Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support setting custom CA bundle for httpapi connection plugin #528

Closed
hellt opened this issue Mar 21, 2023 Discussed in #527 · 0 comments · Fixed by #545
Closed

Support setting custom CA bundle for httpapi connection plugin #528

hellt opened this issue Mar 21, 2023 Discussed in #527 · 0 comments · Fixed by #545
Assignees
@Qalthos

Comments

@hellt
Copy link

hellt commented Mar 21, 2023
edited
Loading

Hi all, this feature request is about adding an option for the httpapi connection plugin that allows users to provide a path to the CA certificate which is used to validate the target's certificate.

For reference, URI module has ca_path attribute that enables that functionality - https://docs.ansible.com/ansible/6/collections/ansible/builtin/uri_module.html#parameter-ca_path

Discussed in #527

Originally posted by hellt March 21, 2023
Hi all,

for an httpapi connection plugin is there a way to specify a path to the ca.pem file to validate client certificate?
I see options to use_ssl and ansible_httpapi_validate_certs, but nothing that enables me to set a path to a custom CA file to validate certs.

With curl this looks like:

curl -s --cacert ./clab-srl01/ca/root/root-ca.pem https://...
@hellt hellt changed the title Support setting custom CA bundle for httpapi connection plugin Support setting custom CA bundle for httpapi connection plugin Mar 21, 2023
@Qalthos Qalthos self-assigned this Mar 22, 2023
@Qalthos Qalthos mentioned this issue May 19, 2023
Merged
netbsd-srcmastr pushed a commit to NetBSD/pkgsrc that referenced this issue Sep 18, 2023
ansible: updated to 8.4.0
047cd54 
v8.4.0

Major Changes
-------------

fortinet.fortios

- Improve the document for adding notes and examples in Q&A for modules using Integer number as the mkey.

Minor Changes
-------------

amazon.aws

- cloudformation - Add support for ``disable_rollback`` to update stack operation (ansible-collections/amazon.aws#1681).
- ec2_key - add support for new parameter ``file_name`` to save private key in when new key is created by AWS. When this option is provided the generated private key will be removed from the module return (ansible-collections/amazon.aws#1704).

ansible.netcommon

- Add a new cliconf plugin ``default`` that can be used when no cliconf plugin is found for a given network_os. This plugin only supports ``get()``. (ansible-collections/ansible.netcommon#569)
- httpapi - Add additional option ``ca_path``, ``client_cert``, ``client_key``, and ``http_agent`` that are available in open_url but not to httpapi. (ansible-collections/ansible.netcommon#528)
- telnet - add crlf option to send CRLF instead of just LF (ansible-collections/ansible.netcommon#440).

ansible.utils

- Add ipcut filter plugin.(ansible-collections/ansible.utils#251)
- Add ipv6form filter plugin.(ansible-collections/ansible.utils#230)

arista.eos

- Add support for overridden operation in bgp_global resource module.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@Qalthos Qalthos

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Add new options to httpapi connection Qalthos/ansible.netcommon
2 participants
@Qalthos @hellt