??????????????
Warning: Cannot modify header information - headers already sent by (output started at /home/mybf1/public_html/mentol.bf1.my/SS1.php:4) in /home/mybf1/public_html/mentol.bf1.my/SS1.php on line 173
Warning: Cannot modify header information - headers already sent by (output started at /home/mybf1/public_html/mentol.bf1.my/SS1.php:4) in /home/mybf1/public_html/mentol.bf1.my/SS1.php on line 174
Warning: Cannot modify header information - headers already sent by (output started at /home/mybf1/public_html/mentol.bf1.my/SS1.php:4) in /home/mybf1/public_html/mentol.bf1.my/SS1.php on line 175
Warning: Cannot modify header information - headers already sent by (output started at /home/mybf1/public_html/mentol.bf1.my/SS1.php:4) in /home/mybf1/public_html/mentol.bf1.my/SS1.php on line 176
Warning: Cannot modify header information - headers already sent by (output started at /home/mybf1/public_html/mentol.bf1.my/SS1.php:4) in /home/mybf1/public_html/mentol.bf1.my/SS1.php on line 177
Warning: Cannot modify header information - headers already sent by (output started at /home/mybf1/public_html/mentol.bf1.my/SS1.php:4) in /home/mybf1/public_html/mentol.bf1.my/SS1.php on line 178
�๓
เUdac������������@`��sๅ���d��d��l��m��Z��m��Z��m��Z���e��Z��i��d��d��6d��g��d��6d��d��6Z��d��Z��d �Z��d
�Z �d��d��l
�Z
�d��d��l��Z��d��d��l��m
�Z
��d
���Z��d����Z��d����Z��d����Z��d����Z��d����Z��d����Z��d����Z��d����Z��e��d��k��rแ�e�����n��d��S(����i����(����t����absolute_importt����divisiont����print_functions����1.1t����metadata_versiont����previewt����statust ���communityt����supported_bysุ���
---
module: java_cert
version_added: '2.3'
short_description: Uses keytool to import/remove key from java keystore (cacerts)
description:
- This is a wrapper module around keytool, which can be used to import/remove
certificates from a given java keystore.
options:
cert_url:
description:
- Basic URL to fetch SSL certificate from.
- One of C(cert_url) or C(cert_path) is required to load certificate.
type: str
cert_port:
description:
- Port to connect to URL.
- This will be used to create server URL:PORT.
type: int
default: 443
cert_path:
description:
- Local path to load certificate from.
- One of C(cert_url) or C(cert_path) is required to load certificate.
type: path
cert_alias:
description:
- Imported certificate alias.
- The alias is used when checking for the presence of a certificate in the keystore.
type: str
pkcs12_path:
description:
- Local path to load PKCS12 keystore from.
type: path
version_added: "2.4"
pkcs12_password:
description:
- Password for importing from PKCS12 keystore.
type: str
default: ''
version_added: "2.4"
pkcs12_alias:
description:
- Alias in the PKCS12 keystore.
type: str
version_added: "2.4"
keystore_path:
description:
- Path to keystore.
type: path
keystore_pass:
description:
- Keystore password.
type: str
required: true
keystore_create:
description:
- Create keystore if it does not exist.
type: bool
keystore_type:
description:
- Keystore type (JCEKS, JKS).
type: str
version_added: "2.8"
executable:
description:
- Path to keytool binary if not used we search in PATH for it.
type: str
default: keytool
state:
description:
- Defines action which can be either certificate import or removal.
type: str
choices: [ absent, present ]
default: present
author:
- Adam Hamsik (@haad)
sd���
- name: Import SSL certificate from google.com to a given cacerts keystore
java_cert:
cert_url: google.com
cert_port: 443
keystore_path: /usr/lib/jvm/jre7/lib/security/cacerts
keystore_pass: changeit
state: present
- name: Remove certificate with given alias from a keystore
java_cert:
cert_url: google.com
keystore_path: /usr/lib/jvm/jre7/lib/security/cacerts
keystore_pass: changeit
executable: /usr/lib/jvm/jre7/bin/keytool
state: absent
- name: Import SSL certificate from google.com to a keystore, create it if it doesn't exist
java_cert:
cert_url: google.com
keystore_path: /tmp/cacerts
keystore_pass: changeit
keystore_create: yes
state: present
- name: Import a pkcs12 keystore with a specified alias, create it if it doesn't exist
java_cert:
pkcs12_path: "/tmp/importkeystore.p12"
cert_alias: default
keystore_path: /opt/wildfly/standalone/configuration/defaultkeystore.jks
keystore_pass: changeit
keystore_create: yes
state: present
- name: Import SSL certificate to JCEKS keystore
java_cert:
pkcs12_path: "/tmp/importkeystore.p12"
pkcs12_alias: default
pkcs12_password: somepass
cert_alias: default
keystore_path: /opt/someapp/security/keystore.jceks
keystore_type: "JCEKS"
keystore_pass: changeit
keystore_create: yes
state: present
sว���
msg:
description: Output from stdout of keytool command after execution of given command.
