internet/community.crypto
3
0
Fork 0
mirror of https://github.com/ansible-collections/community.crypto.git synced 2026-05-06 21:33:00 +00:00
Code Issues Packages Projects Releases Wiki Activity

deploy: b1ae295fb7

Browse Source
This commit is contained in:
felixfontein
2026-03-29 18:50:44 +00:00
parent 768c68e083
commit 630dd8f818
6 changed files with 69 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
branch/main/acme_certificate_module.html
View File

@@ -204,11 +204,12 @@ see <a class="reference internal" href="#ansible-collections-community-crypto-ac
<section id="synopsis">
<h2><a class="toc-backref" href="#id1" role="doc-backlink">Synopsis</a><a class="headerlink" href="#synopsis" title="Link to this heading"></a></h2>
<ul class="simple">
<li><p>Create and renew SSL/TLS certificates with a CA supporting the <a class="reference external" href="https://tools.ietf.org/html/rfc8555">ACME protocol</a>, such as <a class="reference external" href="https://letsencrypt.org/">Lets Encrypt</a>. The current implementation supports the <code class="ansible-value docutils literal notranslate"><span class="pre">http-01</span></code>, <code class="ansible-value docutils literal notranslate"><span class="pre">dns-01</span></code> and <code class="ansible-value docutils literal notranslate"><span class="pre">tls-alpn-01</span></code> challenges.</p></li>
<li><p>Create and renew SSL/TLS certificates with a CA supporting the <a class="reference external" href="https://tools.ietf.org/html/rfc8555">ACME protocol</a>, such as <a class="reference external" href="https://letsencrypt.org/">Lets Encrypt</a>. The current implementation supports the <code class="ansible-value docutils literal notranslate"><span class="pre">http-01</span></code>, <code class="ansible-value docutils literal notranslate"><span class="pre">dns-01</span></code>, <code class="ansible-value docutils literal notranslate"><span class="pre">dns-account-01</span></code> and <code class="ansible-value docutils literal notranslate"><span class="pre">tls-alpn-01</span></code> challenges.</p></li>
<li><p>To use this module, it has to be executed twice. Either as two different tasks in the same run or during two runs. Note that the output of the first run needs to be recorded and passed to the second run as the module argument <code class="ansible-option docutils literal notranslate"><strong><a class="reference internal" href="#ansible-collections-community-crypto-acme-certificate-module-parameter-data"><span class="std std-ref"><span class="pre">data</span></span></a></strong></code>.</p></li>
<li><p>Between these two tasks you have to fulfill the required steps for the chosen challenge by whatever means necessary. For <code class="ansible-value docutils literal notranslate"><span class="pre">http-01</span></code> that means creating the necessary challenge file on the destination webserver. For <code class="ansible-value docutils literal notranslate"><span class="pre">dns-01</span></code> the necessary DNS record has to be created. For <code class="ansible-value docutils literal notranslate"><span class="pre">tls-alpn-01</span></code> the necessary certificate has to be created and served. It is <em>not</em> the responsibility of this module to perform these steps.</p></li>
<li><p>Between these two tasks you have to fulfill the required steps for the chosen challenge by whatever means necessary. For <code class="ansible-value docutils literal notranslate"><span class="pre">http-01</span></code> that means creating the necessary challenge file on the destination webserver. For <code class="ansible-value docutils literal notranslate"><span class="pre">dns-01</span></code> and <code class="ansible-value docutils literal notranslate"><span class="pre">dns-account-01</span></code> the necessary DNS records have to be created. For <code class="ansible-value docutils literal notranslate"><span class="pre">tls-alpn-01</span></code> the necessary certificate has to be created and served. It is <em>not</em> the responsibility of this module to perform these steps.</p></li>
<li><p>For details on how to fulfill these challenges, you might have to read through <a class="reference external" href="https://tools.ietf.org/html/rfc8555#section-8">the main ACME specification</a> and the <a class="reference external" href="https://www.rfc-editor.org/rfc/rfc8737.html#section-3">TLS-ALPN-01 specification</a>. Also, consider the examples provided for this module.</p></li>
