community.general.utm_ca_host_key_cert – create, update or destroy ca host_key_cert entry in Sophos UTM

Note

This plugin is part of the community.general collection.

To install it use: ansible-galaxy collection install community.general.

To use it in a playbook, specify: community.general.utm_ca_host_key_cert.

Synopsis

  • Create, update or destroy a ca host_key_cert entry in SOPHOS UTM.

  • This module needs to have the REST Ability of the UTM to be activated.

Parameters

Parameter Choices/Defaults Comments
ca
string / required
A reference to an existing utm_ca_signing_ca or utm_ca_verification_ca object.
certificate
string / required
The certificate in PEM format.
comment
string
Optional comment string.
encrypted
boolean
    Choices:
  • no ←
  • yes
Optionally enable encryption.
headers
dictionary
A dictionary of additional headers to be sent to POST and PUT requests.
Is needed for some modules
key
string
Optional private key in PEM format.
meta
string / required
A reference to an existing utm_ca_meta_x509 object.
name
string / required
The name of the object. Will be used to identify the entry.
state
string
    Choices:
  • absent
  • present ←
The desired state of the object.
present will create or update an object
absent will delete an object if it was present
utm_host
string / required
The REST Endpoint of the Sophos UTM.
utm_port
integer
Default:
4444
The port of the REST interface.
utm_protocol
string
    Choices:
  • http
  • https ←
The protocol of the REST Endpoint.
utm_token
string / required
validate_certs
boolean
    Choices:
  • no
  • yes ←
Whether the REST interface's ssl certificate should be verified or not.

Examples

- name: Create a ca_host_key_cert entry
  community.general.utm_ca_host_key_cert:
    utm_host: sophos.host.name
    utm_token: abcdefghijklmno1234
    name: TestHostKeyCertEntry
    ca: REF_ca/signing_ca_OBJECT_STRING
    meta: REF_ca/meta_x509_OBJECT_STRING
    certificate: |
      --- BEGIN CERTIFICATE ---
      . . .
       . . .
      . . .
      --- END CERTIFICATE ---
    state: present

- name: Remove a ca_host_key_cert entry
  community.general.utm_ca_host_key_cert:
    utm_host: sophos.host.name
    utm_token: abcdefghijklmno1234
    name: TestHostKeyCertEntry
    state: absent

- name: Read a ca_host_key_cert entry
  community.general.utm_ca_host_key_cert:
    utm_host: sophos.host.name
    utm_token: abcdefghijklmno1234
    name: TestHostKeyCertEntry
    state: info

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key Returned Description
result
complex
success
The utm object that was created

 
_locked
boolean
success
Whether or not the object is currently locked

 
_ref
string
success
The reference name of the object

 
_type
string
success
The type of the object

 
ca
string
success
A reference to an existing utm_ca_signing_ca or utm_ca_verification_ca object.

 
certificate
string
success
The certificate in PEM format

 
comment
string
success
Comment string (may be empty string)

 
encrypted
boolean
success
If encryption is enabled

 
key
string
success
Private key in PEM format (may be empty string)

 
meta
string
success
A reference to an existing utm_ca_meta_x509 object.

 
name
string
success
The name of the object



Authors

  • Stephan Schwarz (@stearz)