Note
This plugin is part of the community.crypto collection (version 1.4.0).
To install it use: ansible-galaxy collection install community.crypto
.
To use it in a playbook, specify: community.crypto.openssl_signature
.
New in version 1.1.0: of community.crypto
The below requirements are needed on the host that executes this module.
Parameter | Choices/Defaults | Comments |
---|---|---|
path path / required | The file to sign. This file will only be read and not modified. | |
privatekey_content string | The content of the private key to use when signing the certificate signing request. Either privatekey_path or privatekey_content must be specified, but not both. | |
privatekey_passphrase string | The passphrase for the private key. This is required if the private key is password protected. | |
privatekey_path path | The path to the private key to use when signing. Either privatekey_path or privatekey_content must be specified, but not both. | |
select_crypto_backend string |
| Determines which crypto backend to use. The default choice is auto , which tries to use cryptography if available, and falls back to pyopenssl .If set to pyopenssl , will try to use the pyOpenSSL library.If set to cryptography , will try to use the cryptography library. |
Note
cryptography
backend, the following key types require at least the following cryptography
version: RSA keys: cryptography
>= 1.4 DSA and ECDSA keys: cryptography
>= 1.5 ed448 and ed25519 keys: cryptography
>= 2.6See also
The official documentation on the community.crypto.openssl_signature_info module.
The official documentation on the community.crypto.openssl_privatekey module.
- name: Sign example file community.crypto.openssl_signature: privatekey_path: private.key path: /tmp/example_file register: sig - name: Verify signature of example file community.crypto.openssl_signature_info: certificate_path: cert.pem path: /tmp/example_file signature: "{{ sig.signature }}" register: verify - name: Make sure the signature is valid assert: that: - verify.valid
Common return values are documented here, the following are the fields unique to this module:
Key | Returned | Description |
---|---|---|
signature string | success | Base64 encoded signature. |
© 2012–2018 Michael DeHaan
© 2018–2021 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.11/collections/community/crypto/openssl_signature_module.html