<li><p>The module includes experimental support for IP identifiers according to the <a class="reference external" href="https://www.rfc-editor.org/rfc/rfc8738.html">RFC 8738</a>.</p></li>
<li><p>The module support for IP identifiers according to <a class="reference external" href="https://www.rfc-editor.org/rfc/rfc8738.html">RFC 8738</a>.</p></li>
<li><p>The module supports the <code class="ansible-value docutils literal notranslate"><span class="pre">dns-account-01</span></code> challenge type according to <a class="reference external" href="https://datatracker.ietf.org/doc/html/draft-ietf-acme-dns-account-label-02">acme-dns-account-label draft 02</a>.</p></li>
</ul>
</section>
<section id="requirements">
@@ -329,10 +330,12 @@ see <a class="reference internal" href="#ansible-collections-community-crypto-ac
</div></td>
<td><div class="ansible-option-cell"><p>The challenge to be performed.</p>
<p>If set to <code class="ansible-value docutils literal notranslate"><span class="pre">no</span> <span class="pre">challenge</span></code>, no challenge will be used. This is necessary for some private CAs which use External Account Binding and other means of validating certificate assurance. For example, an account could be allowed to issue certificates for <code class="docutils literal notranslate"><span class="pre">foo.example.com</span></code> without any further validation for a certain period of time.</p>
<p>Support for <code class="ansible-value docutils literal notranslate"><span class="pre">dns-account-01</span></code> has been added in community.crypto 3.2.0.</p>
<p class="ansible-option-line"><strong class="ansible-option-choices">Choices:</strong></p>
<ul class="simple">
<li><p><code class="ansible-option-default-bold docutils literal notranslate"><strong><span class="pre">&quot;http-01&quot;</span></strong></code> <span class="ansible-option-choices-default-mark">← (default)</span></p></li>
<li><p><code class="ansible-option-choices-entry docutils literal notranslate"><span class="pre">&quot;dns-01&quot;</span></code></p></li>
<li><p><code class="ansible-option-choices-entry docutils literal notranslate"><span class="pre">&quot;dns-account-01&quot;</span></code></p></li>
<li><p><code class="ansible-option-choices-entry docutils literal notranslate"><span class="pre">&quot;tls-alpn-01&quot;</span></code></p></li>
<li><p><code class="ansible-option-choices-entry docutils literal notranslate"><span class="pre">&quot;no</span> <span class="pre">challenge&quot;</span></code></p></li>
</ul>
@@ -495,7 +498,7 @@ If <code class="ansible-option docutils literal notranslate"><strong><a class="r
<p><em class="ansible-option-versionadded">added in community.crypto 2.24.0</em></p>
</div></td>
<td><div class="ansible-option-cell"><p>Chose a specific profile for certificate selection. The available profiles depend on the CA.</p>
<p>See <a class="reference external" href="https://letsencrypt.org/2025/01/09/acme-profiles/">a blog post by Lets Encrypt</a> and <a class="reference external" href="https://datatracker.ietf.org/doc/draft-aaron-acme-profiles/">draft-aaron-acme-profiles-00</a> for more information.</p>
<p>See <a class="reference external" href="https://letsencrypt.org/2025/01/09/acme-profiles/">a blog post by Lets Encrypt</a> and <a class="reference external" href="https://datatracker.ietf.org/doc/draft-aaron-acme-profiles/">draft-aaron-acme-profiles-01</a> for more information.</p>
</div></td>
</tr>
<tr class="row-even"><td><div class="ansible-option-cell">
@@ -985,7 +988,7 @@ If <code class="ansible-option docutils literal notranslate"><strong><a class="r
<a class="ansibleOptionLink" href="#return-challenge_data/identifier/challenge-type" title="Permalink to this return value"></a><p class="ansible-option-type-line"><span class="ansible-option-type">dictionary</span></p>
</div></td>
<td><div class="ansible-option-indent-desc"></div><div class="ansible-option-indent-desc"></div><div class="ansible-option-cell"><p>Data for every challenge type.</p>
<p>The keys in this dictionary are the challenge types. <code class="docutils literal notranslate"><span class="pre">challenge-type</span></code> is a placeholder used in the documentation. Possible keys are <code class="ansible-value docutils literal notranslate"><span class="pre">http-01</span></code>, <code class="ansible-value docutils literal notranslate"><span class="pre">dns-01</span></code>, and <code class="ansible-value docutils literal notranslate"><span class="pre">tls-alpn-01</span></code>.</p>
