dellemc.openmanage.ome_application_certificate module – This module allows to generate a CSR and upload the certificate

Note

This module is part of the dellemc.openmanage collection (version 8.5.0).

To install it, use: ansible-galaxy collection install dellemc.openmanage. You need further requirements to be able to use this module, see Requirements for details.

To use it in a playbook, specify: dellemc.openmanage.ome_application_certificate.

New in dellemc.openmanage 2.1.0

Synopsis

  • This module allows the generation a new certificate signing request (CSR) and to upload the certificate on OpenManage Enterprise.

Requirements

The below requirements are needed on the host that executes this module.

  • python >= 3.9.6

Parameters

Parameter

Comments

business_name

string

Name of the business that issued the certificate. This option is applicable for generate_csr.

ca_path

path

added in dellemc.openmanage 5.0.0

The Privacy Enhanced Mail (PEM) file that contains a CA certificate to be used for the validation.

command

string

generate_csr allows the generation of a CSR and upload uploads the certificate.

Choices:

  • "generate_csr" ← (default)

  • "upload"

country

string

Country in which the issuer resides. This option is applicable for generate_csr.

country_state

string

State in which the issuer resides. This option is applicable for generate_csr.

department_name

string

Name of the department that issued the certificate. This option is applicable for generate_csr.

distinguished_name

string

Name of the certificate issuer. This option is applicable for generate_csr.

email

string

Email associated with the issuer. This option is applicable for generate_csr.

hostname

string / required

OpenManage Enterprise or OpenManage Enterprise Modular IP address or hostname.

locality

string

Local address of the issuer of the certificate. This option is applicable for generate_csr.

password

string / required

OpenManage Enterprise or OpenManage Enterprise Modular password.

port

integer

OpenManage Enterprise or OpenManage Enterprise Modular HTTPS port.

Default: 443

subject_alternative_names

string

added in dellemc.openmanage 8.1.0

Subject alternative name required for the certificate signing request generation.

Supports up to 4 comma separated values starting from primary, secondary, Tertiary and Quaternary values.

timeout

integer

added in dellemc.openmanage 5.0.0

The socket level timeout in seconds.

Default: 30

upload_file

string

Local path of the certificate file to be uploaded. This option is applicable for upload. Once the certificate is uploaded, OpenManage Enterprise cannot be accessed for a few seconds.

username

string / required

OpenManage Enterprise or OpenManage Enterprise Modular username.

validate_certs

boolean

added in dellemc.openmanage 5.0.0

If false, the SSL certificates will not be validated.

Configure false only on personally controlled sites where self-signed certificates are used.

Prior to collection version 5.0.0, the validate_certs is false by default.

Choices:

  • false

  • true ← (default)

Notes

Note

  • If a certificate is uploaded, which is identical to an already existing certificate, it is accepted by the module.

  • This module does not support check_mode.

Examples

---
- name: Generate a certificate signing request
  dellemc.openmanage.ome_application_certificate:
    hostname: "192.168.0.1"
    username: "username"
    password: "password"
    ca_path: "/path/to/ca_cert.pem"
    command: "generate_csr"
    distinguished_name: "hostname.com"
    department_name: "Remote Access Group"
    business_name: "Dell Inc."
    locality: "Round Rock"
    country_state: "Texas"
    country: "US"
    email: "support@dell.com"

- name: Generate a certificate signing request with subject alternative names
  dellemc.openmanage.ome_application_certificate:
    hostname: "192.168.0.1"
    username: "username"
    password: "password"
    ca_path: "/path/to/ca_cert.pem"
    command: "generate_csr"
    distinguished_name: "hostname.com"
    subject_alternative_names: "hostname1.chassis.com,hostname2.chassis.com"
    department_name: "Remote Access Group"
    business_name: "Dell Inc."
    locality: "Round Rock"
    country_state: "Texas"
    country: "US"
    email: "support@dell.com"

- name: Upload the certificate
  dellemc.openmanage.ome_application_certificate:
    hostname: "192.168.0.1"
    username: "username"
    password: "password"
    ca_path: "/path/to/ca_cert.pem"
    command: "upload"
    upload_file: "/path/certificate.cer"

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key

Description

csr_status

dictionary

Details of the generated certificate.

Returned: on success

Sample: {"CertificateData": "-----BEGIN CERTIFICATE REQUEST-----GHFSUEKLELE af3u4h2rkdkfjasczjfefhkrr/frjrfrjfrxnvzklf/nbcvxmzvndlskmcvbmzkdk kafhaksksvklhfdjtrhhffgeth/tashdrfstkm@kdjFGD/sdlefrujjfvvsfeikdf yeufghdkatbavfdomehtdnske/tahndfavdtdfgeikjlagmdfbandfvfcrfgdtwxc qwgfrteyupojmnsbajdkdbfs/ujdfgthedsygtamnsuhakmanfuarweyuiwruefjr etwuwurefefgfgurkjkdmbvfmvfvfk==-----END CERTIFICATE REQUEST-----"}

error_info

dictionary

Details of the HTTP error.

Returned: on HTTP error

Sample: {"error": {"@Message.ExtendedInfo": [{"Message": "Unable to upload the certificate because the certificate file provided is invalid.", "MessageArgs": [], "MessageId": "CSEC9002", "RelatedProperties": [], "Resolution": "Make sure the CA certificate and private key are correct and retry the operation.", "Severity": "Critical"}], "code": "Base.1.0.GeneralError", "message": "A general error has occurred. See ExtendedInfo for more information."}}

msg

string

Overall status of the certificate signing request.

Returned: always

Sample: "Successfully generated certificate signing request."

Authors

  • Felix Stephen (@felixs88)

  • Kritika Bhateja (@Kritika-Bhateja-03)

  • Jennifer John (@Jennifer-John)