def main():
BASE_MODULE_ARGS = dict(cadir=dict(default="/etc/certs"),
certname=dict(required=True),
store_password=dict(required=True),
hosts_to_trust=dict(required=True, type="list"),
state=dict(default="present",
choices=["present", "absent"]),
certtype=dict(required=False,
default="truststore",
choices=["truststore", "keystore"]))
module = AnsibleModule(argument_spec=BASE_MODULE_ARGS,
supports_check_mode=True)
keytool = Keytool(
module.params["cadir"],
module.params["certname"],
module.params["store_password"],
module.params["hosts_to_trust"],
module.params["certtype"],
)
isValid = keytool.validate()
if isValid["success"]:
if module.params["state"] == "present":
isValid = keytool.build_trust_store()
else:
isValid = keytool.remove_trust_store()
if not isValid["success"]:
module.fail_json(msg=isValid["msg"])
else:
module.exit_json(**isValid)
return cert
createCert("test.openampere.com", "/CN=Test/", "abc123!@#$", True)
c1 = createCert("client.openampere.com", "/CN=Client/", "asdfaer13", False)
createCert("client2.openampere.com", "/DC=com/DC=openampere/DC=test/CN=Client2", "asdf", False)
s2 = createCert("test2.openampere.com", "/CN=Test 2", "asdf987", True)
print line
print "Removing cert for client.openampere.com"
c1.remove_certificate()
print line
print "Removing cert for test2.openampere.com"
s2.remove_certificate()
keytool = Keytool(cadir, "client2.openampere.com", "abc123!@#`902", [ "test.openampere.com" ])
print line
print "Validating keytool config"
print keytool.validate()
print line
print "Building truststore"
print keytool.build_trust_store()
print line
print "Removing truststore"
#print keytool.remove_trust_store()
createCert("test.openampere.com", "/CN=Test/", "abc123!@#$", True)
c1 = createCert("client.openampere.com", "/CN=Client/", "asdfaer13", False)
createCert("client2.openampere.com",
"/DC=com/DC=openampere/DC=test/CN=Client2", "asdf", False)
s2 = createCert("test2.openampere.com", "/CN=Test 2", "asdf987", True)
print line
print "Removing cert for client.openampere.com"
c1.remove_certificate()
print line
print "Removing cert for test2.openampere.com"
s2.remove_certificate()
keytool = Keytool(cadir, "client2.openampere.com", "abc123!@#`902",
["test.openampere.com"])
print line
print "Validating keytool config"
print keytool.validate()
print line
print "Building truststore"
print keytool.build_trust_store()
print line
print "Removing truststore"
#print keytool.remove_trust_store()
def main():
BASE_MODULE_ARGS = dict(
cadir = dict(default="/etc/certs"),
hostname = dict(required=True),
store_password = dict(required=True),
hosts_to_trust = dict(required=True, type="list"),
state = dict(default="present", choices=["present", "absent"])
)
module = AnsibleModule(
argument_spec= BASE_MODULE_ARGS,
supports_check_mode=True
)
keytool = Keytool(
module.params["cadir"],
module.params["hostname"],
module.params["store_password"],
module.params["hosts_to_trust"]
)
isValid = keytool.validate()
if isValid["success"]:
if module.params["state"] == "present":
isValid = keytool.build_trust_store()
else:
isValid = keytool.remove_trust_store()
if not isValid["success"]:
module.fail_json(msg=isValid["msg"])
else:
module.exit_json(**isValid)