Class: Ansible::Ruby::Modules::Openssl_csr
- Inherits:
-
Base
- Object
- Ansible::Ruby::Models::Base
- Base
- Ansible::Ruby::Modules::Openssl_csr
- Defined in:
- lib/ansible/ruby/modules/generated/crypto/openssl_csr.rb
Overview
This module allows one to (re)generate OpenSSL certificate signing requests. It uses the pyOpenSSL python library to interact with openssl. This module supports the subjectAltName, keyUsage, extendedKeyUsage, basicConstraints and OCSP Must Staple extensions.
Instance Method Summary collapse
-
#basic_constraints ⇒ Object?
Indicates basic constraints, such as if the certificate is a CA.
-
#basic_constraints_critical ⇒ Object?
Should the basicConstraints extension be considered as critical.
-
#common_name ⇒ String?
CommonName field of the certificate signing request subject.
-
#country_name ⇒ String?
CountryName field of the certificate signing request subject.
-
#digest ⇒ String?
Digest used when signing the certificate signing request with the private key.
-
#email_address ⇒ String?
EmailAddress field of the certificate signing request subject.
-
#extended_key_usage ⇒ Array<String>, ...
Additional restrictions (e.g. client authentication, server authentication) on the allowed purposes for which the public key may be used.,This can either be a ‘comma separated string’ or a YAML list.
-
#extended_key_usage_critical ⇒ Object?
Should the extkeyUsage extension be considered as critical.
-
#force ⇒ Symbol?
Should the certificate signing request be forced regenerated by this ansible module.
-
#key_usage ⇒ Array<String>, ...
This defines the purpose (e.g. encipherment, signature, certificate signing) of the key contained in the certificate.,This can either be a ‘comma separated string’ or a YAML list.
-
#key_usage_critical ⇒ Object?
Should the keyUsage extension be considered as critical.
-
#locality_name ⇒ Object?
LocalityName field of the certificate signing request subject.
-
#ocsp_must_staple ⇒ Boolean?
Indicates that the certificate should contain the OCSP Must Staple extension (U(tools.ietf.org/html/rfc7633)).
-
#ocsp_must_staple_critical ⇒ Object?
Should the OCSP Must Staple extension be considered as critical,Warning: according to the RFC, this extension should not be marked as critical, as old clients not knowing about OCSP Must Staple are required to reject such certificates (see U(tools.ietf.org/html/rfc7633#section-4)).
-
#organization_name ⇒ String?
OrganizationName field of the certificate signing request subject.
-
#organizational_unit_name ⇒ Object?
OrganizationalUnitName field of the certificate signing request subject.
-
#path ⇒ String
Name of the file into which the generated OpenSSL certificate signing request will be written.
-
#privatekey_passphrase ⇒ String?
The passphrase for the privatekey.
-
#privatekey_path ⇒ String
Path to the privatekey to use when signing the certificate signing request.
-
#state ⇒ :present, ...
Whether the certificate signing request should exist or not, taking action if the state is different from what is stated.
-
#state_or_province_name ⇒ Object?
StateOrProvinceName field of the certificate signing request subject.
-
#subject ⇒ Object?
Key/value pairs that will be present in the subject name field of the certificate signing request.,If you need to specify more than one value with the same key, use a list as value.
-
#subject_alt_name ⇒ Array<String>, ...
SAN extension to attach to the certificate signing request,This can either be a ‘comma separated string’ or a YAML list.,Values should be prefixed by their options.
-
#subject_alt_name_critical ⇒ Object?
Should the subjectAltName extension be considered as critical.
-
#version ⇒ Integer?
Version of the certificate signing request.
Methods inherited from Base
Methods inherited from Ansible::Ruby::Models::Base
attr_option, attr_options, attribute, fix_inclusion, #initialize, remove_existing_validations, #to_h, validates
Constructor Details
This class inherits a constructor from Ansible::Ruby::Models::Base
Instance Method Details
#basic_constraints ⇒ Object?
Returns Indicates basic constraints, such as if the certificate is a CA.
89 |
# File 'lib/ansible/ruby/modules/generated/crypto/openssl_csr.rb', line 89 attribute :basic_constraints |
#basic_constraints_critical ⇒ Object?
Returns Should the basicConstraints extension be considered as critical.
92 |
# File 'lib/ansible/ruby/modules/generated/crypto/openssl_csr.rb', line 92 attribute :basic_constraints_critical |
#common_name ⇒ String?
Returns commonName field of the certificate signing request subject.
60 |
# File 'lib/ansible/ruby/modules/generated/crypto/openssl_csr.rb', line 60 attribute :common_name |
#country_name ⇒ String?
Returns countryName field of the certificate signing request subject.
43 |
# File 'lib/ansible/ruby/modules/generated/crypto/openssl_csr.rb', line 43 attribute :country_name |
#digest ⇒ String?
Returns Digest used when signing the certificate signing request with the private key.
16 |
# File 'lib/ansible/ruby/modules/generated/crypto/openssl_csr.rb', line 16 attribute :digest |
#email_address ⇒ String?
Returns emailAddress field of the certificate signing request subject.
64 |
# File 'lib/ansible/ruby/modules/generated/crypto/openssl_csr.rb', line 64 attribute :email_address |
#extended_key_usage ⇒ Array<String>, ...
