java_keystore – Create or delete a Java keystore in JKS format

From Get docs
Ansible/docs/2.8/modules/java keystore module


java_keystore – Create or delete a Java keystore in JKS format

New in version 2.7.


Synopsis

  • Create or delete a Java keystore in JKS format for a given certificate.

Requirements

The below requirements are needed on the host that executes this module.

  • openssl
  • keytool

Parameters

Parameter Choices/Defaults Comments

certificate

- / required

Certificate that should be used to create the key store.

dest

- / required

Absolute path where the jks should be generated.

force

boolean

  • no

  • yes

Key store will be created even if it already exists.

group

-

Name of the group that should own jks file.

mode

-

Mode the file should be.

name

- / required

Name of the certificate.

owner

-

Name of the user that should own jks file.

password

- / required

Password that should be used to secure the key store.

private_key

- / required

Private key that should be used to create the key store.



Examples

# Create a key store for the given certificate (inline)
- java_keystore:
    name: example
    certificate: |
      -----BEGIN CERTIFICATE-----
      h19dUZ2co2fI/ibYiwxWk4aeNE6KWvCaTQOMQ8t6Uo2XKhpL/xnjoAgh1uCQN/69
      MG+34+RhUWzCfdZH7T8/qDxJw2kEPKluaYh7KnMsba+5jHjmtzix5QIDAQABo4IB
      -----END CERTIFICATE-----
    private_key: |
      -----BEGIN RSA PRIVATE KEY-----
      DBVFTEVDVFJJQ0lURSBERSBGUkFOQ0UxFzAVBgNVBAsMDjAwMDIgNTUyMDgxMzE3
      GLlDNMw/uHyME7gHFsqJA7O11VY6O5WQ4IDP3m/s5ZV6s+Nn6Lerz17VZ99
      -----END RSA PRIVATE KEY-----
    password: changeit
    dest: /etc/security/keystore.jks

# Create a key store for the given certificate (lookup)
- java_keystore:
    name: example
    certificate: "{{lookup('file', '/path/to/certificate.crt') }}"
    private_key: "{{lookup('file', '/path/to/private.key') }}"
    password: changeit
    dest: /etc/security/keystore.jks

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key Returned Description

cmd

string

changed and failure

Executed command to get action done


Sample:

openssl x509 -noout -in /tmp/cert.crt -fingerprint -sha1

msg

string

changed and failure

Output from stdout of keytool/openssl command after execution of given command or an error.


Sample:

Unable to find the current certificate fingerprint in ...

rc

integer

changed and failure

keytool/openssl command execution return value


Sample:

0




Status

Authors

  • Guillaume Grossetie (@Mogztter)

Hint

If you notice any issues in this documentation you can edit this document to improve it.


© 2012–2018 Michael DeHaan
© 2018–2019 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.8/modules/java_keystore_module.html