<p>The keys in this dictionary are the challenge types. <code class="docutils literal notranslate"><span class="pre">challenge-type</span></code> is a placeholder used in the documentation. Possible keys are <code class="ansible-value docutils literal notranslate"><span class="pre">http-01</span></code>, <code class="ansible-value docutils literal notranslate"><span class="pre">dns-01</span></code>, <code class="ansible-value docutils literal notranslate"><span class="pre">dns-account-01</span></code>, and <code class="ansible-value docutils literal notranslate"><span class="pre">tls-alpn-01</span></code>.</p>
<p>Note that the keys are not valid Jinja2 identifiers.</p>
<p class="ansible-option-line"><strong class="ansible-option-returned-bold">Returned:</strong> changed</p>
</div></td>
@@ -995,7 +998,7 @@ If <code class="ansible-option docutils literal notranslate"><strong><a class="r
<a class="ansibleOptionLink" href="#return-challenge_data/identifier/challenge-type/record" title="Permalink to this return value"></a><p class="ansible-option-type-line"><span class="ansible-option-type">string</span></p>
</div></td>
<td><div class="ansible-option-indent-desc"></div><div class="ansible-option-indent-desc"></div><div class="ansible-option-indent-desc"></div><div class="ansible-option-cell"><p>The full DNS records name for the challenge.</p>
<p class="ansible-option-line"><strong class="ansible-option-returned-bold">Returned:</strong> changed and challenge is <code class="ansible-value docutils literal notranslate"><span class="pre">dns-01</span></code></p>
<p class="ansible-option-line"><strong class="ansible-option-returned-bold">Returned:</strong> changed and challenge is <code class="ansible-value docutils literal notranslate"><span class="pre">dns-01</span></code> or <code class="ansible-value docutils literal notranslate"><span class="pre">dns-account-01</span></code></p>
<p class="ansible-option-line ansible-option-sample"><strong class="ansible-option-sample-bold">Sample:</strong> <code class="ansible-option-sample docutils literal notranslate"><span class="pre">&quot;_acme-challenge.example.com&quot;</span></code></p>
</div></td>
</tr>
@@ -1022,7 +1025,7 @@ If <code class="ansible-option docutils literal notranslate"><strong><a class="r
<a class="ansibleOptionLink" href="#return-challenge_data/identifier/challenge-type/resource_value" title="Permalink to this return value"></a><p class="ansible-option-type-line"><span class="ansible-option-type">string</span></p>
</div></td>
<td><div class="ansible-option-indent-desc"></div><div class="ansible-option-indent-desc"></div><div class="ansible-option-indent-desc"></div><div class="ansible-option-cell"><p>The value the resource has to produce for the validation.</p>
<p>For <code class="ansible-value docutils literal notranslate"><span class="pre">http-01</span></code> and <code class="ansible-value docutils literal notranslate"><span class="pre">dns-01</span></code> challenges, the value can be used as-is.</p>
<p>For <code class="ansible-value docutils literal notranslate"><span class="pre">http-01</span></code>, <code class="ansible-value docutils literal notranslate"><span class="pre">dns-01</span></code>, and <code class="ansible-value docutils literal notranslate"><span class="pre">dns-account-01</span></code> challenges, the value can be used as-is.</p>
<p>For <code class="ansible-value docutils literal notranslate"><span class="pre">tls-alpn-01</span></code> challenges, note that this return value contains a Base64 encoded version of the correct binary blob which has to be put into the acmeValidation x509 extension; see <a class="reference external" href="https://www.rfc-editor.org/rfc/rfc8737.html#section-3">https://www.rfc-editor.org/rfc/rfc8737.html#section-3</a> for details. To do this, you might need the <a class="reference external" href="https://docs.ansible.com/projects/ansible/devel/collections/ansible/builtin/b64decode_filter.html#ansible-collections-ansible-builtin-b64decode-filter" title="(in Ansible devel)"><span class="xref std std-ref">ansible.builtin.b64decode</span></a> Jinja filter to extract the binary blob from this return value.</p>
<p class="ansible-option-line"><strong class="ansible-option-returned-bold">Returned:</strong> changed</p>
