thalesgroup.ciphertrust.cte_signature_set module – Create and manage CTE Signature Sets
Note
This module is part of the thalesgroup.ciphertrust collection (version 1.0.0).
To install it, use: ansible-galaxy collection install thalesgroup.ciphertrust
.
To use it in a playbook, specify: thalesgroup.ciphertrust.cte_signature_set
.
New in thalesgroup.ciphertrust 1.0.0
Synopsis
Create and edit CTE signature set or add, edit, or remove a signature to or from the signature set
Parameters
Parameter |
Comments |
---|---|
ID of the client where the signing request is to be sent |
|
Description of the signature set |
|
Identifier of the CTE SignatureSet to be patched |
|
this holds the connection parameters required to communicate with an instance of CipherTrust Manager (CM) holds IP/FQDN of the server, username, password, and port |
|
admin password of CM |
|
CM Server IP or FQDN |
|
Port on which CM server is listening Default: |
|
internal or private IP of the CM Server, if different from the server_ip |
|
admin username of CM |
|
if SSL verification is required Choices:
|
|
Name of the signature set |
|
Operation to be performed Choices:
|
|
Identifier of the Signature within the CTE SignatureSet to be patched |
|
Name of the signature set |
|
Path of the directory or file to be signed. If a directory is specified, all files in the directory and its subdirectories are signed. |
Examples
- name: "Create CTE Signature Set"
thalesgroup.ciphertrust.cte_signature_set:
localNode:
server_ip: "IP/FQDN of CipherTrust Manager"
server_private_ip: "Private IP in case that is different from above"
server_port: 5432
user: "CipherTrust Manager Username"
password: "CipherTrust Manager Password"
verify: false
op_type: create
name: TestSignSet
source_list:
- "/usr/bin"
"/usr/sbin"
register: signature_set
- name: "Add signature to a Signature Set"
thalesgroup.ciphertrust.cte_signature_set:
localNode:
server_ip: "IP/FQDN of CipherTrust Manager"
server_private_ip: "Private IP in case that is different from above"
server_port: 5432
user: "CipherTrust Manager Username"
password: "CipherTrust Manager Password"
verify: false
op_type: add_signature
id: "{{ signature_set['response']['id'] }}"
source_list:
- "/usr/bin"
register: signature
- name: "Remove a signature from a Signature Set"
thalesgroup.ciphertrust.cte_signature_set:
localNode:
server_ip: "IP/FQDN of CipherTrust Manager"
server_private_ip: "Private IP in case that is different from above"
server_port: 5432
user: "CipherTrust Manager Username"
password: "CipherTrust Manager Password"
verify: false
op_type: delete_signature
id: "{{ signature_set['response']['id'] }}"
signature_id: "{{ signature['response']['id'] }}"
- name: "Sends a signature signing request to the client"
thalesgroup.ciphertrust.cte_signature_set:
localNode:
server_ip: "IP/FQDN of CipherTrust Manager"
server_private_ip: "Private IP in case that is different from above"
server_port: 5432
user: "CipherTrust Manager Username"
password: "CipherTrust Manager Password"
verify: false
op_type: sign_app
id: "{{ signature_set['response']['id'] }}"
client_id: Client1