utm_ca_host_key_cert – create, update or destroy ca host_key_cert entry in Sophos UTM
New in version 2.8.
Synopsis
- Create, update or destroy a ca host_key_cert entry in SOPHOS UTM.
- This module needs to have the REST Ability of the UTM to be activated.
Parameters
| Parameter | Choices/Defaults | Comments |
|---|---|---|
| ca - / required | A reference to an existing utm_ca_signing_ca or utm_ca_verification_ca object. | |
| certificate - / required | The certificate in PEM format. | |
| comment - | Optional comment string. | |
| encrypted boolean |
| Optionally enable encryption. |
| headers dictionary | A dictionary of additional headers to be sent to POST and PUT requests. Is needed for some modules | |
| key - | Optional private key in PEM format. | |
| meta - / required | A reference to an existing utm_ca_meta_x509 object. | |
| name - / required | The name of the object. Will be used to identify the entry. | |
| state string |
| The desired state of the object. present will create or update an objectabsent will delete an object if it was present |
| utm_host string / required | The REST Endpoint of the Sophos UTM. | |
| utm_port integer | Default: 4444 | The port of the REST interface. |
| utm_protocol string |
| The protocol of the REST Endpoint. |
| utm_token string / required | The token used to identify at the REST-API. See https://www.sophos.com/en-us/medialibrary/PDFs/documentation/UTMonAWS/Sophos-UTM-RESTful-API.pdf?la=en, Chapter 2.4.2. | |
| validate_certs boolean |
| Whether the REST interface's ssl certificate should be verified or not. |
Examples
# Create a ca_host_key_cert entry
- name: utm ca_host_key_cert
utm_ca_host_key_cert:
utm_host: sophos.host.name
utm_token: abcdefghijklmno1234
name: TestHostKeyCertEntry
ca: REF_ca/signing_ca_OBJECT_STRING
meta: REF_ca/meta_x509_OBJECT_STRING
certificate: |
--- BEGIN CERTIFICATE ---
. . .
. . .
. . .
--- END CERTIFICATE ---
state: present
# Remove a ca_host_key_cert entry
- name: utm ca_host_key_cert
utm_ca_host_key_cert:
utm_host: sophos.host.name
utm_token: abcdefghijklmno1234
name: TestHostKeyCertEntry
state: absent
# Read a ca_host_key_cert entry
- name: utm ca_host_key_cert
utm_ca_host_key_cert:
utm_host: sophos.host.name
utm_token: abcdefghijklmno1234
name: TestHostKeyCertEntry
state: info
Return Values
Common return values are documented here, the following are the fields unique to this module:
| Key | Returned | Description | |
|---|---|---|---|
| result complex | success | The utm object that was created | |
| _locked boolean | Whether or not the object is currently locked | ||
| _ref string | The reference name of the object | ||
| _type string | The type of the object | ||
| ca string | A reference to an existing utm_ca_signing_ca or utm_ca_verification_ca object. | ||
| certificate string | The certificate in PEM format | ||
| comment string | Comment string (may be empty string) | ||
| encrypted boolean | If encryption is enabled | ||
| key string | Private key in PEM format (may be empty string) | ||
| meta string | A reference to an existing utm_ca_meta_x509 object. | ||
| name string | The name of the object | ||
Status
- This module is not guaranteed to have a backwards compatible interface. [preview]
- This module is maintained by the Ansible Community. [community]
Authors
- Stephan Schwarz (@stearz)
Hint
If you notice any issues in this documentation you can edit this document to improve it.
© 2012–2018 Michael DeHaan
© 2018–2019 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.8/modules/utm_ca_host_key_cert_module.html