<p class="ansible-option-line ansible-option-sample"><strong class="ansible-option-sample-bold">Sample:</strong> <code class="ansible-option-sample docutils literal notranslate"><span class="pre">&quot;IlirfxKKXA...17Dt3juxGJ-PCt92wr-oA&quot;</span></code></p>
@@ -1032,7 +1035,7 @@ If <code class="ansible-option docutils literal notranslate"><strong><a class="r
<div class="ansibleOptionAnchor" id="return-challenge_data_dns"></div><p class="ansible-option-title" id="ansible-collections-community-crypto-acme-certificate-module-return-challenge-data-dns"><strong>challenge_data_dns</strong></p>
<a class="ansibleOptionLink" href="#return-challenge_data_dns" title="Permalink to this return value"></a><p class="ansible-option-type-line"><span class="ansible-option-type">dictionary</span></p>
</div></td>
<td><div class="ansible-option-cell"><p>List of TXT values per DNS record, in case challenge is <code class="ansible-value docutils literal notranslate"><span class="pre">dns-01</span></code>.</p>
<td><div class="ansible-option-cell"><p>List of TXT values per DNS record, in case challenge is <code class="ansible-value docutils literal notranslate"><span class="pre">dns-01</span></code> or <code class="ansible-value docutils literal notranslate"><span class="pre">dns-account-01</span></code>.</p>
<p>Since Ansible 2.8.5, only challenges which are not yet valid are returned.</p>
<p class="ansible-option-line"><strong class="ansible-option-returned-bold">Returned:</strong> changed</p>
</div></td>

56
branch/main/acme_certificate_order_create_module.html
View File

@@ -206,12 +206,13 @@ see <a class="reference internal" href="#ansible-collections-community-crypto-ac
<h2><a class="toc-backref" href="#id1" role="doc-backlink">Synopsis</a><a class="headerlink" href="#synopsis" title="Link to this heading"></a></h2>
<ul class="simple">
<li><p>Creates an ACME v2 order. This is the first step of obtaining a new certificate with the <a class="reference external" href="https://tools.ietf.org/html/rfc8555">ACME protocol</a> from a Certificate Authority such as <a class="reference external" href="https://letsencrypt.org/">Lets Encrypt</a>. This module does not support ACME v1, the original version of the ACME protocol before standardization.</p></li>
<li><p>The current implementation supports the <code class="ansible-value docutils literal notranslate"><span class="pre">http-01</span></code>, <code class="ansible-value docutils literal notranslate"><span class="pre">dns-01</span></code> and <code class="ansible-value docutils literal notranslate"><span class="pre">tls-alpn-01</span></code> challenges.</p></li>
<li><p>The current implementation supports the <code class="ansible-value docutils literal notranslate"><span class="pre">http-01</span></code>, <code class="ansible-value docutils literal notranslate"><span class="pre">dns-01</span></code>, <code class="ansible-value docutils literal notranslate"><span class="pre">dns-account-01</span></code>, and <code class="ansible-value docutils literal notranslate"><span class="pre">tls-alpn-01</span></code> challenges.</p></li>
<li><p>This module needs to be used in conjunction with the <a class="reference internal" href="acme_certificate_order_validate_module.html#ansible-collections-community-crypto-acme-certificate-order-validate-module"><span class="std std-ref">community.crypto.acme_certificate_order_validate</span></a> and. <a class="reference internal" href="acme_certificate_order_finalize_module.html#ansible-collections-community-crypto-acme-certificate-order-finalize-module"><span class="std std-ref">community.crypto.acme_certificate_order_finalize</span></a> module. An order can be effectively deactivated with the <a class="reference internal" href="acme_certificate_deactivate_authz_module.html#ansible-collections-community-crypto-acme-certificate-deactivate-authz-module"><span class="std std-ref">community.crypto.acme_certificate_deactivate_authz</span></a> module. Note that both modules require the output <code class="ansible-return-value docutils literal notranslate"><a class="reference internal" href="#ansible-collections-community-crypto-acme-certificate-order-create-module-return-order-uri"><span class="std std-ref"><span class="pre">order_uri</span></span></a></code> of this module.</p></li>
