Class: Ansible::Ruby::Modules::Openssl_csr

Inherits:

Base

• Object
• Ansible::Ruby::Models::Base
• Base
• Ansible::Ruby::Modules::Openssl_csr

Defined in:

lib/ansible/ruby/modules/generated/crypto/openssl_csr.rb

Overview

This module allows one to (re)generate OpenSSL certificate signing requests. It uses the pyOpenSSL python library to interact with openssl. This module supports the subjectAltName, keyUsage, extendedKeyUsage, basicConstraints and OCSP Must Staple extensions.

Instance Method Summary

• #basic_constraints ⇒ Object^?

  Indicates basic constraints, such as if the certificate is a CA.

• #basic_constraints_critical ⇒ Object^?

  Should the basicConstraints extension be considered as critical.

• #common_name ⇒ String^?

  CommonName field of the certificate signing request subject.

• #country_name ⇒ String^?

  CountryName field of the certificate signing request subject.

• #digest ⇒ String^?

  Digest used when signing the certificate signing request with the private key.

• #email_address ⇒ String^?

  EmailAddress field of the certificate signing request subject.

• #extended_key_usage ⇒ Array<String>, ...

  Additional restrictions (e.g. client authentication, server authentication) on the allowed purposes for which the public key may be used.,This can either be a ‘comma separated string’ or a YAML list.

• #extended_key_usage_critical ⇒ Object^?

  Should the extkeyUsage extension be considered as critical.

• #force ⇒ Symbol^?

  Should the certificate signing request be forced regenerated by this ansible module.

• #key_usage ⇒ Array<String>, ...

  This defines the purpose (e.g. encipherment, signature, certificate signing) of the key contained in the certificate.,This can either be a ‘comma separated string’ or a YAML list.

• #key_usage_critical ⇒ Object^?

  Should the keyUsage extension be considered as critical.

• #locality_name ⇒ Object^?

  LocalityName field of the certificate signing request subject.

• #ocsp_must_staple ⇒ Boolean^?

  Indicates that the certificate should contain the OCSP Must Staple extension (U(tools.ietf.org/html/rfc7633)).

• #ocsp_must_staple_critical ⇒ Object^?

  Should the OCSP Must Staple extension be considered as critical,Warning: according to the RFC, this extension should not be marked as critical, as old clients not knowing about OCSP Must Staple are required to reject such certificates (see U(tools.ietf.org/html/rfc7633#section-4)).

• #organization_name ⇒ String^?

  OrganizationName field of the certificate signing request subject.

• #organizational_unit_name ⇒ Object^?

  OrganizationalUnitName field of the certificate signing request subject.

• #path ⇒ String

  Name of the file into which the generated OpenSSL certificate signing request will be written.

• #privatekey_passphrase ⇒ String^?

  The passphrase for the privatekey.

• #privatekey_path ⇒ String

  Path to the privatekey to use when signing the certificate signing request.

• #state ⇒ :present, ...

  Whether the certificate signing request should exist or not, taking action if the state is different from what is stated.

• #state_or_province_name ⇒ Object^?

  StateOrProvinceName field of the certificate signing request subject.

• #subject ⇒ Object^?

  Key/value pairs that will be present in the subject name field of the certificate signing request.,If you need to specify more than one value with the same key, use a list as value.

• #subject_alt_name ⇒ Array<String>, ...

  SAN extension to attach to the certificate signing request,This can either be a ‘comma separated string’ or a YAML list.,Values should be prefixed by their options.

• #subject_alt_name_critical ⇒ Object^?

  Should the subjectAltName extension be considered as critical.

• #version ⇒ Integer^?

  Version of the certificate signing request.

Methods inherited from Base

#ansible_name, #to_h

Methods inherited from Ansible::Ruby::Models::Base

attr_option, attr_options, attribute, fix_inclusion, #initialize, remove_existing_validations, #to_h, validates

Constructor Details

This class inherits a constructor from Ansible::Ruby::Models::Base

Instance Method Details

#basic_constraints ⇒ Object^?

Returns Indicates basic constraints, such as if the certificate is a CA.

Returns:

• (Object, nil) —

  Indicates basic constraints, such as if the certificate is a CA.

# File 'lib/ansible/ruby/modules/generated/crypto/openssl_csr.rb', line 89

attribute :basic_constraints

#basic_constraints_critical ⇒ Object^?

Returns Should the basicConstraints extension be considered as critical.

