Hi,
ansible --version
ansible [core 2.15.8]
config file = None
configured module search path = ['/home/u_iris/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /usr/local/lib/python3.9/site-packages/ansible
ansible collection location = /home/u_iris/.ansible/collections:/usr/share/ansible/collections
executable location = /usr/local/bin/ansible
python version = 3.9.18 (main, Nov 15 2023, 04:22:28) [GCC 8.5.0 20210514 (Red Hat 8.5.0-20)] (/usr/bin/python3.9)
jinja version = 3.1.2
libyaml = True
My playbook
tasks:
- name: List of directories with the cacerts file
ansible.builtin.shell: find /QOpenSys/QIBM/ProdData/JavaVM -name cacerts | awk '{print substr($0, 1, length($0)-7)}'
register: _cacerts_dirs
- name: importation 201707_PKI-GIE-DELEGUEE
community.general.java_cert:
cert_path: "{{ item }}201707_PKI-GIE-DELEGUEE.crt"
keystore_path: "{{ item }}cacerts"
keystore_pass: "changeit"
cert_alias: "pki-gie-deleguee"
state: present
register: _import_cert
loop: "{{ _cacerts_dirs.stdout_lines }}"
Log with -vvv
failed: [U3ANTA12] (item=/QOpenSys/QIBM/ProdData/JavaVM/jdk11/64bit/lib/security/) => {
"ansible_loop_var": "item",
"changed": false,
"cmd": [
"keytool",
"-importcert",
"-noprompt",
"-keystore",
"/QOpenSys/QIBM/ProdData/JavaVM/jdk11/64bit/lib/security/cacerts",
"-file",
"/QOpenSys/QIBM/ProdData/JavaVM/jdk11/64bit/lib/security/201707_PKI-GIE-DELEGUEE.crt",
"-alias",
"pki-gie-deleguee"
],
"invocation": {
"module_args": {
"cert_alias": "pki-gie-deleguee",
"cert_path": "/QOpenSys/QIBM/ProdData/JavaVM/jdk11/64bit/lib/security/201707_PKI-GIE-DELEGUEE.crt",
"cert_port": 443,
"cert_url": null,
"executable": "keytool",
"keystore_create": false,
"keystore_pass": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
"keystore_path": "/QOpenSys/QIBM/ProdData/JavaVM/jdk11/64bit/lib/security/cacerts",
"keystore_type": null,
"pkcs12_alias": null,
"pkcs12_password": null,
"pkcs12_path": null,
"state": "present",
"trust_cacert": false
}
},
"item": "/QOpenSys/QIBM/ProdData/JavaVM/jdk11/64bit/lib/security/",
"msg": "",
"rc": 1
}
------------------------------
Stephane VILLARD
------------------------------
Original Message:
Sent: Tue January 23, 2024 11:02 AM
From: Rob Gjertsen
Subject: Ansible community.general.java_cert
Hi Stephane,
I have not used this ansible module, but I would suggest providing verbose output (using "-vvv") from your playbook along with environment information with "ansible --version", which will provide more information to comment on from users. And also confirm that you are running ansible control node on IBM i server.
------------------------------
Rob Gjertsen
Original Message:
Sent: Fri January 19, 2024 05:31 AM
From: Stephane VILLARD
Subject: Ansible community.general.java_cert
Hello,
I'm trying to use the ansible module community.general.java_cert to import a certificate but I have an error (rc=1) but I have no error message ( msg="" ).
Has anyone used this module on IBM i?
Regards
------------------------------
Stephane VILLARD
------------------------------