:source: fadcos_system_certificate_local.py
:orphan:
.. fadcos_system_certificate_local:
fadcos_system_certificate_local -- Generate Certificate Signing Request in Fortinet's FortiADC
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
.. versionadded:: 1.1.0
.. contents::
:local:
:depth: 1
Synopsis
--------
- Generate certificate signing request of Local Certificate in Manage Certificates Page
Requirements
------------
The below requirements are needed on the host that executes this module.
- ansible>=2.8
FortiADC Version Compatibility
------------------------------
.. raw:: html
|
v7.1.4 |
v7.2.2 |
v7.4.0 |
| fadcos_system_certificate_local |
yes |
yes |
yes |
Parameters
----------
.. raw:: html
- action - Type of action to perform on the object. type: str required: true
- name - config certificate name type: str required: false
- id_type - Specify the ID type.type: str required: false
- ip - Specify the IP if the id type is ip.type: int required: false default: 192.0.2.1
- domain - Specify the Domain Name if the id type is domain.type: str required: false default: www.example.com
- email - Specify the Email if the id type is email.type: str required: false default: admin@example.com
- orgUnit - Specify the Organization Unit.type: list required: false
- org - Specify the Organization.type: str required: false
- city - Specify the City/Locality.type: str required: false
- state - Specify the State/Province.type: str required: false
- country - Specify the Country/Region.type: str required: false default: AF
- orgEmail - Specify the Email Address.type: str required: false
- san - Specify the Subject Alternative Name.type: str required: false
- enc_meth - Specify the Private Key Encryption.type: str required: false default: aes128
- k_pwd - Specify the Private Key Password.type: str required: false
- keyType - Specify the Key Type in Key Information. (1:RSA, 2:ECDSA)type: str required: false default: 1
- keySize - Specify the Key Size if keyType is 1(RSA).type: str required: false default: 512
- hash - Specify the Hash Function if keyType is 1(RSA).type: str required: false default: SHA1
- keySizeECDSA - Specify the Key Size if keyType is 2(ECDSA).type: str required: false default: 256
- enrollMethod - Specify the Enrollment Method in Enrollment Information. (file/scep) type: str required: false default: file
- scep_url - Specify URL if Enrollment Method is sceptype: str required: true (if Enrollment Method is scep)
- c_pwd - Specify the Challenge Password if Enrollment Method is sceptype: str required: true (if Enrollment Method is scep)
- ca_id - Specify the CA Identifer if Enrollment Method is sceptype: str required: true (if Enrollment Method is scep)
- vdom - VDOM name if enabled.type: str required: true(if VDOM is enabled)
Examples
--------
.. code-block:: yaml+jinja
- name:
hosts: all
vars:
connection: httpapi
gather_facts: false
tasks:
- name: create
fadcos_system_certificate_local:
action: add
name: test
id_type: ip
ip: '192.0.2.1'
orgUnit:
- test1
- test2
org: 'MyCorp Inc.'
city: Sunnyvale
state: CA
country: AF
orgEmail: 'admin@exammple.com'
san: 'IP:192.168.1.102'
enc_meth: aes128
k_pwd: test
keyType: '1'
keySize: '2048'
hash: SHA256
enrollMethod: file
- name: create
fadcos_system_certificate_local:
action: add
name: test2
id_type: domain
domain: www.example.com
orgUnit:
- test3
org: MyCorp2 Inc.
city: Sunnyvale
country: AF
state: CA
orgEmail: admin@exammple.com
san: 'DNS:www.a.b'
enc_meth: aes192
k_pwd: test
keyType: '2'
keySizeECDSA: '512'
enrollMethod: file
- name: get
fadcos_system_certificate_local:
action: get
- name: delete
fadcos_system_certificate_local:
action: remove
name: test
- name: delete
fadcos_system_certificate_local:
action: remove
name: test2
Return Values
-------------
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
.. raw:: html
- 200 - OK: Request returns successful.
- 400 - Bad Request: Request cannot be processed by the API.
- 401 - Not Authorized: Request without successful login session.
- 403 - Forbidden: Request is missing CSRF token or administrator is missing access profile permissions.
- 404 - Resource Not Found: Unable to find the specified resource.
- 405 - Method Not Allowed: Specified HTTP method is not allowed for this resource.
- 413 - Request Entity Too Large: Request cannot be processed due to large entity.
- 424 - Failed Dependency: Fail dependency can be duplicate resource, missing required parameter, missing required attribute, or invalid attribute value.
- 429 - Access temporarily blocked: Maximum failed authentications reached. The offended source is temporarily blocked for certain amount of time.
- 500 - Internal Server Error: Internal error when processing the request.
For errorcode please check FortiADC API errorcode at : https://fndn.fortinet.net/index.php?/fortiapi/981-fortiadc/
Status
------
- This module is not guaranteed to have a backwards compatible interface.
Authors
-------
- Wayne Chou
.. hint::
If you notice any issues in this documentation, you can create a pull request to improve it at: https://github.com/fortinet-ansible-dev/ansible-galaxy-fortiadc-sphinxdoc/pulls