dellemc.openmanage.idrac_certificates module – Configure certificates for iDRAC
Note
This module is part of the dellemc.openmanage collection (version 9.9.0).
You might already have this collection installed if you are using the ansible
package.
It is not included in ansible-core
.
To check whether it is installed, run ansible-galaxy collection list
.
To install it, use: ansible-galaxy collection install dellemc.openmanage
.
You need further requirements to be able to use this module,
see Requirements for details.
To use it in a playbook, specify: dellemc.openmanage.idrac_certificates
.
New in dellemc.openmanage 5.5.0
Synopsis
This module allows to generate certificate signing request, import, and export certificates on iDRAC.
Requirements
The below requirements are needed on the host that executes this module.
python >= 3.9.6
Parameters
Parameter |
Comments |
---|---|
The Privacy Enhanced Mail (PEM) file that contains a CA certificate to be used for the validation. |
|
Certificate parameters to generate signing request. |
|
The common name of the certificate. |
|
The country code of the country where the entity applying for certification is located. |
|
The email associated with the CSR. |
|
The city or other location where the entity applying for certification is located. |
|
The name associated with an organization. |
|
The name associated with an organizational unit. For example department name. |
|
The state where the entity applying for certification is located. |
|
The alternative domain names associated with the request. Default: |
|
Absolute path of the certificate file if command is Directory path with write permissions if command is |
|
Type of the iDRAC certificate.
Choices:
|
|
Choices:
|
|
iDRAC IP Address. |
|
iDRAC user password. If the password is not provided, then the environment variable Example: export IDRAC_PASSWORD=password |
|
iDRAC port. Default: |
|
iDRAC username. If the username is not provided, then the environment variable Example: export IDRAC_USERNAME=username |
|
The passphrase string if the certificate to be imported is passphrase protected. |
|
To reset the iDRAC after the certificate operation. This is applicable when command is Choices:
|
|
Redfish ID of the resource. |
|
Absolute path of the private or SSL key file. This is applicable only when command is Uploading the SSL key to iDRAC is supported on firmware version 6.00.02.00 and above. |
|
The socket level timeout in seconds. Default: |
|
If Configure Prior to collection version Choices:
|
|
Maximum wait time for iDRAC to start after the reset, in seconds. This is applicable when command is Default: |
|
Authentication token. If the x_auth_token is not provided, then the environment variable Example: export IDRAC_X_AUTH_TOKEN=x_auth_token |
Notes
Note
The certificate operations are supported on iDRAC firmware version 6.10.80.00 and above.
Run this module from a system that has direct access to Dell iDRAC.
This module supports
check_mode
.This module supports IPv4 and IPv6 addresses.
Examples
---
- name: Generate HTTPS certificate signing request
dellemc.openmanage.idrac_certificates:
idrac_ip: "192.168.0.1"
idrac_user: "user_name"
idrac_password: "user_password"
ca_path: "/path/to/ca_cert.pem"
command: "generate_csr"
certificate_type: "HTTPS"
certificate_path: "/home/omam/mycerts"
cert_params:
common_name: "sample.domain.com"
organization_unit: "OrgUnit"
locality_name: "Bangalore"
state_name: "Karnataka"
country_code: "IN"
email_address: "[email protected]"
organization_name: "OrgName"
subject_alt_name:
- 192.198.2.1
- name: Import a HTTPS certificate.
dellemc.openmanage.idrac_certificates:
idrac_ip: "192.168.0.1"
idrac_user: "user_name"
idrac_password: "user_password"
ca_path: "/path/to/ca_cert.pem"
command: "import"
certificate_type: "HTTPS"
certificate_path: "/path/to/cert.pem"
- name: Import an HTTPS certificate along with its private key.
dellemc.openmanage.idrac_certificates:
idrac_ip: "192.168.0.1"
idrac_user: "user_name"
idrac_password: "user_password"
ca_path: "/path/to/ca_cert.pem"
command: "import"
certificate_type: "HTTPS"
certificate_path: "/path/to/cert.pem"
ssl_key: "/path/to/private_key.pem"
- name: Export a HTTPS certificate.
dellemc.openmanage.idrac_certificates:
idrac_ip: "192.168.0.1"
idrac_user: "user_name"
idrac_password: "user_password"
ca_path: "/path/to/ca_cert.pem"
command: "export"
certificate_type: "HTTPS"
certificate_path: "/home/omam/mycert_dir"
- name: Import a CSC certificate.
dellemc.openmanage.idrac_certificates:
idrac_ip: "192.168.0.1"
idrac_user: "user_name"
idrac_password: "user_password"
ca_path: "/path/to/ca_cert.pem"
command: "import"
certificate_type: "CSC"
certificate_path: "/path/to/cert.pem"
- name: Import a custom certificate with a passphrase.
dellemc.openmanage.idrac_certificates:
idrac_ip: "192.168.0.1"
idrac_user: "user_name"
idrac_password: "user_password"
command: "import"
certificate_type: "CUSTOMCERTIFICATE"
certificate_path: "/path/to/idrac_cert.p12"
passphrase: "cert_passphrase"
reset: false
- name: Export a Client trust certificate.
dellemc.openmanage.idrac_certificates:
idrac_ip: "192.168.0.1"
idrac_user: "user_name"
idrac_password: "user_password"
ca_path: "/path/to/ca_cert.pem"
command: "export"
certificate_type: "CLIENT_TRUST_CERTIFICATE"
certificate_path: "/home/omam/mycert_dir"
Return Values
Common return values are documented here, the following are the fields unique to this module:
Key |
Description |
---|---|
The csr or exported certificate file path Returned: when command is Sample: |
|
Details of the HTTP Error. Returned: on HTTP error Sample: |
|
Status of the certificate configuration operation. Returned: always Sample: |