internet/community.crypto
3
0
Fork 0
mirror of https://github.com/ansible-collections/community.crypto.git synced 2026-05-08 14:22:56 +00:00
Code Issues Packages Projects Releases Wiki Activity

deploy: cb0137baca

Browse Source
This commit is contained in:
felixfontein
2026-04-17 05:33:54 +00:00
parent 9dd61ad5a8
commit 70a3b175b9
3 changed files with 10 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
branch/main/acme_certificate_module.html
View File

@@ -211,8 +211,8 @@ see <a class="reference internal" href="#ansible-collections-community-crypto-ac
<li><p>Between these two tasks you have to fulfill the required steps for the chosen challenge by whatever means necessary. For <code class="ansible-value docutils literal notranslate"><span class="pre">http-01</span></code> that means creating the necessary challenge file on the destination webserver. For <code class="ansible-value docutils literal notranslate"><span class="pre">dns-01</span></code>, <code class="ansible-value docutils literal notranslate"><span class="pre">dns-account-01</span></code>, and <code class="ansible-value docutils literal notranslate"><span class="pre">dns-persist-01</span></code> the necessary DNS records have to be created. For <code class="ansible-value docutils literal notranslate"><span class="pre">tls-alpn-01</span></code> the necessary certificate has to be created and served. It is <em>not</em> the responsibility of this module to perform these steps.</p></li>
<li><p>For details on how to fulfill these challenges, you might have to read through <a class="reference external" href="https://tools.ietf.org/html/rfc8555#section-8">the main ACME specification</a> and the <a class="reference external" href="https://www.rfc-editor.org/rfc/rfc8737.html#section-3">TLS-ALPN-01 specification</a>. Also, consider the examples provided for this module.</p></li>
<li><p>The module support for IP identifiers according to <a class="reference external" href="https://www.rfc-editor.org/rfc/rfc8738.html">RFC 8738</a>.</p></li>
<li><p>The module supports the <code class="ansible-value docutils literal notranslate"><span class="pre">dns-account-01</span></code> challenge type according to <a class="reference external" href="https://datatracker.ietf.org/doc/html/draft-ietf-acme-dns-account-label-02">acme-dns-account-label draft 02</a>. Note that the supported draft version can change at any time, and changes will only be considered breaking once the draft reached RFC status.</p></li>
<li><p>The module supports the <code class="ansible-value docutils literal notranslate"><span class="pre">dns-persist-01</span></code> challenge type according to <a class="reference external" href="https://www.ietf.org/archive/id/draft-ietf-acme-dns-persist-01.html">acme-dns-persist draft 01</a>. Note that the supported draft version can change at any time, and changes will only be considered breaking once the draft reached RFC status.</p></li>
<li><p>The module <strong>experimentally</strong> supports the <code class="ansible-value docutils literal notranslate"><span class="pre">dns-account-01</span></code> challenge type according to <a class="reference external" href="https://datatracker.ietf.org/doc/html/draft-ietf-acme-dns-account-label-02">acme-dns-account-label draft 02</a>. Note that the supported draft version can change at any time, and changes will only be considered breaking once the draft reached RFC status.</p></li>
<li><p>The module <strong>experimentally</strong> supports the <code class="ansible-value docutils literal notranslate"><span class="pre">dns-persist-01</span></code> challenge type according to <a class="reference external" href="https://www.ietf.org/archive/id/draft-ietf-acme-dns-persist-01.html">acme-dns-persist draft 01</a>. Note that the supported draft version can change at any time, and changes will only be considered breaking once the draft reached RFC status.</p></li>
</ul>
</section>
<section id="requirements">
@@ -994,6 +994,7 @@ If <code class="ansible-option docutils literal notranslate"><strong><a class="r
<td><div class="ansible-option-indent-desc"></div><div class="ansible-option-indent-desc"></div><div class="ansible-option-cell"><p>Data for every challenge type.</p>
<p>The keys in this dictionary are the challenge types. <code class="docutils literal notranslate"><span class="pre">challenge-type</span></code> is a placeholder used in the documentation. Possible keys are <code class="ansible-value docutils literal notranslate"><span class="pre">http-01</span></code>, <code class="ansible-value docutils literal notranslate"><span class="pre">dns-01</span></code>, <code class="ansible-value docutils literal notranslate"><span class="pre">dns-account-01</span></code>, <code class="ansible-value docutils literal notranslate"><span class="pre">dns-persist-01</span></code>, and <code class="ansible-value docutils literal notranslate"><span class="pre">tls-alpn-01</span></code>.</p>
<p>Note that the keys are not valid Jinja2 identifiers.</p>
<p><strong>Note</strong> that this return value for <code class="ansible-value docutils literal notranslate"><span class="pre">dns-account-01</span></code> and <code class="ansible-value docutils literal notranslate"><span class="pre">dns-persist-01</span></code> challenges is <strong>experimental</strong> and can change in a breaking way also in minor releases, until the acme-dns-account-label respectively the acme-dns-persist draft is in a more stable state.</p>
<p class="ansible-option-line"><strong class="ansible-option-returned-bold">Returned:</strong> changed</p>
</div></td>
</tr>
@@ -1002,6 +1003,7 @@ If <code class="ansible-option docutils literal notranslate"><strong><a class="r
<a class="ansibleOptionLink" href="#return-challenge_data/identifier/challenge-type/account_uri" title="Permalink to this return value"></a><p class="ansible-option-type-line"><span class="ansible-option-type">string</span></p>
</div></td>
<td><div class="ansible-option-indent-desc"></div><div class="ansible-option-indent-desc"></div><div class="ansible-option-indent-desc"></div><div class="ansible-option-cell"><p>The account URI that must be mentioned in the DNS TXT record.</p>
<p><strong>Note</strong> that the type of this return value might change in a breaking way also in minor releases, until the acme-dns-persist draft is in a more stable state. This challenge field is currently under discussion in the ACME WG.</p>
<p class="ansible-option-line"><strong class="ansible-option-returned-bold">Returned:</strong> changed and challenge is <code class="ansible-value docutils literal notranslate"><span class="pre">dns-persist-01</span></code></p>
<p class="ansible-option-line ansible-option-sample"><strong class="ansible-option-sample-bold">Sample:</strong> <code class="ansible-option-sample docutils literal notranslate"><span class="pre">&quot;https://ca.example/acct/123&quot;</span></code></p>
</div></td>