panos_cert_gen_ssh – generates a self-signed certificate using SSH protocol with SSH key¶
DEPRECATED¶
Removed in Ansible: | |
---|---|
version: 2.12 | |
Why: | Consolidating code base. |
Alternative: | Use https://galaxy.ansible.com/PaloAltoNetworks/paloaltonetworks instead. |
Synopsis¶
- This module generates a self-signed certificate that can be used by GlobalProtect client, SSL connector, or
- otherwise. Root certificate must be preset on the system first. This module depends on paramiko for ssh.
Parameters¶
Parameter | Choices/Defaults | Comments |
---|---|---|
cert_cn
-
/ required
|
Certificate CN (common name) embedded in the certificate signature.
|
|
cert_friendly_name
-
/ required
|
Human friendly certificate name (not CN but just a friendly name).
|
|
ip_address
-
/ required
|
IP address (or hostname) of PAN-OS device being configured.
|
|
key_filename
-
/ required
|
Location of the filename that is used for the auth. Either key_filename or password is required.
|
|
password
-
/ required
|
Password credentials to use for auth. Either key_filename or password is required.
|
|
rsa_nbits
-
|
Default: "2048"
|
Number of bits used by the RSA algorithm for the certificate generation.
|
signed_by
-
/ required
|
Undersigning authority (CA) that MUST already be presents on the device.
|
Examples¶
# Generates a new self-signed certificate using ssh
- name: generate self signed certificate
panos_cert_gen_ssh:
ip_address: "192.168.1.1"
password: "paloalto"
cert_cn: "1.1.1.1"
cert_friendly_name: "test123"
signed_by: "root-ca"
Status¶
- This module will be removed in version 2.12. [deprecated]
- For more information see DEPRECATED.
Authors¶
- Luigi Mori (@jtschichold), Ivan Bojer (@ivanbojer)
Hint
If you notice any issues in this documentation, you can edit this document to improve it.