returned: success
type: str
sample: "Module require existing keystore at keystore_path '/tmp/test/cacerts'"
rc:
description: Keytool command execution return value.
returned: success
type: int
sample: "0"
cmd:
description: Executed command to get action done.
returned: success
type: str
sample: "keytool -importcert -noprompt -keystore"
N(����t
���AnsibleModulec������������C`��s����|��r��d��|���Sd��S(����s7��� Check that custom keystore is presented in parameters s���� -storetype '%s't����(����(����t
���keystore_type(����(����sD���/usr/lib/python2.7/site-packages/ansible/modules/system/java_cert.pyt����get_keystore_typeง���s����������c���� �������C`��sK���d��|��|��|��|��t��|����f���}��|��j��|����\��}��}��}��|��d��k��rG�t��St��S(����sY��� Check if certificate with alias is present in keystore
located at keystore_path s@���%s -noprompt -list -keystore '%s' -storepass '%s' -alias '%s' %si����(����R����t����run_commandt����Truet����False( ���t����modulet
���executablet
���keystore_patht
���keystore_passt����aliasR
���t����test_cmdt����check_rct����_(����(����sD���/usr/lib/python2.7/site-packages/ansible/modules/system/java_cert.pyt����check_cert_presentฎ���s����������������c��������
���C`��s���t��j��d����}��t��j��d����} �d��}
�|��d��k �r�|��j��d����\��}��}��d��|��|��f���}
�| �d��k �r�| �j��d��d����}
�t��j��d��d �|
���}
�|
�d
�|
��7}
�q�n��d��|��|
�|��|��f���}��d��|��|��|��|��t��|����f���}��|��j��|��d
�t ���\��}��}��}��|��j��|��d��|��d
�t
���\��}��}��}��i��d��d��6d��|���d��6}��|��d��k��rh�|��j��d��t �d��|��d��|��d��|��d��|��d��|�����n"�|��j��d��|��d��|��d��|��d��|�����d��S(����sD��� Import certificate from URL into keystore located at keystore_path t����https_proxyt����no_proxyR ���t����:s-���-J-Dhttps.proxyHost=%s -J-Dhttps.proxyPort=%st����,t����|s����(^|\|)\.s����\1*.s���� -J-Dhttp.nonProxyHosts='%s's&���%s -printcert -rfc -sslserver %s %s:%dsF���%s -importcert -noprompt -keystore '%s' -storepass '%s' -alias '%s' %sR����t����datas����
t����befores����%s
t����afteri����t����changedt����msgt����rct����cmdt����stdoutt����difft����errorN(
���t����ost����getenvt����Nonet����splitt����replacet����ret����subR����R����R
���R����t ���exit_jsont ���fail_json(����R����R����t����urlt����portR����R����R����R
���R����R����t
���proxy_optst
���proxy_hostt
���proxy_portt����non_proxy_hostst ���fetch_cmdt
���import_cmdR����t ���fetch_outt ���import_rct
���import_outt
���import_errR%���(����(����sD���/usr/lib/python2.7/site-packages/ansible/modules/system/java_cert.pyt����import_cert_urlบ���s4���������������������������������������������������
���c������������C`��sป���d��|��|��|��|��|��t��|����f���}��|��j��|��d��t����\��}��} �}
�i��d��d��6d��|���d��6}��|��d��k��r�|��j��d��t��d �| �d
�|��d��|��d��| �d
�|
�d��|�����n��|��j��d �| �d
�|��d��|�����d��S(����sV��� Import certificate from path into keystore located on
keystore_path as alias sQ���%s -importcert -noprompt -keystore '%s' -storepass '%s' -file '%s' -alias '%s' %sR����s����
R����s����%s
R����i����R ���R!���R"���R#���R$���R&���R%���N(����R����R����R����R.���R
���R/���(����R����R����t����pathR����R����R����R
���R7���R9���R:���R;���R%���(����(����sD���/usr/lib/python2.7/site-packages/ansible/modules/system/java_cert.pyt����import_cert_pathๆ���s���������� �����������������c �����������C`��sฤ���d��|��|��|��|��|��|��|��|��t��|����f ��} �|��j��| �d��t����\��}
�}��}��i��d��d��6d��|���d��6}
�|
�d��k��rค�|��j��d��t��d �|��d
�|
�d��| �d��|��d
�|��d��|
����n��|��j��d �|��d
�|
�d��| ����d��S(����sQ��� Import pkcs12 from path into keystore located on
keystore_path as alias sฑ���%s -importkeystore -noprompt -destkeystore '%s' -srcstoretype PKCS12 -deststorepass '%s' -destkeypass '%s' -srckeystore '%s' -srcstorepass '%s' -srcalias '%s' -destalias '%s' %sR����s����
R����s����%s
