maxhoesel.smallstep.step_ca_bootstrap module – Initialize step-cli to trust a step-ca server
Note
This module is part of the maxhoesel.smallstep collection (version 0.24.5).
It is not included in ansible-core.
To check whether it is installed, run ansible-galaxy collection list.
To install it, use: ansible-galaxy collection install maxhoesel.smallstep.
You need further requirements to be able to use this module,
see Requirements for details.
To use it in a playbook, specify: maxhoesel.smallstep.step_ca_bootstrap.
New in maxhoesel.smallstep 0.3.0
Synopsis
Downloads the root certificate from the given cert authority and sets up the local environment to use it. This allows running other
step-cli cacommands without having to specify ca_url or ca_config every time.
Requirements
The below requirements are needed on the host that executes this module.
step-climust be installed on the remote host. You can set the executable name/path with step_cli_executable.
Parameters
Parameter |
Comments |
|---|---|
URI of the targeted Step Certificate Authority |
|
The fingerprint of the targeted root certificate |
|
Force the overwrite of files without asking. Choices:
|
|
Install the root certificate into the system truststore. Make sure that the user has the required privileges. Choices:
|
|
Terminal OAuth redirect url. |
|
Name (or absolute path) of the Default: |
Notes
Note
Check mode is supported.
Examples
- name: Bootstrap using the CA url and a fingerprint
maxhoesel.smallstep.step_ca_bootstrap:
ca_url: https://ca.example.org
fingerprint: d9d0978692f1c7cc791f5c343ce98771900721405e834cd27b9502cc719f5097
- name: Bootstrap and install the root certificate
maxhoesel.smallstep.step_ca_bootstrap:
ca_url: https://ca.example.org
fingerprint: d9d0978692f1c7cc791f5c343ce98771900721405e834cd27b9502cc719f5097
install: yes