external_certificate_authority – Manage an external Hyperledger Fabric certificate authority
Synopsis
Import or remove an external Hyperledger Fabric certificate authority.
This module works with the IBM Support for Hyperledger Fabric software or the Hyperledger Fabric Open Source Stack running in a Red Hat OpenShift or Kubernetes cluster.
Parameters
- api_endpoint (required)
The URL for the Fabric operations console.
Type: str- api_authtype (required)
basic- Authenticate to the Fabric operations console using basic authentication. You must provide both a valid API key using api_key and API secret using api_secret.Type: str- api_key (required)
The API key for the Fabric operations console.
Type: str- api_secret
The API secret for the Fabric operations console.
Only required when api_authtype is
basic.Type: str- api_timeout
The timeout, in seconds, to use when interacting with the Fabric operations console.
Type: intDefault value:60- state
absent- A certificate authority matching the specified name will be stopped and removed.
present- Asserts that a certificate authority matching the specified name and configuration exists. If no certificate authority matches the specified name, a certificate authority will be created. If a certificate authority matches the specified name but the configuration does not match, then the certificate authority will be updated, if it can be. If it cannot be updated, it will be removed and re-created with the specified configuration.Type: strDefault value:present- name
The name of the external certificate authority.
Only required when state is
absent.Type: str- certificate_authority
The definition of the external certificate authority
Only required when state is
present.Type: dict
- name
The name of the certificate authority.
Type: str- api_url
The URL for the API of the certificate authority.
Type: str- operations_url
The URL for the operations service of the certificate authority.
Type: str- ca_url
The URL for the API of the certificate authority.
Type: str- ca_name
The certificate authority name to use for enrollment requests.
Type: str- tlsca_name
The certificate authority name to use for TLS enrollment requests.
Type: str- location
The location of the certificate authority.
Type: str- pem
The TLS certificate chain for the certificate authority.
The TLS certificate chain is returned as a base64 encoded PEM.
Type: str- tls_cert
The TLS certificate chain for the certificate authority.
The TLS certificate chain is returned as a base64 encoded PEM.
Type: str
Examples
- name: Import the certificate authority
hyperledger.fabric_ansible_collection.external_certificate_authority:
status: present
api_endpoint: https://console.example.org:32000
api_authtype: basic
api_key: xxxxxxxx
api_secret: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
certificate_authority: "{{ lookup('file', 'Org1 CA.json') }}"
- name: Remove the imported certificate authority
hyperledger.fabric_ansible_collection.external_certificate_authority:
state: absent
api_endpoint: https://console.example.org:32000
api_authtype: basic
api_key: xxxxxxxx
api_secret: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
name: Org1 CA
Return Values
- certificate_authority
The certificate authority.
Returned: when state ispresentType: dict
- name
The name of the certificate authority.
Type: strSample:Org1 CA- api_url
The URL for the API of the certificate authority.
Type: strSample:https://org1ca-api.example.org:32000- operations_url
The URL for the operations service of the certificate authority.
Type: strSample:https://org1ca-operations.example.org:32000- ca_url
The URL for the API of the certificate authority.
Type: strSample:https://org1ca-api.example.org:32000- ca_name
The certificate authority name to use for enrollment requests.
Type: strSample:ca- tlsca_name
The certificate authority name to use for TLS enrollment requests.
Type: strSample:tlsca- location
The location of the certificate authority.
Type: strSample:ibmcloud- pem
The TLS certificate chain for the certificate authority.
The TLS certificate chain is returned as a base64 encoded PEM.
Type: strSample:LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0t...- tls_cert
The TLS certificate chain for the certificate authority.
The TLS certificate chain is returned as a base64 encoded PEM.
Type: strSample:LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0t...