<li><p>To create or modify ACME accounts, use the <a class="reference internal" href="acme_account_module.html#ansible-collections-community-crypto-acme-account-module"><span class="std std-ref">community.crypto.acme_account</span></a> module. This module will <em>not</em> create or update ACME accounts.</p></li>
<li><p>Between the call of this module and <a class="reference internal" href="acme_certificate_order_finalize_module.html#ansible-collections-community-crypto-acme-certificate-order-finalize-module"><span class="std std-ref">community.crypto.acme_certificate_order_finalize</span></a>, you have to fulfill the required steps for the chosen challenge by whatever means necessary. For <code class="ansible-value docutils literal notranslate"><span class="pre">http-01</span></code> that means creating the necessary challenge file on the destination webserver. For <code class="ansible-value docutils literal notranslate"><span class="pre">dns-01</span></code> the necessary dns record has to be created. For <code class="ansible-value docutils literal notranslate"><span class="pre">tls-alpn-01</span></code> the necessary certificate has to be created and served. It is <em>not</em> the responsibility of this module to perform these steps.</p></li>
<li><p>Between the call of this module and <a class="reference internal" href="acme_certificate_order_finalize_module.html#ansible-collections-community-crypto-acme-certificate-order-finalize-module"><span class="std std-ref">community.crypto.acme_certificate_order_finalize</span></a>, you have to fulfill the required steps for the chosen challenge by whatever means necessary. For <code class="ansible-value docutils literal notranslate"><span class="pre">http-01</span></code> that means creating the necessary challenge file on the destination webserver. For <code class="ansible-value docutils literal notranslate"><span class="pre">dns-01</span></code> and <code class="ansible-value docutils literal notranslate"><span class="pre">dns-account-01</span></code> the necessary DNS records have to be created. For <code class="ansible-value docutils literal notranslate"><span class="pre">tls-alpn-01</span></code> the necessary certificate has to be created and served. It is <em>not</em> the responsibility of this module to perform these steps.</p></li>
<li><p>For details on how to fulfill these challenges, you might have to read through <a class="reference external" href="https://tools.ietf.org/html/rfc8555#section-8">the main ACME specification</a> and the <a class="reference external" href="https://www.rfc-editor.org/rfc/rfc8737.html#section-3">TLS-ALPN-01 specification</a>. Also, consider the examples provided for this module.</p></li>
<li><p>The module includes support for IP identifiers according to the <a class="reference external" href="https://www.rfc-editor.org/rfc/rfc8738.html">RFC 8738</a> ACME extension.</p></li>
<li><p>The module includes support for IP identifiers according to <a class="reference external" href="https://www.rfc-editor.org/rfc/rfc8738.html">RFC 8738</a> ACME extension.</p></li>
<li><p>The module supports the <code class="ansible-value docutils literal notranslate"><span class="pre">dns-account-01</span></code> challenge type according to <a class="reference external" href="https://datatracker.ietf.org/doc/html/draft-ietf-acme-dns-account-label-02">acme-dns-account-label draft 02</a>.</p></li>
</ul>
</section>
<section id="requirements">
@@ -369,7 +370,7 @@ If <code class="ansible-option docutils literal notranslate"><strong><a class="r
<a class="ansibleOptionLink" href="#parameter-profile" title="Permalink to this option"></a><p class="ansible-option-type-line"><span class="ansible-option-type">string</span></p>
</div></td>
<td><div class="ansible-option-cell"><p>Chose a specific profile for certificate selection. The available profiles depend on the CA.</p>
<p>See <a class="reference external" href="https://letsencrypt.org/2025/01/09/acme-profiles/">a blog post by Lets Encrypt</a> and <a class="reference external" href="https://datatracker.ietf.org/doc/draft-aaron-acme-profiles/">draft-aaron-acme-profiles-00</a> for more information.</p>
<p>See <a class="reference external" href="https://letsencrypt.org/2025/01/09/acme-profiles/">a blog post by Lets Encrypt</a> and <a class="reference external" href="https://datatracker.ietf.org/doc/draft-aaron-acme-profiles/">draft-aaron-acme-profiles-01</a> for more information.</p>
</div></td>
</tr>
<tr class="row-even"><td><div class="ansible-option-cell">
