There is currently no native support to change the active cluster webserver certificate. It is possible with the na_ontap_restit module but the certificate uuid is needed. The module na_ontap_security_certificates doesn't return the uuid on install.
Component Name
na_ontap_cluster
Additional Information
My current workaround:
- name: Get certificate uuid
netapp.ontap.na_ontap_restit:
<<: *login
api: security/certificates
method: GET
query:
fields: common_name,type,uuid,expiry_time,serial_number
type: server
common_name: "{{ cluster }}"
serial_number: "{{ '%04X' % cert_details.serial_number }}" # ontap stores certificate serial in hex
register: cert_info
- name: Change web server configuration to use new certificate
netapp.ontap.na_ontap_restit:
<<: *login
api: cluster
method: PATCH
body:
certificate:
uuid: "{{ cert_info.response.records[0].uuid }}"
Summary
There is currently no native support to change the active cluster webserver certificate. It is possible with the
na_ontap_restit
module but the certificate uuid is needed. The modulena_ontap_security_certificates
doesn't return the uuid on install.Component Name
na_ontap_cluster
Additional Information
My current workaround: