From 9160cf2f39c0d0b4ec15c5265f15b57b90de0333 Mon Sep 17 00:00:00 2001 From: felixfontein Date: Mon, 29 Apr 2024 20:24:01 +0000 Subject: [PATCH] deploy: afe7f7522c34a0b08199dac39501aa041ce5fc57 --- branch/main/acme_account_info_module.html | 2 +- branch/main/acme_account_module.html | 2 +- branch/main/acme_certificate_module.html | 2 +- branch/main/acme_certificate_revoke_module.html | 2 +- branch/main/acme_inspect_module.html | 2 +- 5 files changed, 5 insertions(+), 5 deletions(-) diff --git a/branch/main/acme_account_info_module.html b/branch/main/acme_account_info_module.html index b654bfec..8ce1df8b 100644 --- a/branch/main/acme_account_info_module.html +++ b/branch/main/acme_account_info_module.html @@ -393,9 +393,9 @@ see

  • The community.crypto.acme_account module allows to modify, create and delete ACME accounts.

  • This module was called acme_account_facts before Ansible 2.8. The usage did not change.

    • -

  • If a new enough version of the cryptography library is available (see Requirements for details), it will be used instead of the openssl binary. This can be explicitly disabled or enabled with the select_crypto_backend option. Note that using the openssl binary will be slower and less secure, as private key contents always have to be stored on disk (see account_key_content).

  • Although the defaults are chosen so that the module can be used with the Let’s Encrypt CA, the module can in principle be used with any CA providing an ACME endpoint, such as Buypass Go SSL.

  • So far, the ACME modules have only been tested by the developers against Let’s Encrypt (staging and production), Buypass (staging and production), ZeroSSL (production), and Pebble testing server. We have got community feedback that they also work with Sectigo ACME Service for InCommon. If you experience problems with another ACME server, please create an issue to help us supporting it. Feedback that an ACME server not mentioned does work is also appreciated.

    • +

  • If a new enough version of the cryptography library is available (see Requirements for details), it will be used instead of the openssl binary. This can be explicitly disabled or enabled with the select_crypto_backend option. Note that using the openssl binary will be slower and less secure, as private key contents always have to be stored on disk (see account_key_content).

    • diff --git a/branch/main/acme_account_module.html b/branch/main/acme_account_module.html index ae5636b2..a212c31d 100644 --- a/branch/main/acme_account_module.html +++ b/branch/main/acme_account_module.html @@ -493,9 +493,9 @@ see Note

     diff --git a/branch/main/acme_certificate_module.html b/branch/main/acme_certificate_module.html index 0ba93798..8c729621 100644 --- a/branch/main/acme_certificate_module.html +++ b/branch/main/acme_certificate_module.html @@ -621,9 +621,9 @@ see dest and fullchain_dest must be specified.

  • This module includes basic account management functionality. If you want to have more control over your ACME account, use the community.crypto.acme_account module and disable account management for this module using the modify_account option.

  • This module was called letsencrypt before Ansible 2.6. The usage did not change.

    • -

  • If a new enough version of the cryptography library is available (see Requirements for details), it will be used instead of the openssl binary. This can be explicitly disabled or enabled with the select_crypto_backend option. Note that using the openssl binary will be slower and less secure, as private key contents always have to be stored on disk (see account_key_content).

  • Although the defaults are chosen so that the module can be used with the Let’s Encrypt CA, the module can in principle be used with any CA providing an ACME endpoint, such as Buypass Go SSL.

  • So far, the ACME modules have only been tested by the developers against Let’s Encrypt (staging and production), Buypass (staging and production), ZeroSSL (production), and Pebble testing server. We have got community feedback that they also work with Sectigo ACME Service for InCommon. If you experience problems with another ACME server, please create an issue to help us supporting it. Feedback that an ACME server not mentioned does work is also appreciated.

    • +

  • If a new enough version of the cryptography library is available (see Requirements for details), it will be used instead of the openssl binary. This can be explicitly disabled or enabled with the select_crypto_backend option. Note that using the openssl binary will be slower and less secure, as private key contents always have to be stored on disk (see account_key_content).

    • diff --git a/branch/main/acme_certificate_revoke_module.html b/branch/main/acme_certificate_revoke_module.html index 69d2e75e..55a9149d 100644 --- a/branch/main/acme_certificate_revoke_module.html +++ b/branch/main/acme_certificate_revoke_module.html @@ -413,9 +413,9 @@ see

  • Exactly one of account_key_src, account_key_content, private_key_src, or private_key_content must be specified.

  • Trying to revoke an already revoked certificate should result in an unchanged status, even if the revocation reason was different than the one specified here. Also, depending on the server, it can happen that some other error is returned if the certificate has already been revoked.

    • -

  • If a new enough version of the cryptography library is available (see Requirements for details), it will be used instead of the openssl binary. This can be explicitly disabled or enabled with the select_crypto_backend option. Note that using the openssl binary will be slower and less secure, as private key contents always have to be stored on disk (see account_key_content).

  • Although the defaults are chosen so that the module can be used with the Let’s Encrypt CA, the module can in principle be used with any CA providing an ACME endpoint, such as Buypass Go SSL.

  • So far, the ACME modules have only been tested by the developers against Let’s Encrypt (staging and production), Buypass (staging and production), ZeroSSL (production), and Pebble testing server. We have got community feedback that they also work with Sectigo ACME Service for InCommon. If you experience problems with another ACME server, please create an issue to help us supporting it. Feedback that an ACME server not mentioned does work is also appreciated.

    • +

  • If a new enough version of the cryptography library is available (see Requirements for details), it will be used instead of the openssl binary. This can be explicitly disabled or enabled with the select_crypto_backend option. Note that using the openssl binary will be slower and less secure, as private key contents always have to be stored on disk (see account_key_content).

    • diff --git a/branch/main/acme_inspect_module.html b/branch/main/acme_inspect_module.html index 152c7e32..2ba3fb0e 100644 --- a/branch/main/acme_inspect_module.html +++ b/branch/main/acme_inspect_module.html @@ -420,9 +420,9 @@ see

  • The account_uri option must be specified for properly authenticated ACME v2 requests (except a new-account request).

  • Using the ansible tool, community.crypto.acme_inspect can be used to directly execute ACME requests without the need of writing a playbook. For example, the following command retrieves the ACME account with ID 1 from Let’s Encrypt (assuming /path/to/key is the correct private account key): ansible localhost -m acme_inspect -a "account_key_src=/path/to/key acme_directory=https://acme-v02.api.letsencrypt.org/directory acme_version=2 account_uri=https://acme-v02.api.letsencrypt.org/acme/acct/1 method=get url=https://acme-v02.api.letsencrypt.org/acme/acct/1"

    • -

  • If a new enough version of the cryptography library is available (see Requirements for details), it will be used instead of the openssl binary. This can be explicitly disabled or enabled with the select_crypto_backend option. Note that using the openssl binary will be slower and less secure, as private key contents always have to be stored on disk (see account_key_content).

  • Although the defaults are chosen so that the module can be used with the Let’s Encrypt CA, the module can in principle be used with any CA providing an ACME endpoint, such as Buypass Go SSL.

  • So far, the ACME modules have only been tested by the developers against Let’s Encrypt (staging and production), Buypass (staging and production), ZeroSSL (production), and Pebble testing server. We have got community feedback that they also work with Sectigo ACME Service for InCommon. If you experience problems with another ACME server, please create an issue to help us supporting it. Feedback that an ACME server not mentioned does work is also appreciated.

    • +

  • If a new enough version of the cryptography library is available (see Requirements for details), it will be used instead of the openssl binary. This can be explicitly disabled or enabled with the select_crypto_backend option. Note that using the openssl binary will be slower and less secure, as private key contents always have to be stored on disk (see account_key_content).