@@ -686,6 +687,43 @@ If <code class="ansible-option docutils literal notranslate"><strong><a class="r
</div></td>
</tr>
<tr class="row-odd"><td><div class="ansible-option-indent"></div><div class="ansible-option-indent"></div><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="return-challenge_data/challenges/dns-account-01"></div><p class="ansible-option-title" id="ansible-collections-community-crypto-acme-certificate-order-create-module-return-challenge-data-challenges-dns-account-01"><strong>dns-account-01</strong></p>
<a class="ansibleOptionLink" href="#return-challenge_data/challenges/dns-account-01" title="Permalink to this return value"></a><p class="ansible-option-type-line"><span class="ansible-option-type">dictionary</span></p>
<p><em class="ansible-option-versionadded">added in community.crypto 3.2.0</em></p>
</div></td>
<td><div class="ansible-option-indent-desc"></div><div class="ansible-option-indent-desc"></div><div class="ansible-option-cell"><p>Information for <code class="ansible-value docutils literal notranslate"><span class="pre">dns-account-01</span></code> authorization.</p>
<p>A DNS TXT record needs to be created with the record name <code class="ansible-return-value docutils literal notranslate"><a class="reference internal" href="#ansible-collections-community-crypto-acme-certificate-order-create-module-return-challenge-data-challenges-dns-01-record"><span class="std std-ref"><span class="pre">challenge_data[].challenges.dns-01.record</span></span></a></code> and value <code class="ansible-return-value docutils literal notranslate"><a class="reference internal" href="#ansible-collections-community-crypto-acme-certificate-order-create-module-return-challenge-data-challenges-dns-01-resource-value"><span class="std std-ref"><span class="pre">challenge_data[].challenges.dns-01.resource_value</span></span></a></code>.</p>
<p class="ansible-option-line"><strong class="ansible-option-returned-bold">Returned:</strong> if the identifier supports <code class="ansible-value docutils literal notranslate"><span class="pre">dns-account-01</span></code> authorization</p>
</div></td>
</tr>
<tr class="row-even"><td><div class="ansible-option-indent"></div><div class="ansible-option-indent"></div><div class="ansible-option-indent"></div><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="return-challenge_data/challenges/dns-account-01/record"></div><p class="ansible-option-title" id="ansible-collections-community-crypto-acme-certificate-order-create-module-return-challenge-data-challenges-dns-account-01-record"><strong>record</strong></p>
<a class="ansibleOptionLink" href="#return-challenge_data/challenges/dns-account-01/record" title="Permalink to this return value"></a><p class="ansible-option-type-line"><span class="ansible-option-type">string</span></p>
</div></td>
<td><div class="ansible-option-indent-desc"></div><div class="ansible-option-indent-desc"></div><div class="ansible-option-indent-desc"></div><div class="ansible-option-cell"><p>The full DNS records name for the challenge.</p>
<p class="ansible-option-line"><strong class="ansible-option-returned-bold">Returned:</strong> success</p>
<p class="ansible-option-line ansible-option-sample"><strong class="ansible-option-sample-bold">Sample:</strong> <code class="ansible-option-sample docutils literal notranslate"><span class="pre">&quot;_ujmmovf2vn55tgye._acme-challenge.example.com&quot;</span></code></p>
</div></td>
</tr>
<tr class="row-odd"><td><div class="ansible-option-indent"></div><div class="ansible-option-indent"></div><div class="ansible-option-indent"></div><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="return-challenge_data/challenges/dns-account-01/resource"></div><p class="ansible-option-title" id="ansible-collections-community-crypto-acme-certificate-order-create-module-return-challenge-data-challenges-dns-account-01-resource"><strong>resource</strong></p>
<a class="ansibleOptionLink" href="#return-challenge_data/challenges/dns-account-01/resource" title="Permalink to this return value"></a><p class="ansible-option-type-line"><span class="ansible-option-type">string</span></p>
</div></td>
<td><div class="ansible-option-indent-desc"></div><div class="ansible-option-indent-desc"></div><div class="ansible-option-indent-desc"></div><div class="ansible-option-cell"><p>Always ends with the string <code class="ansible-value docutils literal notranslate"><span class="pre">._acme-challenge</span></code>.</p>
