panos_cert_gen_ssh - generates a self-signed certificate using SSH protocol with SSH key
New in version 2.3.
Synopsis
- This module generates a self-signed certificate that can be used by GlobalProtect client, SSL connector, or
- otherwise. Root certificate must be preset on the system first. This module depends on paramiko for ssh.
Requirements
The below requirements are needed on the host that executes this module.
- paramiko
Parameters
| Parameter | Choices/Defaults | Comments |
|---|---|---|
| cert_cn
required
|
Certificate CN (common name) embedded in the certificate signature.
|
|
| cert_friendly_name
required
|
Human friendly certificate name (not CN but just a friendly name).
|
|
| ip_address
required
|
IP address (or hostname) of PAN-OS device being configured.
|
|
| key_filename
required
|
Location of the filename that is used for the auth. Either key_filename or password is required.
|
|
| password
required
|
Password credentials to use for auth. Either key_filename or password is required.
|
|
| rsa_nbits | Default:
"2048"
|
Number of bits used by the RSA algorithm for the certificate generation.
|
| signed_by
required
|
Undersigning authority (CA) that MUST already be presents on the device.
|
Notes
Note
- Checkmode is not supported.
Examples
# Generates a new self-signed certificate using ssh
- name: generate self signed certificate
panos_cert_gen_ssh:
ip_address: "192.168.1.1"
password: "paloalto"
cert_cn: "1.1.1.1"
cert_friendly_name: "test123"
signed_by: "root-ca"
Status
This module is flagged as preview which means that it is not guaranteed to have a backwards compatible interface.
Maintenance
This module is flagged as community which means that it is maintained by the Ansible Community. See Module Maintenance & Support for more info.
For a list of other modules that are also maintained by the Ansible Community, see here.
Author
- Luigi Mori (@jtschichold), Ivan Bojer (@ivanbojer)
Hint
If you notice any issues in this documentation you can edit this document to improve it.
© 2012–2018 Michael DeHaan
© 2018–2019 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.6/modules/panos_cert_gen_ssh_module.html