Ejemplo n.º 1
0
def main():

    BASE_MODULE_ARGS = dict(cadir=dict(default="/etc/certs"),
                            certname=dict(required=True),
                            store_password=dict(required=True),
                            hosts_to_trust=dict(required=True, type="list"),
                            state=dict(default="present",
                                       choices=["present", "absent"]),
                            certtype=dict(required=False,
                                          default="truststore",
                                          choices=["truststore", "keystore"]))

    module = AnsibleModule(argument_spec=BASE_MODULE_ARGS,
                           supports_check_mode=True)

    keytool = Keytool(
        module.params["cadir"],
        module.params["certname"],
        module.params["store_password"],
        module.params["hosts_to_trust"],
        module.params["certtype"],
    )

    isValid = keytool.validate()

    if isValid["success"]:
        if module.params["state"] == "present":
            isValid = keytool.build_trust_store()
        else:
            isValid = keytool.remove_trust_store()

    if not isValid["success"]:
        module.fail_json(msg=isValid["msg"])
    else:
        module.exit_json(**isValid)
Ejemplo n.º 2
0
    return cert


createCert("test.openampere.com", "/CN=Test/", "abc123!@#$", True)
c1 = createCert("client.openampere.com", "/CN=Client/", "asdfaer13", False)
createCert("client2.openampere.com", "/DC=com/DC=openampere/DC=test/CN=Client2", "asdf", False)
s2 = createCert("test2.openampere.com", "/CN=Test 2", "asdf987", True)

print line
print "Removing cert for client.openampere.com"
c1.remove_certificate()

print line
print "Removing cert for test2.openampere.com"
s2.remove_certificate()

keytool = Keytool(cadir, "client2.openampere.com", "abc123!@#`902", [ "test.openampere.com" ])

print line
print "Validating keytool config"
print keytool.validate()

print line
print "Building truststore"
print keytool.build_trust_store()

print line
print "Removing truststore"
#print keytool.remove_trust_store()

Ejemplo n.º 3
0

createCert("test.openampere.com", "/CN=Test/", "abc123!@#$", True)
c1 = createCert("client.openampere.com", "/CN=Client/", "asdfaer13", False)
createCert("client2.openampere.com",
           "/DC=com/DC=openampere/DC=test/CN=Client2", "asdf", False)
s2 = createCert("test2.openampere.com", "/CN=Test 2", "asdf987", True)

print line
print "Removing cert for client.openampere.com"
c1.remove_certificate()

print line
print "Removing cert for test2.openampere.com"
s2.remove_certificate()

keytool = Keytool(cadir, "client2.openampere.com", "abc123!@#`902",
                  ["test.openampere.com"])

print line
print "Validating keytool config"
print keytool.validate()

print line
print "Building truststore"
print keytool.build_trust_store()

print line
print "Removing truststore"
#print keytool.remove_trust_store()
Ejemplo n.º 4
-1
def main():

    BASE_MODULE_ARGS = dict(
        cadir = dict(default="/etc/certs"),
        hostname = dict(required=True),
        store_password = dict(required=True),
        hosts_to_trust = dict(required=True, type="list"),
        state = dict(default="present", choices=["present", "absent"])
    )

    module = AnsibleModule(
        argument_spec= BASE_MODULE_ARGS,
        supports_check_mode=True
    )

    keytool = Keytool(
        module.params["cadir"],
        module.params["hostname"],
        module.params["store_password"],
        module.params["hosts_to_trust"]
    )

    isValid = keytool.validate()

    if isValid["success"]:
        if module.params["state"] == "present":
            isValid = keytool.build_trust_store()
        else:
            isValid = keytool.remove_trust_store()

    if not isValid["success"]:
        module.fail_json(msg=isValid["msg"])
    else:
        module.exit_json(**isValid)