community.network.panos_cert_gen_ssh – generates a self-signed certificate using SSH protocol with SSH key

Note

This plugin is part of the community.network collection.

To install it use: ansible-galaxy collection install community.network.

To use it in a playbook, specify: community.network.panos_cert_gen_ssh.

DEPRECATED

Removed in

version 2.0.0

Why

Consolidating code base.

Alternative

Use https://galaxy.ansible.com/PaloAltoNetworks/paloaltonetworks instead.

Synopsis

  • This module generates a self-signed certificate that can be used by GlobalProtect client, SSL connector, or

  • otherwise. Root certificate must be preset on the system first. This module depends on paramiko for ssh.

Requirements

The below requirements are needed on the host that executes this module.

  • paramiko

Parameters

Parameter Choices/Defaults Comments
cert_cn
string / required
Certificate CN (common name) embedded in the certificate signature.
cert_friendly_name
string / required
Human friendly certificate name (not CN but just a friendly name).
ip_address
string / required
IP address (or hostname) of PAN-OS device being configured.
key_filename
string / required
Location of the filename that is used for the auth. Either key_filename or password is required.
password
string / required
Password credentials to use for auth. Either key_filename or password is required.
rsa_nbits
string
Default:
"2048"
Number of bits used by the RSA algorithm for the certificate generation.
signed_by
string / required
Undersigning authority (CA) that MUST already be presents on the device.

Notes

Note

  • Checkmode is not supported.

Examples

# Generates a new self-signed certificate using ssh
- name: Generate self signed certificate
  community.network.panos_cert_gen_ssh:
    ip_address: "192.168.1.1"
    password: "paloalto"
    cert_cn: "1.1.1.1"
    cert_friendly_name: "test123"
    signed_by: "root-ca"

Status

  • This module will be removed in version 2.0.0. [deprecated]

  • For more information see DEPRECATED.

Authors

  • Luigi Mori (@jtschichold), Ivan Bojer (@ivanbojer)