java_keystore - Create or delete a Java keystore in JKS format.¶

New in version 2.7.

Synopsis
- Requirements
Parameters
Examples
Return Values
Status
Maintenance
- Author

Synopsis ¶

Create or delete a Java keystore in JKS format for a given certificate.

Requirements ¶

The below requirements are needed on the host that executes this module.

openssl
keytool

Parameters ¶

Parameter	Choices/Defaults	Comments
certificate		Certificate that should be used to create the key store.
dest required		Absolute path where the jks should be generated.
force bool	Choices: no ← yes	Key store will be created even if it already exists.
group		Name of the group that should own jks file.
mode		Mode the file should be.
name required		Name of the certificate.
owner		Name of the user that should own jks file.
password		Password that should be used to secure the key store.
private_key		Private key that should be used to create the key store.

Examples ¶

# Create a key store for the given certificate (inline)
- java_keystore:
    name: example
    certificate: |
      -----BEGIN CERTIFICATE-----
      h19dUZ2co2fI/ibYiwxWk4aeNE6KWvCaTQOMQ8t6Uo2XKhpL/xnjoAgh1uCQN/69
      MG+34+RhUWzCfdZH7T8/qDxJw2kEPKluaYh7KnMsba+5jHjmtzix5QIDAQABo4IB
      -----END CERTIFICATE-----
    private_key: |
      -----BEGIN RSA PRIVATE KEY-----
      DBVFTEVDVFJJQ0lURSBERSBGUkFOQ0UxFzAVBgNVBAsMDjAwMDIgNTUyMDgxMzE3
      GLlDNMw/uHyME7gHFsqJA7O11VY6O5WQ4IDP3m/s5ZV6s+Nn6Lerz17VZ99
      -----END RSA PRIVATE KEY-----
    password: changeit
    dest: /etc/security/keystore.jks

# Create a key store for the given certificate (lookup)
- java_keystore:
    name: example
    certificate: "{{lookup('file', '/path/to/certificate.crt') }}"
    private_key: "{{lookup('file', '/path/to/private.key') }}"
    password: changeit
    dest: /etc/security/keystore.jks

Return Values ¶

Common return values are documented here, the following are the fields unique to this module:

Key	Returned	Description
cmd string	changed and failure	Executed command to get action done Sample: openssl x509 -noout -in /tmp/cert.crt -fingerprint -sha1
msg string	changed and failure	Output from stdout of keytool/openssl command after execution of given command or an error. Sample: Unable to find the current certificate fingerprint in ...
rc int	changed and failure	keytool/openssl command execution return value Sample: 0

Status ¶

This module is flagged as preview which means that it is not guaranteed to have a backwards compatible interface.

Maintenance ¶

This module is flagged as community which means that it is maintained by the Ansible Community. See Module Maintenance & Support for more info.

For a list of other modules that are also maintained by the Ansible Community, see here.

Author ¶

Guillaume Grossetie

Hint

If you notice any issues in this documentation you can edit this document to improve it.