<p class="ansible-option-line"><strong class="ansible-option-returned-bold">Returned:</strong> success</p>
<p class="ansible-option-line ansible-option-sample"><strong class="ansible-option-sample-bold">Sample:</strong> <code class="ansible-option-sample docutils literal notranslate"><span class="pre">&quot;_ujmmovf2vn55tgye._acme-challenge&quot;</span></code></p>
</div></td>
</tr>
<tr class="row-even"><td><div class="ansible-option-indent"></div><div class="ansible-option-indent"></div><div class="ansible-option-indent"></div><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="return-challenge_data/challenges/dns-account-01/resource_value"></div><p class="ansible-option-title" id="ansible-collections-community-crypto-acme-certificate-order-create-module-return-challenge-data-challenges-dns-account-01-resource-value"><strong>resource_value</strong></p>
<a class="ansibleOptionLink" href="#return-challenge_data/challenges/dns-account-01/resource_value" title="Permalink to this return value"></a><p class="ansible-option-type-line"><span class="ansible-option-type">string</span></p>
</div></td>
<td><div class="ansible-option-indent-desc"></div><div class="ansible-option-indent-desc"></div><div class="ansible-option-indent-desc"></div><div class="ansible-option-cell"><p>The value the resource has to produce for the validation.</p>
<p class="ansible-option-line"><strong class="ansible-option-returned-bold">Returned:</strong> success</p>
<p class="ansible-option-line ansible-option-sample"><strong class="ansible-option-sample-bold">Sample:</strong> <code class="ansible-option-sample docutils literal notranslate"><span class="pre">&quot;IlirfxKKXA...17Dt3juxGJ-PCt92wr-oA&quot;</span></code></p>
</div></td>
</tr>
<tr class="row-odd"><td><div class="ansible-option-indent"></div><div class="ansible-option-indent"></div><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="return-challenge_data/challenges/http-01"></div><p class="ansible-option-title" id="ansible-collections-community-crypto-acme-certificate-order-create-module-return-challenge-data-challenges-http-01"><strong>http-01</strong></p>
<a class="ansibleOptionLink" href="#return-challenge_data/challenges/http-01" title="Permalink to this return value"></a><p class="ansible-option-type-line"><span class="ansible-option-type">dictionary</span></p>
</div></td>
@@ -784,6 +822,16 @@ If <code class="ansible-option docutils literal notranslate"><strong><a class="r
</div></td>
</tr>
<tr class="row-odd"><td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="return-challenge_data_dns_account"></div><p class="ansible-option-title" id="ansible-collections-community-crypto-acme-certificate-order-create-module-return-challenge-data-dns-account"><strong>challenge_data_dns_account</strong></p>
<a class="ansibleOptionLink" href="#return-challenge_data_dns_account" title="Permalink to this return value"></a><p class="ansible-option-type-line"><span class="ansible-option-type">dictionary</span></p>
<p><em class="ansible-option-versionadded">added in community.crypto 3.2.0</em></p>
</div></td>
<td><div class="ansible-option-cell"><p>List of TXT values per DNS record for <code class="ansible-value docutils literal notranslate"><span class="pre">dns-account-01</span></code> challenges.</p>
<p>Only challenges which are not yet valid are returned.</p>
<p class="ansible-option-line"><strong class="ansible-option-returned-bold">Returned:</strong> success</p>
</div></td>
</tr>
<tr class="row-even"><td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="return-order_uri"></div><p class="ansible-option-title" id="ansible-collections-community-crypto-acme-certificate-order-create-module-return-order-uri"><strong>order_uri</strong></p>
<a class="ansibleOptionLink" href="#return-order_uri" title="Permalink to this return value"></a><p class="ansible-option-type-line"><span class="ansible-option-type">string</span></p>
</div></td>

3
branch/main/acme_certificate_order_info_module.html
View File

@@ -207,6 +207,7 @@ see <a class="reference internal" href="#ansible-collections-community-crypto-ac
<ul class="simple">
<li><p>Obtain information for an ACME v2 order. This can be used during the process of obtaining a new certificate with the <a class="reference external" href="https://tools.ietf.org/html/rfc8555">ACME protocol</a> from a Certificate Authority such as <a class="reference external" href="https://letsencrypt.org/">Lets Encrypt</a>. This module does not support ACME v1, the original version of the ACME protocol before standardization.</p></li>
