W3cubDocs

/Ansible 2.10

community.general.java_keystore – Create or delete a Java keystore in JKS format.

Note

This plugin is part of the community.general collection.

To install it use: ansible-galaxy collection install community.general.

To use it in a playbook, specify: community.general.java_keystore.

Synopsis
Requirements
Parameters
Examples
Return Values

Synopsis

Create or delete a Java keystore in JKS format for a given certificate.

Requirements

The below requirements are needed on the host that executes this module.

openssl
keytool

Parameters

Parameter	Choices/Defaults	Comments
certificate string / required		Certificate that should be used to create the key store.
dest string / required		Absolute path where the jks should be generated.
force boolean	Choices: no ← yes	Key store will be created even if it already exists.
group string		Name of the group that should own jks file.
mode string		Mode the file should be.
name string / required		Name of the certificate.
owner string		Name of the user that should own jks file.
password string / required		Password that should be used to secure the key store.
private_key string / required		Private key that should be used to create the key store.
private_key_passphrase string added in 0.2.0 of community.general		Pass phrase for reading the private key, if required.

Examples

- name: Create a key store for the given certificate (inline)
  community.general.java_keystore:
    name: example
    certificate: |
      -----BEGIN CERTIFICATE-----
      h19dUZ2co2fI/ibYiwxWk4aeNE6KWvCaTQOMQ8t6Uo2XKhpL/xnjoAgh1uCQN/69
      MG+34+RhUWzCfdZH7T8/qDxJw2kEPKluaYh7KnMsba+5jHjmtzix5QIDAQABo4IB
      -----END CERTIFICATE-----
    private_key: |
      -----BEGIN RSA PRIVATE KEY-----
      DBVFTEVDVFJJQ0lURSBERSBGUkFOQ0UxFzAVBgNVBAsMDjAwMDIgNTUyMDgxMzE3
      GLlDNMw/uHyME7gHFsqJA7O11VY6O5WQ4IDP3m/s5ZV6s+Nn6Lerz17VZ99
      -----END RSA PRIVATE KEY-----
    password: changeit
    dest: /etc/security/keystore.jks

- name: Create a key store for the given certificate (lookup)
  community.general.java_keystore:
    name: example
    certificate: "{{lookup('file', '/path/to/certificate.crt') }}"
    private_key: "{{lookup('file', '/path/to/private.key') }}"
    password: changeit
    dest: /etc/security/keystore.jks

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key	Returned	Description
cmd string	changed and failure	Executed command to get action done Sample: openssl x509 -noout -in /tmp/cert.crt -fingerprint -sha256
msg string	changed and failure	Output from stdout of keytool/openssl command after execution of given command or an error. Sample: Unable to find the current certificate fingerprint in ...
rc integer	changed and failure	keytool/openssl command execution return value Sample: 0

Authors

Guillaume Grossetie (@Mogztter)

© 2012–2018 Michael DeHaan
© 2018–2019 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.10/collections/community/general/java_keystore_module.html