Hi All,
I basically wanted to run the below command and create those files using
ansible community.crypto module.Its not working as expected
openssl pkcs12 -in test.pfx -nocerts -nodes | sed -ne '/-BEGIN PRIVATE
KEY-/,/-END PRIVATE KEY-/p' > test.key
openssl pkcs12 -in test.pfx -clcerts -nokeys | sed -ne '/-BEGIN
CERTIFICATE-/,/-END CERTIFICATE-/p' > test.crt
openssl pkcs12 -in test.pfx -cacerts -nokeys -chain | sed -ne '/-BEGIN
CERTIFICATE-/,/-END CERTIFICATE-/p' > cacerts.crt
ansible code:
---
- hosts: localhost
collections:
- kubernetes.core
tasks:
- name: Dump/Parse PKCS#12 file
community.crypto.openssl_pkcs12:
action: parse
force: false
src: XXX.pfx
path: privatekey.pem
privatekey_passphrase: XXX
passphrase: XXXX
state: present
- name: Get information on generated certificate
community.crypto.x509_certificate_info:
path: privatekey.pem
register: result
- name: Dump information
ansible.builtin.debug:
var: result
- name: Get information on generated key
community.crypto.openssl_privatekey_info:
path: privatekey.pem
return_private_key_data: true
register: result
- name: Dump information
ansible.builtin.debug:
var: result
On Mon, Aug 28, 2023 at 4:10 PM 'Felix Fontein' via Ansible Project <
[email protected]> wrote:
> Hi,
>
> > Trying to extract the private key and certificate from pfx file
> > format using ansible module.Can someone please provide the example.
>
> PFX files are usually PKCS #12 files
> (https://en.wikipedia.org/wiki/PFX), so community.crypto.openssl_pkcs12
> (
> https://docs.ansible.com/ansible/latest/collections/community/crypto/openssl_pkcs12_module.html
> )
> should help you.
>
> Check out the action=parse example, it dumps the contents into a PEM
> file, and you can split that one with
>
> https://docs.ansible.com/ansible/latest/collections/community/crypto/split_pem_filter.html
> ).
>
> Cheers,
> Felix
>
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to [email protected].
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/20230828211004.7ef054bd%40rovaniemi
> .
>
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/CA%2BicGBk2ZqbB3%3Dr%2BFmSbE1pVrODrssm3pMKAgT%2B-o%2BFVmnZNRg%40mail.gmail.com.
