Closed caphrim007 closed 6 years ago
I think this is being caused by the shlex code that is splitting the username extension
(import_certificate.yml)
---
- name: Import PEM Certificate from local disk
bigip_ssl_certificate:
user: "{{ username }}"
password: "{{ password }}"
server: "{{ inventory_hostname }}"
name: "wildcard-tatanka-local"
cert_content: "{{ lookup('file', 'wildcard-tatanka-local.crt') }}"
key_content: "{{ lookup('file', 'wildcard-tatanka-local.key') }}"
validate_certs: "no"
state: "present"
delegate_to: localhost
...
Use-Case: Importing wildcard SSL certificates
The yml from above (delimiting fqdn names by dash) works perfect but there are some conventions to follow and I found out to be restricted with ansible instead of using BIG-IP GUI.
Use-Case1 (using dots):
name: "wildcard.tatanka.local"
cert_content: "{{ lookup('file', 'wildcard.tatanka.local.crt') }}"
key_content: "{{ lookup('file', 'wildcard.tatanka.local.key') }}"
Use-Case2 (using asterisks with dots):
name: "*.tatanka.local"
cert_content: "{{ lookup('file', *.tatanka.local.crt') }}"
key_content: "{{ lookup('file', *.tatanka.local.key') }}"
Both use-cases are deployed by ansible with no errors but after that you can see in the GUI just the names under SSL certifiate store but if you click on the CRT you would not get the certificate details as usual and if you click on the key you will get an error. So, importing certificates with (dot’s) in names as naming convention does not work via ansible but via BIG-IP GUI.
certs and files are created and put on the box, but not in a way that TMUI will be able to find them.