|
|
|
@ -29,7 +29,6 @@ options:
|
|
|
|
|
- A PEM file containing one or more root certificates; if present, the cert will be validated against these root certs.
|
|
|
|
|
- Note that this only validates the certificate is signed by the chain; not that the cert is valid for the host presenting it.
|
|
|
|
|
type: path
|
|
|
|
|
aliases: [ ca_certs ]
|
|
|
|
|
port:
|
|
|
|
|
description:
|
|
|
|
|
- The port to connect to
|
|
|
|
@ -131,14 +130,14 @@ else:
|
|
|
|
|
def main():
|
|
|
|
|
module = AnsibleModule(
|
|
|
|
|
argument_spec=dict(
|
|
|
|
|
ca_cert=dict(type='path', aliases=['ca_certs']),
|
|
|
|
|
ca_cert=dict(type='path'),
|
|
|
|
|
host=dict(type='str', required=True),
|
|
|
|
|
port=dict(type='int', required=True),
|
|
|
|
|
timeout=dict(type='int', default=10),
|
|
|
|
|
),
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
ca_certs = module.params.get('ca_cert')
|
|
|
|
|
ca_cert = module.params.get('ca_cert')
|
|
|
|
|
host = module.params.get('host')
|
|
|
|
|
port = module.params.get('port')
|
|
|
|
|
timeout = module.params.get('timeout')
|
|
|
|
@ -153,12 +152,12 @@ def main():
|
|
|
|
|
if timeout:
|
|
|
|
|
setdefaulttimeout(timeout)
|
|
|
|
|
|
|
|
|
|
if ca_certs:
|
|
|
|
|
if not isfile(ca_certs):
|
|
|
|
|
if ca_cert:
|
|
|
|
|
if not isfile(ca_cert):
|
|
|
|
|
module.fail_json(msg="ca_cert file does not exist")
|
|
|
|
|
|
|
|
|
|
try:
|
|
|
|
|
cert = get_server_certificate((host, port), ca_certs=ca_certs)
|
|
|
|
|
cert = get_server_certificate((host, port), ca_certs=ca_cert)
|
|
|
|
|
x509 = crypto.load_certificate(crypto.FILETYPE_PEM, cert)
|
|
|
|
|
except Exception as e:
|
|
|
|
|
module.fail_json(msg="Failed to get cert from port with error: {0}".format(e))
|
|
|
|
|