You are reading an unmaintained version of the Ansible documentation. Unmaintained Ansible versions can contain unfixed security vulnerabilities (CVE). Please upgrade to a maintained version. See the latest Ansible documentation.

hetzner.hcloud.hcloud_certificate module – Create and manage certificates on the Hetzner Cloud.

Note

This module is part of the hetzner.hcloud collection (version 1.16.0).

You might already have this collection installed if you are using the ansible package. It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it, use: ansible-galaxy collection install hetzner.hcloud. You need further requirements to be able to use this module, see Requirements for details.

To use it in a playbook, specify: hetzner.hcloud.hcloud_certificate.

Synopsis

• Create, update and manage certificates on the Hetzner Cloud.

Requirements

The below requirements are needed on the host that executes this module.

• python-dateutil >= 2.7.5

• requests >=2.20

Parameters

Parameter	Comments
api_token string / required	This is the API Token for the Hetzner Cloud. You can also set this option by using the environment variable HCLOUD_TOKEN
certificate string	Certificate and chain in PEM format, in order so that each record directly certifies the one preceding. Required if certificate does not exist.
domain_names list / elements=string	Certificate key in PEM format. Required if certificate does not exist. Default: []
endpoint string	This is the API Endpoint for the Hetzner Cloud. Default: "https://api.hetzner.cloud/v1"
id integer	The ID of the Hetzner Cloud certificate to manage. Only required if no certificate name is given
labels dictionary	User-defined labels (key-value pairs)
name string	The Name of the Hetzner Cloud certificate to manage. Only required if no certificate id is given or a certificate does not exist.
private_key string	Certificate key in PEM format. Required if certificate does not exist.
state string	State of the certificate. Choices: "absent" "present" ← (default)
type string	Choose between uploading a Certificate in PEM format or requesting a managed Let’s Encrypt Certificate. Choices: "uploaded" ← (default) "managed"

See Also

See also

Documentation for Hetzner Cloud API

Complete reference for the Hetzner Cloud API.

Examples

- name: Create a basic certificate
  hcloud_certificate:
    name: my-certificate
    certificate: "ssh-rsa AAAjjk76kgf...Xt"
    private_key: "ssh-rsa AAAjjk76kgf...Xt"
    state: present

- name: Create a certificate with labels
  hcloud_certificate:
    name: my-certificate
    certificate: "ssh-rsa AAAjjk76kgf...Xt"
    private_key: "ssh-rsa AAAjjk76kgf...Xt"
    labels:
        key: value
        mylabel: 123
    state: present

- name: Ensure the certificate is absent (remove if needed)
  hcloud_certificate:
    name: my-certificate
    state: absent

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key	Description
hcloud_certificate complex	The certificate instance Returned: Always
certificate string	Certificate and chain in PEM format Returned: always Sample: "-----BEGIN CERTIFICATE-----..."
domain_names dictionary	List of Domains and Subdomains covered by the Certificate Returned: always
fingerprint string	Fingerprint of the certificate Returned: always Sample: "03:c7:55:9b:2a:d1:04:17:09:f6:d0:7f:18:34:63:d4:3e:5f"
id integer	Numeric identifier of the certificate Returned: always Sample: 1937415
labels dictionary	User-defined labels (key-value pairs) Returned: always
name string	Name of the certificate Returned: always Sample: "my website cert"
not_valid_after string	Point in time when the Certificate stops being valid (in ISO-8601 format) Returned: always
not_valid_before string	Point in time when the Certificate becomes valid (in ISO-8601 format) Returned: always

Authors

• Lukas Kaemmerling (@lkaemmerling)

Collection links

• Issue Tracker
• Repository (Sources)