utm_ca_host_key_cert – create, update or destroy ca host_key_cert entry in Sophos UTM

New in version 2.8.

Synopsis

  • Create, update or destroy a ca host_key_cert entry in SOPHOS UTM.
  • This module needs to have the REST Ability of the UTM to be activated.

Parameters

Parameter Choices/Defaults Comments
ca
- / required
A reference to an existing utm_ca_signing_ca or utm_ca_verification_ca object.
certificate
- / required
The certificate in PEM format.
comment
-
Optional comment string.
encrypted
boolean
    Choices:
  • no ←
  • yes
Optionally enable encryption.
headers
dictionary
A dictionary of additional headers to be sent to POST and PUT requests.
Is needed for some modules
key
-
Optional private key in PEM format.
meta
- / required
A reference to an existing utm_ca_meta_x509 object.
name
- / required
The name of the object. Will be used to identify the entry.
state
string
    Choices:
  • absent
  • present ←
The desired state of the object.
present will create or update an object
absent will delete an object if it was present
utm_host
string / required
The REST Endpoint of the Sophos UTM.
utm_port
integer
Default:
4444
The port of the REST interface.
utm_protocol
string
    Choices:
  • http
  • https ←
The protocol of the REST Endpoint.
utm_token
string / required
validate_certs
boolean
    Choices:
  • no
  • yes ←
Whether the REST interface's ssl certificate should be verified or not.

Examples

# Create a ca_host_key_cert entry
- name: utm ca_host_key_cert
  utm_ca_host_key_cert:
    utm_host: sophos.host.name
    utm_token: abcdefghijklmno1234
    name: TestHostKeyCertEntry
    ca: REF_ca/signing_ca_OBJECT_STRING
    meta: REF_ca/meta_x509_OBJECT_STRING
    certificate: |
      --- BEGIN CERTIFICATE ---
      . . .
       . . .
      . . .
      --- END CERTIFICATE ---
    state: present

# Remove a ca_host_key_cert entry
- name: utm ca_host_key_cert
  utm_ca_host_key_cert:
    utm_host: sophos.host.name
    utm_token: abcdefghijklmno1234
    name: TestHostKeyCertEntry
    state: absent

# Read a ca_host_key_cert entry
- name: utm ca_host_key_cert
  utm_ca_host_key_cert:
    utm_host: sophos.host.name
    utm_token: abcdefghijklmno1234
    name: TestHostKeyCertEntry
    state: info

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key Returned Description
result
complex
success
The utm object that was created

 
_locked
boolean
Whether or not the object is currently locked

 
_ref
string
The reference name of the object

 
_type
string
The type of the object

 
ca
string
A reference to an existing utm_ca_signing_ca or utm_ca_verification_ca object.

 
certificate
string
The certificate in PEM format

 
comment
string
Comment string (may be empty string)

 
encrypted
boolean
If encryption is enabled

 
key
string
Private key in PEM format (may be empty string)

 
meta
string
A reference to an existing utm_ca_meta_x509 object.

 
name
string
The name of the object



Status

Authors

  • Stephan Schwarz (@stearz)

Hint

If you notice any issues in this documentation, you can edit this document to improve it.