Returns:

• (Object, nil) —

  Should the basicConstraints extension be considered as critical

# File 'lib/ansible/ruby/modules/generated/crypto/openssl_csr.rb', line 92

attribute :basic_constraints_critical

#common_name ⇒ String^?

Returns commonName field of the certificate signing request subject.

Returns:

• (String, nil) —

  commonName field of the certificate signing request subject

# File 'lib/ansible/ruby/modules/generated/crypto/openssl_csr.rb', line 60

attribute :common_name

#country_name ⇒ String^?

Returns countryName field of the certificate signing request subject.

Returns:

• (String, nil) —

  countryName field of the certificate signing request subject

# File 'lib/ansible/ruby/modules/generated/crypto/openssl_csr.rb', line 43

attribute :country_name

#digest ⇒ String^?

Returns Digest used when signing the certificate signing request with the private key.

Returns:

• (String, nil) —

  Digest used when signing the certificate signing request with the private key

# File 'lib/ansible/ruby/modules/generated/crypto/openssl_csr.rb', line 16

attribute :digest

#email_address ⇒ String^?

Returns emailAddress field of the certificate signing request subject.

Returns:

• (String, nil) —

  emailAddress field of the certificate signing request subject

# File 'lib/ansible/ruby/modules/generated/crypto/openssl_csr.rb', line 64

attribute :email_address

#extended_key_usage ⇒ Array<String>, ...

Returns Additional restrictions (e.g. client authentication, server authentication) on the allowed purposes for which the public key may be used.,This can either be a ‘comma separated string’ or a YAML list.

Returns:

• (Array<String>, String, nil) —

  Additional restrictions (e.g. client authentication, server authentication) on the allowed purposes for which the public key may be used.,This can either be a ‘comma separated string’ or a YAML list.

# File 'lib/ansible/ruby/modules/generated/crypto/openssl_csr.rb', line 82

attribute :extended_key_usage

#extended_key_usage_critical ⇒ Object^?

Returns Should the extkeyUsage extension be considered as critical.

Returns:

• (Object, nil) —

  Should the extkeyUsage extension be considered as critical

# File 'lib/ansible/ruby/modules/generated/crypto/openssl_csr.rb', line 86

attribute :extended_key_usage_critical

#force ⇒ Symbol^?

Returns Should the certificate signing request be forced regenerated by this ansible module.

Returns:

• (Symbol, nil) —

  Should the certificate signing request be forced regenerated by this ansible module

# File 'lib/ansible/ruby/modules/generated/crypto/openssl_csr.rb', line 32

attribute :force

#key_usage ⇒ Array<String>, ...

Returns This defines the purpose (e.g. encipherment, signature, certificate signing) of the key contained in the certificate.,This can either be a ‘comma separated string’ or a YAML list.

Returns:

• (Array<String>, String, nil) —

  This defines the purpose (e.g. encipherment, signature, certificate signing) of the key contained in the certificate.,This can either be a ‘comma separated string’ or a YAML list.

# File 'lib/ansible/ruby/modules/generated/crypto/openssl_csr.rb', line 75

attribute :key_usage

#key_usage_critical ⇒ Object^?

Returns Should the keyUsage extension be considered as critical.

Returns:

• (Object, nil) —

  Should the keyUsage extension be considered as critical

# File 'lib/ansible/ruby/modules/generated/crypto/openssl_csr.rb', line 79

attribute :key_usage_critical

#locality_name ⇒ Object^?

Returns localityName field of the certificate signing request subject.

Returns:

• (Object, nil) —

  localityName field of the certificate signing request subject

# File 'lib/ansible/ruby/modules/generated/crypto/openssl_csr.rb', line 50

attribute :locality_name

#ocsp_must_staple ⇒ Boolean^?

Returns Indicates that the certificate should contain the OCSP Must Staple extension (U(tools.ietf.org/html/rfc7633)).

Returns:

• (Boolean, nil) —

  Indicates that the certificate should contain the OCSP Must Staple extension (U(tools.ietf.org/html/rfc7633)).

# File 'lib/ansible/ruby/modules/generated/crypto/openssl_csr.rb', line 95

attribute :ocsp_must_staple

#ocsp_must_staple_critical ⇒ Object^?

Returns Should the OCSP Must Staple extension be considered as critical,Warning: according to the RFC, this extension should not be marked as critical, as old clients not knowing about OCSP Must Staple are required to reject such certificates (see U(tools.ietf.org/html/rfc7633#section-4)).

