/openssl_certificate.rb', line 105

attribute :subject_strict

#valid_at ⇒ String^?

# File 'lib/ansible/ruby/modules/generated/crypto/openssl_certificate.rb', line 116

attribute :valid_at

#valid_in ⇒ Integer^?

# File 'lib/ansible/ruby/modules/generated/crypto/openssl_certificate.rb', line 129

attribute :valid_in

#version ⇒ Object^?

# File 'lib/ansible/ruby/modules/generated/crypto/openssl_certificate.rb', line 113

attribute :version