Returns Additional restrictions (e.g. client authentication, server authentication) on the allowed purposes for which the public key may be used.,This can either be a ‘comma separated string’ or a YAML list.
82 |
# File 'lib/ansible/ruby/modules/generated/crypto/openssl_csr.rb', line 82 attribute :extended_key_usage |
#extended_key_usage_critical ⇒ Object?
Returns Should the extkeyUsage extension be considered as critical.
86 |
# File 'lib/ansible/ruby/modules/generated/crypto/openssl_csr.rb', line 86 attribute :extended_key_usage_critical |
#force ⇒ Symbol?
Returns Should the certificate signing request be forced regenerated by this ansible module.
32 |
# File 'lib/ansible/ruby/modules/generated/crypto/openssl_csr.rb', line 32 attribute :force |
#key_usage ⇒ Array<String>, ...
Returns This defines the purpose (e.g. encipherment, signature, certificate signing) of the key contained in the certificate.,This can either be a ‘comma separated string’ or a YAML list.
75 |
# File 'lib/ansible/ruby/modules/generated/crypto/openssl_csr.rb', line 75 attribute :key_usage |
#key_usage_critical ⇒ Object?
Returns Should the keyUsage extension be considered as critical.
79 |
# File 'lib/ansible/ruby/modules/generated/crypto/openssl_csr.rb', line 79 attribute :key_usage_critical |
#locality_name ⇒ Object?
Returns localityName field of the certificate signing request subject.
50 |
# File 'lib/ansible/ruby/modules/generated/crypto/openssl_csr.rb', line 50 attribute :locality_name |
#ocsp_must_staple ⇒ Boolean?
Returns Indicates that the certificate should contain the OCSP Must Staple extension (U(tools.ietf.org/html/rfc7633)).
95 |
# File 'lib/ansible/ruby/modules/generated/crypto/openssl_csr.rb', line 95 attribute :ocsp_must_staple |
#ocsp_must_staple_critical ⇒ Object?
Returns Should the OCSP Must Staple extension be considered as critical,Warning: according to the RFC, this extension should not be marked as critical, as old clients not knowing about OCSP Must Staple are required to reject such certificates (see U(tools.ietf.org/html/rfc7633#section-4)).
99 |
# File 'lib/ansible/ruby/modules/generated/crypto/openssl_csr.rb', line 99 attribute :ocsp_must_staple_critical |
#organization_name ⇒ String?
Returns organizationName field of the certificate signing request subject.
53 |
# File 'lib/ansible/ruby/modules/generated/crypto/openssl_csr.rb', line 53 attribute :organization_name |
#organizational_unit_name ⇒ Object?
Returns organizationalUnitName field of the certificate signing request subject.
57 |
# File 'lib/ansible/ruby/modules/generated/crypto/openssl_csr.rb', line 57 attribute :organizational_unit_name |
#path ⇒ String
Returns Name of the file into which the generated OpenSSL certificate signing request will be written.
36 |
# File 'lib/ansible/ruby/modules/generated/crypto/openssl_csr.rb', line 36 attribute :path |
#privatekey_passphrase ⇒ String?
Returns The passphrase for the privatekey.
24 |
# File 'lib/ansible/ruby/modules/generated/crypto/openssl_csr.rb', line 24 attribute :privatekey_passphrase |
#privatekey_path ⇒ String
Returns Path to the privatekey to use when signing the certificate signing request.
20 |
# File 'lib/ansible/ruby/modules/generated/crypto/openssl_csr.rb', line 20 attribute :privatekey_path |
#state ⇒ :present, ...
Returns Whether the certificate signing request should exist or not, taking action if the state is different from what is stated.
12 |
# File 'lib/ansible/ruby/modules/generated/crypto/openssl_csr.rb', line 12 attribute :state |
#state_or_province_name ⇒ Object?
Returns stateOrProvinceName field of the certificate signing request subject.
47 |
# File 'lib/ansible/ruby/modules/generated/crypto/openssl_csr.rb', line 47 attribute :state_or_province_name |
#subject ⇒ Object?
Returns Key/value pairs that will be present in the subject name field of the certificate signing request.,If you need to specify more than one value with the same key, use a list as value.
40 |
# File 'lib/ansible/ruby/modules/generated/crypto/openssl_csr.rb', line 40 attribute :subject |
#subject_alt_name ⇒ Array<String>, ...
Returns SAN extension to attach to the certificate signing request,This can either be a ‘comma separated string’ or a YAML list.,Values should be prefixed by their options. (i.e., C(email), C(URI), C(DNS), C(RID), C(IP), C(dirName), C(otherName) and the ones specific to your CA),More at U(tools.ietf.org/html/rfc5280#section-4.2.1.6).
68 |
# File 'lib/ansible/ruby/modules/generated/crypto/openssl_csr.rb', line 68 attribute :subject_alt_name |
#subject_alt_name_critical ⇒ Object?
Returns Should the subjectAltName extension be considered as critical.
72 |
# File 'lib/ansible/ruby/modules/generated/crypto/openssl_csr.rb', line 72 attribute :subject_alt_name_critical |
#version ⇒ Integer?
Returns Version of the certificate signing request.
28 |
# File 'lib/ansible/ruby/modules/generated/crypto/openssl_csr.rb', line 28 attribute :version |