acme_* modules: support private key passprases (#207)

* Support private key passprases. * Use c.c modules for key generation, add first passphrase tests. * Some more passphrase tests.
2026-05-08 06:13:03 +00:00 · 2021-03-21 17:53:20 +01:00
parent 5d32937321
commit e85554827f
16 changed files with 190 additions and 64 deletions
--- a/plugins/module_utils/acme/backend_openssl_cli.py
+++ b/plugins/module_utils/acme/backend_openssl_cli.py
@@ -41,11 +41,13 @@ class OpenSSLCLIBackend(CryptoBackend):
            openssl_binary = module.get_bin_path('openssl', True)
        self.openssl_binary = openssl_binary

-    def parse_key(self, key_file=None, key_content=None):
+    def parse_key(self, key_file=None, key_content=None, passphrase=None):
        '''
        Parses an RSA or Elliptic Curve key file in PEM format and returns a pair
        (error, key_data).
        '''
+        if passphrase is not None:
+            return 'openssl backend does not support key passphrases', {}
        # If key_file isn't given, but key_content, write that to a temporary file
        if key_file is None:
            fd, tmpsrc = tempfile.mkstemp()