Last updated on: 2024-04-01 03:24:20.

bigip_ssl_key_cert – Import/Delete SSL keys and certs from BIG-IP

New in version 1.0.0.

Synopsis

  • This module imports/deletes SSL keys and certificates on a BIG-IP. Keys can be imported from key files on the local disk, in PEM format. Certificates can be imported from certificate and key files on the local disk, in PEM format.

Parameters

Parameter Choices/Defaults Configuration Comments
cert_content
string
Sets the contents of a certificate directly to the specified value, used with lookup plugins, or for anything with formatting or templating.
Parameter must be provided when state is present.
cert_name
string
SSL Certificate Name. This is the cert name used when importing a certificate into the BIG-IP. It also determines the filenames of the objects on the LTM.
issuer_cert
string
Issuer certificate used for OCSP monitoring.
This parameter is only valid on versions of BIG-IP 13.0.0 or above.
key_content
string
Sets the contents of a key directly to the specified value, used with lookup plugins, or for anything with formatting or templating.
Parameter must be provided when state is present.
key_name
string
The name of the key.
partition
string
Default:
"Common"
Device partition on which to manage resources.
passphrase
string
Passphrase on key.
state
string
    Choices:
  • present ←
  • absent
When present, ensures the key and/or cert is uploaded to the device.
When absent, ensures the key and/or cert is removed from the device. If the key and/or cert is currently in use, the module will not be able to remove the key.
true_names
boolean
added in 2.1.0
    Choices:
  • no ←
  • yes
If true, then the module does not append the .crt and .key extensions to the given certificate and key names.
If false, then the module appends the .crt and .key extensions to the given certificate and key names.

Examples

- name: Import both key and cert
  bigip_ssl_key_cert:
    key_content: "{{ lookup('file', 'key.pem') }}"
    key_name: cert1
    cert_content: "{{ lookup('file', 'cert.pem') }}"
    cert_name: cert1
    state: present

- name: Import cert and key without appending .crt and .key extensions
  bigip_ssl_key_cert:
    key_content: "{{ lookup('file', 'key.pem') }}"
    key_name: key1
    cert_content: "{{ lookup('file', 'cert.pem') }}"
    cert_name: cert1
    true_names: true
    state: present

Status

Authors

  • Nitin Khanna (@nitinthewiz)
  • Wojciech Wypior (@wojtek0806)