Returns:

• (Object, nil) —

  Should the OCSP Must Staple extension be considered as critical,Warning: according to the RFC, this extension should not be marked as critical, as old clients not knowing about OCSP Must Staple are required to reject such certificates (see U(tools.ietf.org/html/rfc7633#section-4)).

# File 'lib/ansible/ruby/modules/generated/crypto/openssl_csr.rb', line 99

attribute :ocsp_must_staple_critical

#organization_name ⇒ String^?

Returns organizationName field of the certificate signing request subject.

Returns:

• (String, nil) —

  organizationName field of the certificate signing request subject

# File 'lib/ansible/ruby/modules/generated/crypto/openssl_csr.rb', line 53

attribute :organization_name

#organizational_unit_name ⇒ Object^?

Returns organizationalUnitName field of the certificate signing request subject.

Returns:

• (Object, nil) —

  organizationalUnitName field of the certificate signing request subject

# File 'lib/ansible/ruby/modules/generated/crypto/openssl_csr.rb', line 57

attribute :organizational_unit_name

#path ⇒ String

Returns Name of the file into which the generated OpenSSL certificate signing request will be written.

Returns:

• (String) —

  Name of the file into which the generated OpenSSL certificate signing request will be written

# File 'lib/ansible/ruby/modules/generated/crypto/openssl_csr.rb', line 36

attribute :path

#privatekey_passphrase ⇒ String^?

Returns The passphrase for the privatekey.

Returns:

• (String, nil) —

  The passphrase for the privatekey.

# File 'lib/ansible/ruby/modules/generated/crypto/openssl_csr.rb', line 24

attribute :privatekey_passphrase

#privatekey_path ⇒ String

Returns Path to the privatekey to use when signing the certificate signing request.

Returns:

• (String) —

  Path to the privatekey to use when signing the certificate signing request

# File 'lib/ansible/ruby/modules/generated/crypto/openssl_csr.rb', line 20

attribute :privatekey_path

#state ⇒ :present, ...

Returns Whether the certificate signing request should exist or not, taking action if the state is different from what is stated.

Returns:

• (:present, :absent, nil) —

  Whether the certificate signing request should exist or not, taking action if the state is different from what is stated.

# File 'lib/ansible/ruby/modules/generated/crypto/openssl_csr.rb', line 12

attribute :state

#state_or_province_name ⇒ Object^?

Returns stateOrProvinceName field of the certificate signing request subject.

Returns:

• (Object, nil) —

  stateOrProvinceName field of the certificate signing request subject

# File 'lib/ansible/ruby/modules/generated/crypto/openssl_csr.rb', line 47

attribute :state_or_province_name

#subject ⇒ Object^?

Returns Key/value pairs that will be present in the subject name field of the certificate signing request.,If you need to specify more than one value with the same key, use a list as value.

Returns:

• (Object, nil) —

  Key/value pairs that will be present in the subject name field of the certificate signing request.,If you need to specify more than one value with the same key, use a list as value.

# File 'lib/ansible/ruby/modules/generated/crypto/openssl_csr.rb', line 40

attribute :subject

#subject_alt_name ⇒ Array<String>, ...

Returns SAN extension to attach to the certificate signing request,This can either be a ‘comma separated string’ or a YAML list.,Values should be prefixed by their options. (i.e., C(email), C(URI), C(DNS), C(RID), C(IP), C(dirName), C(otherName) and the ones specific to your CA),More at U(tools.ietf.org/html/rfc5280#section-4.2.1.6).

Returns:

• (Array<String>, String, nil) —

  SAN extension to attach to the certificate signing request,This can either be a ‘comma separated string’ or a YAML list.,Values should be prefixed by their options. (i.e., C(email), C(URI), C(DNS), C(RID), C(IP), C(dirName), C(otherName) and the ones specific to your CA),More at U(tools.ietf.org/html/rfc5280#section-4.2.1.6)

# File 'lib/ansible/ruby/modules/generated/crypto/openssl_csr.rb', line 68

attribute :subject_alt_name

#subject_alt_name_critical ⇒ Object^?

Returns Should the subjectAltName extension be considered as critical.

Returns:

• (Object, nil) —

  Should the subjectAltName extension be considered as critical

# File 'lib/ansible/ruby/modules/generated/crypto/openssl_csr.rb', line 72

attribute :subject_alt_name_critical

#version ⇒ Integer^?

Returns Version of the certificate signing request.

Returns:

• (Integer, nil) —

  Version of the certificate signing request

# File 'lib/ansible/ruby/modules/generated/crypto/openssl_csr.rb', line 28

attribute :version