netapp_eseries.santricity.na_santricity_server_certificate – NetApp E-Series manage the storage system’s server SSL certificates.
Note
This plugin is part of the netapp_eseries.santricity collection (version 1.2.13).
You might already have this collection installed if you are using the ansible
package. It is not included in ansible-core
. To check whether it is installed, run ansible-galaxy collection list
.
To install it, use: ansible-galaxy collection install netapp_eseries.santricity
.
To use it in a playbook, specify: netapp_eseries.santricity.na_santricity_server_certificate
.
Synopsis
- Manage NetApp E-Series storage system’s server SSL certificates.
Requirements
The below requirements are needed on the host that executes this module.
- cryptography
Parameters
Parameter | Choices/Defaults | Comments |
---|---|---|
api_password string / required | The password to authenticate with the SANtricity Web Services Proxy or Embedded Web Services API. | |
api_url string / required | The url to the SANtricity Web Services Proxy or Embedded Web Services API. Example https://prod-1.wahoo.acme.com:8443/devmgr/v2 | |
api_username string / required | The username to authenticate with the SANtricity Web Services Proxy or Embedded Web Services API. | |
certificates list / elements=string | Unordered list of all server certificate files which include PEM and DER encoded certificates as well as private keys. When certificates is not defined then a self-signed certificate will be expected. | |
controller string |
| The controller that owns the port you want to configure. Controller names are represented alphabetically, with the first controller as A, the second as B, and so on. Current hardware models have either 1 or 2 available controllers, but that is not a guaranteed hard limitation and could change in the future.
controller must be specified unless managing SANtricity Web Services Proxy (ie ssid="proxy") |
passphrase string | Passphrase for PEM encoded private key encryption. If passphrase is not supplied then Ansible will prompt for private key certificate. | |
ssid string | Default: 1 | The ID of the array to manage. This value must be unique for each array. |
validate_certs boolean |
| Should https certificates be validated? |
Notes
Note
- Set ssid==’0’ or ssid==’proxy’ to specifically reference SANtricity Web Services Proxy.
- Certificates can be the following filetypes - PEM (.pem, .crt, .cer, or .key) or DER (.der or .cer)
- When certificates is not defined then a self-signed certificate will be expected.
- The E-Series Ansible modules require either an instance of the Web Services Proxy (WSP), to be available to manage the storage-system, or an E-Series storage-system that supports the Embedded Web Services API.
- Embedded Web Services is currently available on the E2800, E5700, EF570, and newer hardware models.
- M(netapp_e_storage_system) may be utilized for configuring the systems managed by a WSP instance.
Examples
- name: Ensure signed certificate is installed. na_santricity_server_certificate: ssid: 1 api_url: https://192.168.1.100:8443/devmgr/v2 api_username: admin api_password: adminpass controller: A certificates: - 'root_auth_cert.pem' - 'intermediate_auth1_cert.pem' - 'intermediate_auth2_cert.pem' - 'public_cert.pem' - 'private_key.pem' passphrase: keypass - name: Ensure signed certificate bundle is installed. na_santricity_server_certificate: ssid: 1 api_url: https://192.168.1.100:8443/devmgr/v2 api_username: admin api_password: adminpass controller: B certificates: - 'cert_bundle.pem' passphrase: keypass - name: Ensure storage system generated self-signed certificate is installed. na_santricity_server_certificate: ssid: 1 api_url: https://192.168.1.100:8443/devmgr/v2 api_username: admin api_password: adminpass controller: A
Return Values
Common return values are documented here, the following are the fields unique to this module:
Key | Returned | Description |
---|---|---|
added_certificates list / elements=string | always | Any SSL certificates that were added. Sample: ['added_certificiate.crt'] |
changed boolean | always | Whether changes have been made. Sample: True |
removed_certificates list / elements=string | always | Any SSL certificates that were removed. Sample: ['removed_certificiate.crt'] |
signed_server_certificate boolean | always | Whether the public server certificate is signed. Sample: True |
Authors
- Nathan Swartz (@ndswartz)
© 2012–2018 Michael DeHaan
© 2018–2021 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/latest/collections/netapp_eseries/santricity/na_santricity_server_certificate_module.html