community.general.utm_ca_host_key_cert module – Create, update or destroy ca host_key_cert entry in Sophos UTM
Note
This module is part of the community.general collection (version 10.1.0).
You might already have this collection installed if you are using the ansible
package.
It is not included in ansible-core
.
To check whether it is installed, run ansible-galaxy collection list
.
To install it, use: ansible-galaxy collection install community.general
.
To use it in a playbook, specify: community.general.utm_ca_host_key_cert
.
Synopsis
Create, update or destroy a ca host_key_cert entry in SOPHOS UTM.
This module needs to have the REST Ability of the UTM to be activated.
Parameters
Parameter |
Comments |
---|---|
A reference to an existing utm_ca_signing_ca or utm_ca_verification_ca object. |
|
The certificate in PEM format. |
|
Optional comment string. |
|
Optionally enable encryption. Choices:
|
|
A dictionary of additional headers to be sent to POST and PUT requests. Is needed for some modules. Default: |
|
Optional private key in PEM format. |
|
A reference to an existing utm_ca_meta_x509 object. |
|
The name of the object. Will be used to identify the entry. |
|
The desired state of the object.
Choices:
|
|
The REST Endpoint of the Sophos UTM. |
|
The port of the REST interface. Default: |
|
The protocol of the REST Endpoint. Choices:
|
|
The token used to identify at the REST-API. See https://www.sophos.com/en-us/medialibrary/PDFs/documentation/UTMonAWS/Sophos-UTM-RESTful-API.pdf?la=en, Chapter 2.4.2. |
|
Whether the REST interface’s ssl certificate should be verified or not. Choices:
|
Attributes
Attribute |
Support |
Description |
---|---|---|
Support: none |
Can run in |
|
Support: none |
Will return details on what has changed (or possibly needs changing in |
Examples
- name: Create a ca_host_key_cert entry
community.general.utm_ca_host_key_cert:
utm_host: sophos.host.name
utm_token: abcdefghijklmno1234
name: TestHostKeyCertEntry
ca: REF_ca/signing_ca_OBJECT_STRING
meta: REF_ca/meta_x509_OBJECT_STRING
certificate: |
--- BEGIN CERTIFICATE ---
. . .
. . .
. . .
--- END CERTIFICATE ---
state: present
- name: Remove a ca_host_key_cert entry
community.general.utm_ca_host_key_cert:
utm_host: sophos.host.name
utm_token: abcdefghijklmno1234
name: TestHostKeyCertEntry
state: absent
- name: Read a ca_host_key_cert entry
community.general.utm_ca_host_key_cert:
utm_host: sophos.host.name
utm_token: abcdefghijklmno1234
name: TestHostKeyCertEntry
state: info
Return Values
Common return values are documented here, the following are the fields unique to this module:
Key |
Description |
---|---|
The utm object that was created Returned: success |
|
Whether or not the object is currently locked Returned: success |
|
The reference name of the object Returned: success |
|
The type of the object Returned: success |
|
A reference to an existing utm_ca_signing_ca or utm_ca_verification_ca object. Returned: success |
|
The certificate in PEM format Returned: success |
|
Comment string (may be empty string) Returned: success |
|
If encryption is enabled Returned: success |
|
Private key in PEM format (may be empty string) Returned: success |
|
A reference to an existing utm_ca_meta_x509 object. Returned: success |
|
The name of the object Returned: success |