java_keystore – Create or delete a Java keystore in JKS format
New in version 2.7.
Synopsis
- Create or delete a Java keystore in JKS format for a given certificate.
Requirements
The below requirements are needed on the host that executes this module.
- openssl
- keytool
Parameters
Parameter | Choices/Defaults | Comments |
---|---|---|
certificate - / required | Certificate that should be used to create the key store. | |
dest - / required | Absolute path where the jks should be generated. | |
force boolean |
| Key store will be created even if it already exists. |
group - | Name of the group that should own jks file. | |
mode - | Mode the file should be. | |
name - / required | Name of the certificate. | |
owner - | Name of the user that should own jks file. | |
password - / required | Password that should be used to secure the key store. | |
private_key - / required | Private key that should be used to create the key store. |
Examples
# Create a key store for the given certificate (inline) - java_keystore: name: example certificate: | -----BEGIN CERTIFICATE----- h19dUZ2co2fI/ibYiwxWk4aeNE6KWvCaTQOMQ8t6Uo2XKhpL/xnjoAgh1uCQN/69 MG+34+RhUWzCfdZH7T8/qDxJw2kEPKluaYh7KnMsba+5jHjmtzix5QIDAQABo4IB -----END CERTIFICATE----- private_key: | -----BEGIN RSA PRIVATE KEY----- DBVFTEVDVFJJQ0lURSBERSBGUkFOQ0UxFzAVBgNVBAsMDjAwMDIgNTUyMDgxMzE3 GLlDNMw/uHyME7gHFsqJA7O11VY6O5WQ4IDP3m/s5ZV6s+Nn6Lerz17VZ99 -----END RSA PRIVATE KEY----- password: changeit dest: /etc/security/keystore.jks # Create a key store for the given certificate (lookup) - java_keystore: name: example certificate: "{{lookup('file', '/path/to/certificate.crt') }}" private_key: "{{lookup('file', '/path/to/private.key') }}" password: changeit dest: /etc/security/keystore.jks
Return Values
Common return values are documented here, the following are the fields unique to this module:
Key | Returned | Description |
---|---|---|
cmd string | changed and failure | Executed command to get action done Sample: openssl x509 -noout -in /tmp/cert.crt -fingerprint -sha256 |
msg string | changed and failure | Output from stdout of keytool/openssl command after execution of given command or an error. Sample: Unable to find the current certificate fingerprint in ... |
rc integer | changed and failure | keytool/openssl command execution return value Sample: 0 |
Status
- This module is not guaranteed to have a backwards compatible interface. [preview]
- This module is maintained by the Ansible Community. [community]
Authors
- Guillaume Grossetie (@Mogztter)
Hint
If you notice any issues in this documentation, you can edit this document to improve it.
© 2012–2018 Michael DeHaan
© 2018–2019 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.9/modules/java_keystore_module.html