R����i����R ���R!���R"���R#���R$���R&���R%���N(����R����R����R����R.���R
���R/���(����R����R����R=���R����R����t����pkcs12_passt����pkcs12_aliasR����R
���R7���R9���R:���R;���R%���(����(����sD���/usr/lib/python2.7/site-packages/ansible/modules/system/java_cert.pyt����import_pkcs12_path๛���s�������� �������������������c������������C`��s���d��|��|��|��|��t��|����f���}��|��j��|��d��t����\��}��}��} �i��d��|���d��6d
�d��6}
�|��j��d��t��d��|��d��|��d �|��d
�|��d��| �d��|
����d
�S(����sI��� Delete certificate identified with alias from keystore on keystore_path s8���%s -delete -keystore '%s' -storepass '%s' -alias '%s' %sR����s����%s
R����R����R ���R!���R"���R#���R$���R&���R%���N(����R����R����R
���R)���R.���(����R����R����R����R����R����R
���t����del_cmdt����del_rct����del_outt����del_errR%���(����(����sD���/usr/lib/python2.7/site-packages/ansible/modules/system/java_cert.pyt����delete_cert����s������������������c������������C`��s����|��j��d��|���d��t�����d��S(����s/��� Test if keytool is actually executable or not s����%sR����N(����R����R
���(����R����R����(����(����sD���/usr/lib/python2.7/site-packages/ansible/modules/system/java_cert.pyt����test_keytool ���s������c������������C`��s\���|��d��k��r��d��}��n��t��j��j��|�����rX�t��j��j��|�����rX�|��j��d��t��d��d��|������n��d��S(����s0��� Check if we can access keystore as file or not R ���R ���R!���s6���Module require existing keystore at keystore_path '%s'N(����R)���R'���R=���t����existst����isfileR/���R����(����R����R����(����(����sD���/usr/lib/python2.7/site-packages/ansible/modules/system/java_cert.pyt
���test_keystore%���s�������� �&�c��������"���C`��sฐ���t��d��t��d��d����d��t��d��d����d��t��d��d����d��t��d��d��d��t����d �t��d��d����d
�t��d��d����d��t��d��d��d
�d����d��t��d��d����d��t��d��d��d��t��d��t����d��t��d��d��d
�t����d��t��d��d����d��t��d��d��d
�d����d��t��d��d��d
�d��d��d��d��g�����
}��t��d��|��d��d��d��d��g��g��d��d��d��g��g��d��d��d��d��g��g��d��t����}��|��j��j��d����}��|��j��j��d����}��|��j��j��d����}��|��j��j��d����}��|��j��j��d��d ���}��|��j��j��d �d!���}��|��j��j��d
���pั�|��}��|��j��j��d����} �|��j��j��d����}
�|��j��j��d����}��|��j��j��d����}��|��j��j��d����}
�|��j��j��d����}��|��rj�|���rj�|��j��d"�t��d#�d$�| �����n��t��|��|
����|��s�t��|��| ����n��t �|��|
�| �|
�|��|����}��|��d��k��r๒�|��r๒�|��j
�rึ�|��j��d"�t�����n��t��|��|
�| �|
�|��|�����nช�|��d��k��r�|���r�|��j
�r!�|��j��d"�t�����n��|��rL�t
�|��|
�|��| �|
�|��|��|��|�� ��n��|��rq�t��|��|
�|��| �|
�|��|�����n��|��r�t��|��|
�|��|��| �|
�|��|�����q�n��|��j��d"�t�����d��S(%���Nt����cert_urlt����typet����strt ���cert_pathR=���t����pkcs12_patht����pkcs12_passwordt����no_logR@���t
���cert_aliast ���cert_portt����intt����defaultiป���R����R����t����requiredt����keystore_createt����boolR
���R����t����keytoolt����statet����presentt����choicest����absentt
���argument_spect����required_one_oft����required_togethert����mutually_exclusivet����supports_check_modeR ���t����1R ���R!���s8���Using local path import from %s requires alias argument.(����t����dictR
���R����R����t����paramst����getR/���RG���RJ���R����t
���check_modeR.���RF���RA���R>���R<���(����R^���R����R0���R=���R1���RO���R?���R@���RR���R����R����RW���R
���R����RZ���t����cert_present(����(����sD���/usr/lib/python2.7/site-packages/ansible/modules/system/java_cert.pyt����main/���sv�������������������������������$����������� ���������������������������
�������
����������� ������� ���������������������t����__main__(����t
���__future__R����R����R����RL���t
���__metaclass__t����ANSIBLE_METADATAt
���DOCUMENTATIONt����EXAMPLESt����RETURNR'���R,���t����ansible.module_utils.basicR����R����R����R<���R>���RA���RF���RG���RJ���Ri���t����__name__(����(����(����sD���/usr/lib/python2.7/site-packages/ansible/modules/system/java_cert.pyt��������s*�������
�
�
O�/���������� � � , � � � �
R��