diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-18 05:52:22 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-18 05:52:22 +0000 |
commit | 38b7c80217c4e72b1d8988eb1e60bb6e77334114 (patch) | |
tree | 356e9fd3762877d07cde52d21e77070aeff7e789 /ansible_collections/community/crypto/docs/docsite | |
parent | Adding upstream version 7.7.0+dfsg. (diff) | |
download | ansible-38b7c80217c4e72b1d8988eb1e60bb6e77334114.tar.xz ansible-38b7c80217c4e72b1d8988eb1e60bb6e77334114.zip |
Adding upstream version 9.4.0+dfsg.upstream/9.4.0+dfsg
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'ansible_collections/community/crypto/docs/docsite')
-rw-r--r-- | ansible_collections/community/crypto/docs/docsite/rst/guide_ownca.rst | 2 | ||||
-rw-r--r-- | ansible_collections/community/crypto/docs/docsite/rst/guide_selfsigned.rst | 10 |
2 files changed, 6 insertions, 6 deletions
diff --git a/ansible_collections/community/crypto/docs/docsite/rst/guide_ownca.rst b/ansible_collections/community/crypto/docs/docsite/rst/guide_ownca.rst index 0e8a46da8..79c224a46 100644 --- a/ansible_collections/community/crypto/docs/docsite/rst/guide_ownca.rst +++ b/ansible_collections/community/crypto/docs/docsite/rst/guide_ownca.rst @@ -8,7 +8,7 @@ How to create a small CA ======================== -The `community.crypto collection <https://galaxy.ansible.com/community/crypto>`_ offers multiple modules that create private keys, certificate signing requests, and certificates. This guide shows how to create your own small CA and how to use it to sign certificates. +The `community.crypto collection <https://galaxy.ansible.com/ui/repo/published/community/crypto/>`_ offers multiple modules that create private keys, certificate signing requests, and certificates. This guide shows how to create your own small CA and how to use it to sign certificates. In all examples, we assume that the CA's private key is password protected, where the password is provided in the ``secret_ca_passphrase`` variable. diff --git a/ansible_collections/community/crypto/docs/docsite/rst/guide_selfsigned.rst b/ansible_collections/community/crypto/docs/docsite/rst/guide_selfsigned.rst index dc208d5c7..fda4911d6 100644 --- a/ansible_collections/community/crypto/docs/docsite/rst/guide_selfsigned.rst +++ b/ansible_collections/community/crypto/docs/docsite/rst/guide_selfsigned.rst @@ -8,9 +8,9 @@ How to create self-signed certificates ====================================== -The `community.crypto collection <https://galaxy.ansible.com/community/crypto>`_ offers multiple modules that create private keys, certificate signing requests, and certificates. This guide shows how to create self-signed certificates. +The `community.crypto collection <https://galaxy.ansible.com/ui/repo/published/community/crypto/>`_ offers multiple modules that create private keys, certificate signing requests, and certificates. This guide shows how to create self-signed certificates. -For creating any kind of certificate, you always have to start with a private key. You can use the :ref:`community.crypto.openssl_privatekey module <ansible_collections.community.crypto.openssl_privatekey_module>` to create a private key. If you only specify ``path``, the default parameters will be used. This will result in a 4096 bit RSA private key: +For creating any kind of certificate, you always have to start with a private key. You can use the :ref:`community.crypto.openssl_privatekey module <ansible_collections.community.crypto.openssl_privatekey_module>` to create a private key. If you only specify :ansopt:`community.crypto.openssl_privatekey#module:path`, the default parameters will be used. This will result in a 4096 bit RSA private key: .. code-block:: yaml+jinja @@ -18,7 +18,7 @@ For creating any kind of certificate, you always have to start with a private ke community.crypto.openssl_privatekey: path: /path/to/certificate.key -You can specify ``type`` to select another key type, ``size`` to select a different key size (only available for RSA and DSA keys), or ``passphrase`` if you want to store the key password-protected: +You can specify :ansopt:`community.crypto.openssl_privatekey#module:type` to select another key type, :ansopt:`community.crypto.openssl_privatekey#module:size` to select a different key size (only available for RSA and DSA keys), or :ansopt:`community.crypto.openssl_privatekey#module:passphrase` if you want to store the key password-protected: .. code-block:: yaml+jinja @@ -38,9 +38,9 @@ To create a very simple self-signed certificate with no specific information, yo privatekey_path: /path/to/certificate.key provider: selfsigned -(If you used ``passphrase`` for the private key, you have to provide ``privatekey_passphrase``.) +(If you used :ansopt:`community.crypto.openssl_privatekey#module:passphrase` for the private key, you have to provide :ansopt:`community.crypto.x509_certificate#module:privatekey_passphrase`.) -You can use ``selfsigned_not_after`` to define when the certificate expires (default: in roughly 10 years), and ``selfsigned_not_before`` to define from when the certificate is valid (default: now). +You can use :ansopt:`community.crypto.x509_certificate#module:selfsigned_not_after` to define when the certificate expires (default: in roughly 10 years), and :ansopt:`community.crypto.x509_certificate#module:selfsigned_not_before` to define from when the certificate is valid (default: now). To define further properties of the certificate, like the subject, Subject Alternative Names (SANs), key usages, name constraints, etc., you need to first create a Certificate Signing Request (CSR) and provide it to the :ref:`community.crypto.x509_certificate module <ansible_collections.community.crypto.x509_certificate_module>`. If you do not need the CSR file, you can use the :ref:`community.crypto.openssl_csr_pipe module <ansible_collections.community.crypto.openssl_csr_pipe_module>` as in the example below. (To store it to disk, use the :ref:`community.crypto.openssl_csr module <ansible_collections.community.crypto.openssl_csr_module>` instead.) |