How to Create JKS Using Ansible | Generate p12 Using Playbook | Ansible Tutorial

Tags: ansible command module, ansible pip, ansible prompt, ansible tutorial, ansible, expect module, ansible PKCS12, Ansible JKS, JKS, generate jks file, generate p12 file, linuxtopic

How to create jks using ansible ?

How to create p12 using ansible ?

How to execute a command and responds to prompts in ansible ?

How to use expect/read in ansible ?



In This topic we will create PKCS12 file and then create JKS file using expect module.



Step 1:



Go to the ansible main directory and create yml file with suitable name

cd /etc/ansiblevi p12.yml

---

- name: Use EXPECT / Read

  hosts: 127.0.0.1

  gather_facts: false

We define name and hosts entry for execution of this playbook, you can replace 127.0.0.1 with your targeted hosts or group

  tasks:

  - name: install expect

    pip: name=pexpect

pexpect python module require on Client so first we will install pexpect using pip module

  - name: Create PKCS12

    expect:

     command: openssl pkcs12 -export -in /etc/ssl/linuxtopic/linuxtopic-self-signed.crt -inkey /etc/ssl/linuxtopic/server-master.key -out  /opt/server-pkcs.p12

     responses:

       Enter Export Password: "password"

       Verifying - Enter Export Password: "password"

In 2nd task we use expect module, before use it read document,  at list run your command on hosts and copy all response like it will ask “Enter Export Password:”  you can type your response in double cote (“”) 

    Enter Export Password: "password"

Generate p12 file

  

- name: Generate JKS file

    expect:

     command: keytool -importkeystore -srckeystore /opt/server-pkcs.p12 -srcstoretype pkcs12 -destkeystore /opt/server-jskfile.jsk -deststoretype JKS

     responses:

       Enter destination keystore password:  "jkspassword"

       Re-enter new password: "jkspassword"

       Enter source keystore password: "password"

3rd task: we generate JKS file using same expect module 

Generate JKS file using ansible

Your playbook has been ready to execute, you can run using ansible-playbook command, just copy full playbook:

---

- name: Use EXPECT / Read

  hosts: 127.0.0.1

  gather_facts: false

  tasks:

  - name: install expect

    pip: name=pexpect

  - name: Create PKCS12

    expect:

     command: openssl pkcs12 -export -in /etc/ssl/linuxtopic/linuxtopic-self-signed.crt -inkey /etc/ssl/linuxtopic/server-master.key -out  /opt/server-pkcs.p12

     responses:

       Enter Export Password: "password"

       Verifying - Enter Export Password: "password"

  - name: Generate JKS file

    expect:

     command: keytool -importkeystore -srckeystore /opt/server-pkcs.p12 -srcstoretype pkcs12 -destkeystore /opt/server-jskfile.jsk -deststoretype JKS

     responses:

       Enter destination keystore password:  "jkspassword"

       Re-enter new password: "jkspassword"

       Enter source keystore password: "password"

Step 2:

ansible-playbook  p12.yml

Verify by checking jks and p12 file

ll  /opt/

Both files available in opt directory, means playbook working fine 







Your support is must so Please Like, share and comment on this ansible  artical.

Thanks,
www.linuxtopic.com