a10_pki_cmp_cert

Synopsis 

CMP Certificate enrollment object

Parameters 

Parameters		Choices/Defaults	Comment
state str/required		[‘noop’, ‘present’, ‘absent’]	State of the object to be created.
ansible_host str/required			Host for AXAPI authentication
ansible_username str/required			Username for AXAPI authentication
ansible_password str/required			Password for AXAPI authentication
ansible_port int/required			Port for AXAPI authentication
a10_device_context_id int		[‘1-8’]	Device ID for aVCS configuration
a10_partition str			Destination/target partition for object/command
name str/required			Specify Certificate name to be enrolled
url str			CMP server’s absolute URL(http(s)=//host=[port]/path), path is the location to use for the CMP server(aka CMP alias)
subject_dn str			Distinguished Name to use while enrolling the certificate(For EJBCA CA, this is the subject DN of an End Entity) (DN OID is case sensitive)
recipient_dn str			Distinguished Name of the CMP message recipient, i.e., the CMP server (usually a CA or RA entity)) (DN OIDis case sensitive)
subject_alternate_name dict			Field subject_alternate_name
	san_type str		‘email’= Enter e-mail address of the subject; ‘dns’= Enter hostname of the subject; ‘ip’= Enter IP address of the subject;
	san_value str		Value of subject-alternate-name
enroll bool			Initiates enrollment of device with the CA
log_level int			Level for logging output of CMP commands(default 1 and detailed 2)
secret bool			Specify the pre-shared secret used to enroll the device’s certificate
secret_string str			pre-shared secret
encrypted str			Do NOT use this option manually. (This is an A10 reserved keyword.) (The ENCRYPTED secret string)
renew_before bool			Specify interval before certificate expiry to renew the certificate
renew_before_type str			‘hour’= Number of hours before cert expiry; ‘day’= Number of days before cert expiry; ‘week’= Number of weeks before cert expiry; ‘month’= Number of months before cert expiry(1 month=30 days);
renew_before_value int			Value of renewal period
renew_every bool			Specify periodic interval in which to renew the certificate
minute int			Periodic interval in minutes
renew_every_type str			‘hour’= Periodic interval in hours; ‘day’= Periodic interval in days; ‘week’= Periodic interval in weeks; ‘month’= Periodic interval in months(1 month=30 days);
renew_every_value int			Value of renewal period
cert_type bool			Specify the type of certificate
rsa_type bool			RSA certificate (default)
ecdsa_type bool			ECDSA certificate
rsa_key_length str			‘1024’= Key size 1024 bits; ‘2048’= Key size 2048 bits(default); ‘4096’= Key size 4096 bits; ‘8192’= Key size 8192 bits;
ec_key_length str			‘256’= Key size 256 bits; ‘384’= Key size 384 bits(default);
max_polltime int			Maximum time in seconds a(n) enrollment/key update may take (default 120)
cmp_trusted_ca str			The specific CA to trust while verifying signature of CMP response message
cmp_trusted_cert str			The specific CMP server certificate to use and directly trust when verifying signature of CMP response message
allow_unprotected_errors bool			Accept missing or invalid protection of negative responses(CA likes EJCBA tends to not protect negative responses)
uuid str			uuid of the object
user_tag str			Customized tag

Examples 

Return Values 

modified_values (changed, dict, )

Values modified (or potential changes if using check_mode) as a result of task operation

axapi_calls (always, list, )

Sequential list of AXAPI calls made by the task

endpoint (, str, [‘/axapi/v3/slb/virtual_server’, ‘/axapi/v3/file/ssl-cert’]): The AXAPI endpoint being accessed.
http_method (, str, [‘POST’, ‘GET’]): HTTP method being used by the primary task to interact with the AXAPI endpoint.
request_body (, complex, ): Params used to query the AXAPI
response_body (, complex, ): Response from the AXAPI

Status 

This module is not guaranteed to have a backwards compatible interface. [preview]
This module is maintained by community.

Authors

A10 Networks