bigip_ssl_key_cert – Import/Delete SSL keys and certs from BIG-IP¶
New in version 1.0.0.
Synopsis¶
- This module imports/deletes SSL keys and certificates on a BIG-IP. Keys can be imported from key files on the local disk, in PEM format. Certificates can be imported from certificate and key files on the local disk, in PEM format.
Parameters¶
Parameter | Choices/Defaults | Configuration | Comments |
---|---|---|---|
cert_content
string
|
Sets the contents of a certificate directly to the specified value, used with lookup plugins, or for anything with formatting or templating.
Parameter must be provided when
state is present . |
||
cert_name
string
|
SSL Certificate Name. This is the cert name used when importing a certificate into the BIG-IP. It also determines the filenames of the objects on the LTM.
|
||
issuer_cert
string
|
Issuer certificate used for OCSP monitoring.
This parameter is only valid on versions of BIG-IP 13.0.0 or above.
|
||
key_content
string
|
Sets the contents of a key directly to the specified value, used with lookup plugins, or for anything with formatting or templating.
Parameter must be provided when
state is present . |
||
key_name
string
|
The name of the key.
|
||
partition
string
|
Default: "Common"
|
Device partition on which to manage resources.
|
|
passphrase
string
|
Passphrase on key.
|
||
state
string
|
|
When
present , ensures the key and/or cert is uploaded to the device.When
absent , ensures the key and/or cert is removed from the device. If the key and/or cert is currently in use, the module will not be able to remove the key. |
|
true_names
boolean
added in 2.1.0 |
|
If
true , then the module does not append the .crt and .key extensions to the given certificate and key names.If
false , then the module appends the .crt and .key extensions to the given certificate and key names. |
Examples¶
- name: Import both key and cert
bigip_ssl_key_cert:
key_content: "{{ lookup('file', 'key.pem') }}"
key_name: cert1
cert_content: "{{ lookup('file', 'cert.pem') }}"
cert_name: cert1
state: present
- name: Import cert and key without appending .crt and .key extensions
bigip_ssl_key_cert:
key_content: "{{ lookup('file', 'key.pem') }}"
key_name: key1
cert_content: "{{ lookup('file', 'cert.pem') }}"
cert_name: cert1
true_names: true
state: present