Hi All, Anyone has done this before.
On Monday, August 28, 2023 at 7:06:23 PM UTC-3 Mahesh Nalavade wrote: > Hi All, > > I basically wanted to run the below command and create those files using > ansible community.crypto module.Its not working as expected > > openssl pkcs12 -in test.pfx -nocerts -nodes | sed -ne '/-BEGIN PRIVATE > KEY-/,/-END PRIVATE KEY-/p' > test.key > > openssl pkcs12 -in test.pfx -clcerts -nokeys | sed -ne '/-BEGIN > CERTIFICATE-/,/-END CERTIFICATE-/p' > test.crt > > openssl pkcs12 -in test.pfx -cacerts -nokeys -chain | sed -ne '/-BEGIN > CERTIFICATE-/,/-END CERTIFICATE-/p' > cacerts.crt > > ansible code: > --- > - hosts: localhost > collections: > - kubernetes.core > tasks: > - name: Dump/Parse PKCS#12 file > community.crypto.openssl_pkcs12: > action: parse > force: false > src: XXX.pfx > path: privatekey.pem > privatekey_passphrase: XXX > passphrase: XXXX > state: present > > - name: Get information on generated certificate > community.crypto.x509_certificate_info: > path: privatekey.pem > register: result > > - name: Dump information > ansible.builtin.debug: > var: result > > - name: Get information on generated key > community.crypto.openssl_privatekey_info: > path: privatekey.pem > return_private_key_data: true > register: result > > - name: Dump information > ansible.builtin.debug: > var: result > > > On Mon, Aug 28, 2023 at 4:10 PM 'Felix Fontein' via Ansible Project < > [email protected]> wrote: > >> Hi, >> >> > Trying to extract the private key and certificate from pfx file >> > format using ansible module.Can someone please provide the example. >> >> PFX files are usually PKCS #12 files >> (https://en.wikipedia.org/wiki/PFX), so community.crypto.openssl_pkcs12 >> ( >> https://docs.ansible.com/ansible/latest/collections/community/crypto/openssl_pkcs12_module.html >> ) >> should help you. >> >> Check out the action=parse example, it dumps the contents into a PEM >> file, and you can split that one with >> >> https://docs.ansible.com/ansible/latest/collections/community/crypto/split_pem_filter.html >> ). >> >> Cheers, >> Felix >> >> >> -- >> You received this message because you are subscribed to the Google Groups >> "Ansible Project" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected]. >> > To view this discussion on the web visit >> https://groups.google.com/d/msgid/ansible-project/20230828211004.7ef054bd%40rovaniemi >> . >> > -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/e9bdfb0f-e9fb-4b28-bb59-f70b100d5997n%40googlegroups.com.