<li><p>This module needs to be used in conjunction with the <a class="reference internal" href="acme_certificate_order_create_module.html#ansible-collections-community-crypto-acme-certificate-order-create-module"><span class="std std-ref">community.crypto.acme_certificate_order_create</span></a>, <a class="reference internal" href="acme_certificate_order_validate_module.html#ansible-collections-community-crypto-acme-certificate-order-validate-module"><span class="std std-ref">community.crypto.acme_certificate_order_validate</span></a>, and <a class="reference internal" href="acme_certificate_order_finalize_module.html#ansible-collections-community-crypto-acme-certificate-order-finalize-module"><span class="std std-ref">community.crypto.acme_certificate_order_finalize</span></a> modules.</p></li>
<li><p>The module supports the <code class="ansible-value docutils literal notranslate"><span class="pre">dns-account-01</span></code> challenge type according to <a class="reference external" href="https://datatracker.ietf.org/doc/html/draft-ietf-acme-dns-account-label-02">acme-dns-account-label draft 02</a>.</p></li>
</ul>
</section>
<section id="requirements">
@@ -523,11 +524,13 @@ see <a class="reference internal" href="#ansible-collections-community-crypto-ac
<a class="ansibleOptionLink" href="#return-authorizations_by_identifier/identifier/challenges/type" title="Permalink to this return value"></a><p class="ansible-option-type-line"><span class="ansible-option-type">string</span></p>
</div></td>
<td><div class="ansible-option-indent-desc"></div><div class="ansible-option-indent-desc"></div><div class="ansible-option-indent-desc"></div><div class="ansible-option-cell"><p>The type of challenge encoded in the object.</p>
<p>Support for <code class="ansible-value docutils literal notranslate"><span class="pre">dns-account-01</span></code> has been added in community.crypto 3.2.0.</p>
<p class="ansible-option-line"><strong class="ansible-option-returned-bold">Returned:</strong> always</p>
<p class="ansible-option-line"><strong class="ansible-option-choices">Can only return:</strong></p>
<ul class="simple">
<li><p><code class="ansible-option-choices-entry docutils literal notranslate"><span class="pre">&quot;http-01&quot;</span></code></p></li>
<li><p><code class="ansible-option-choices-entry docutils literal notranslate"><span class="pre">&quot;dns-01&quot;</span></code></p></li>
<li><p><code class="ansible-option-choices-entry docutils literal notranslate"><span class="pre">&quot;dns-account-01&quot;</span></code></p></li>
<li><p><code class="ansible-option-choices-entry docutils literal notranslate"><span class="pre">&quot;tls-alpn-01&quot;</span></code></p></li>
</ul>
</div></td>

2
branch/main/acme_certificate_order_validate_module.html
View File

@@ -301,10 +301,12 @@ see <a class="reference internal" href="#ansible-collections-community-crypto-ac
<td><div class="ansible-option-cell"><p>The challenge to be performed for every pending authorization.</p>
<p>Must be provided if there is at least one pending authorization.</p>
<p>In case of authorization reuse, or in case of CAs which use External Account Binding and other means of validating certificate assurance, it might not be necessary to provide this option.</p>
<p>Support for <code class="ansible-value docutils literal notranslate"><span class="pre">dns-account-01</span></code> has been added in community.crypto 3.2.0.</p>
<p class="ansible-option-line"><strong class="ansible-option-choices">Choices:</strong></p>
<ul class="simple">
<li><p><code class="ansible-option-choices-entry docutils literal notranslate"><span class="pre">&quot;http-01&quot;</span></code></p></li>
<li><p><code class="ansible-option-choices-entry docutils literal notranslate"><span class="pre">&quot;dns-01&quot;</span></code></p></li>
<li><p><code class="ansible-option-choices-entry docutils literal notranslate"><span class="pre">&quot;dns-account-01&quot;</span></code></p></li>
<li><p><code class="ansible-option-choices-entry docutils literal notranslate"><span class="pre">&quot;tls-alpn-01&quot;</span></code></p></li>
</ul>
</div></td>

BIN
branch/main/objects.inv
View File

Binary file not shown.

2
branch/main/searchindex.js
View File

File diff suppressed because one or more lines are too long