<linkrel="prev"title="community.crypto.openssl_dhparam module – Generate OpenSSL Diffie-Hellman Parameters"href="openssl_dhparam_module.html"/><!-- extra head elements for Ansible beyond RTD Sphinx Theme -->
</head>
<bodyclass="wy-body-for-nav"><!-- extra body elements for Ansible beyond RTD Sphinx Theme -->
<liclass="toctree-l1"><aclass="reference internal"href="docsite/guide_selfsigned.html">How to create self-signed certificates</a></li>
<liclass="toctree-l1"><aclass="reference internal"href="docsite/guide_ownca.html">How to create a small CA</a></li>
</ul>
<ulclass="current">
<liclass="toctree-l1"><aclass="reference internal"href="acme_account_module.html">community.crypto.acme_account module – Create, modify or delete ACME accounts</a></li>
<liclass="toctree-l1"><aclass="reference internal"href="acme_account_info_module.html">community.crypto.acme_account_info module – Retrieves information on ACME accounts</a></li>
<liclass="toctree-l1"><aclass="reference internal"href="acme_certificate_module.html">community.crypto.acme_certificate module – Create SSL/TLS certificates with the ACME protocol</a></li>
<liclass="toctree-l1"><aclass="reference internal"href="acme_certificate_revoke_module.html">community.crypto.acme_certificate_revoke module – Revoke certificates with the ACME protocol</a></li>
<liclass="toctree-l1"><aclass="reference internal"href="acme_challenge_cert_helper_module.html">community.crypto.acme_challenge_cert_helper module – Prepare certificates required for ACME challenges such as <codeclass="docutils literal notranslate"><spanclass="pre">tls-alpn-01</span></code></a></li>
<liclass="toctree-l1"><aclass="reference internal"href="acme_inspect_module.html">community.crypto.acme_inspect module – Send direct requests to an ACME server</a></li>
<liclass="toctree-l1"><aclass="reference internal"href="certificate_complete_chain_module.html">community.crypto.certificate_complete_chain module – Complete certificate chain given a set of untrusted and root certificates</a></li>
<liclass="toctree-l1"><aclass="reference internal"href="ecs_certificate_module.html">community.crypto.ecs_certificate module – Request SSL/TLS certificates with the Entrust Certificate Services (ECS) API</a></li>
<liclass="toctree-l1"><aclass="reference internal"href="ecs_domain_module.html">community.crypto.ecs_domain module – Request validation of a domain with the Entrust Certificate Services (ECS) API</a></li>
<liclass="toctree-l1"><aclass="reference internal"href="get_certificate_module.html">community.crypto.get_certificate module – Get a certificate from a host:port</a></li>
<liclass="toctree-l1"><aclass="reference internal"href="openssh_cert_module.html">community.crypto.openssh_cert module – Generate OpenSSH host or user certificates.</a></li>
<liclass="toctree-l1"><aclass="reference internal"href="openssh_keypair_module.html">community.crypto.openssh_keypair module – Generate OpenSSH private and public keys</a></li>
<liclass="toctree-l1"><aclass="reference internal"href="openssl_csr_info_module.html">community.crypto.openssl_csr_info module – Provide information of OpenSSL Certificate Signing Requests (CSR)</a></li>
<liclass="toctree-l1"><aclass="reference internal"href="openssl_privatekey_info_module.html">community.crypto.openssl_privatekey_info module – Provide information for OpenSSL private keys</a></li>
<liclass="toctree-l1"><aclass="reference internal"href="openssl_privatekey_pipe_module.html">community.crypto.openssl_privatekey_pipe module – Generate OpenSSL private keys without disk access</a></li>
<liclass="toctree-l1"><aclass="reference internal"href="openssl_publickey_module.html">community.crypto.openssl_publickey module – Generate an OpenSSL public key from its private key.</a></li>
<liclass="toctree-l1"><aclass="reference internal"href="openssl_publickey_info_module.html">community.crypto.openssl_publickey_info module – Provide information for OpenSSL public keys</a></li>
<liclass="toctree-l1"><aclass="reference internal"href="openssl_signature_module.html">community.crypto.openssl_signature module – Sign data with openssl</a></li>
<liclass="toctree-l1"><aclass="reference internal"href="openssl_signature_info_module.html">community.crypto.openssl_signature_info module – Verify signatures with openssl</a></li>
<liclass="toctree-l1"><aclass="reference internal"href="x509_certificate_info_module.html">community.crypto.x509_certificate_info module – Provide information of OpenSSL X.509 certificates</a></li>
<liclass="toctree-l1"><aclass="reference internal"href="openssl_publickey_info_filter.html">community.crypto.openssl_publickey_info filter – Retrieve information from OpenSSL public keys in PEM format</a></li>
<liclass="toctree-l1"><aclass="reference internal"href="x509_certificate_info_filter.html">community.crypto.x509_certificate_info filter – Retrieve information from X.509 certificates in PEM format</a></li>
<liclass="toctree-l1"><aclass="reference internal"href="x509_crl_info_filter.html">community.crypto.x509_crl_info filter – Retrieve information from X.509 CRLs in PEM format</a></li>
<ahref="https://github.com/ansible-collections/community.crypto/edit/main/plugins/modules/openssl_pkcs12.py?description=%23%23%23%23%23%20SUMMARY%0A%3C!—%20Your%20description%20here%20–%3E%0A%0A%0A%23%23%23%23%23%20ISSUE%20TYPE%0A-%20Docs%20Pull%20Request%0A%0A%2Blabel:%20docsite_pr"class="fa fa-github"> Edit on GitHub</a>
<h1>community.crypto.openssl_pkcs12 module – Generate OpenSSL PKCS#12 archive<aclass="headerlink"href="#community-crypto-openssl-pkcs12-module-generate-openssl-pkcs-12-archive"title="Permalink to this heading"></a></h1>
<p>This module is part of the <aclass="reference external"href="https://galaxy.ansible.com/community/crypto">community.crypto collection</a> (version 2.10.0).</p>
You need further requirements to be able to use this module,
see <aclass="reference internal"href="#ansible-collections-community-crypto-openssl-pkcs12-module-requirements"><spanclass="std std-ref">Requirements</span></a> for details.</p>
<p>To use it in a playbook, specify: <codeclass="code docutils literal notranslate"><spanclass="pre">community.crypto.openssl_pkcs12</span></code>.</p>
<h2><aclass="toc-backref"href="#id1">Synopsis</a><aclass="headerlink"href="#synopsis"title="Permalink to this heading"></a></h2>
<ulclass="simple">
<li><p>This module allows one to (re-)generate PKCS#12.</p></li>
<li><p>The module can use the cryptography Python library, or the pyOpenSSL Python library. By default, it tries to detect which one is available, assuming none of the <em>iter_size</em> and <em>maciter_size</em> options are used. This can be overridden with the <em>select_crypto_backend</em> option.</p></li>
</ul>
</section>
<sectionid="requirements">
<spanid="ansible-collections-community-crypto-openssl-pkcs12-module-requirements"></span><h2><aclass="toc-backref"href="#id2">Requirements</a><aclass="headerlink"href="#requirements"title="Permalink to this heading"></a></h2>
<p>The below requirements are needed on the host that executes this module.</p>
<ulclass="simple">
<li><p>PyOpenSSL >= 0.15 or cryptography >= 3.0</p></li>
</ul>
</section>
<sectionid="parameters">
<h2><aclass="toc-backref"href="#id3">Parameters</a><aclass="headerlink"href="#parameters"title="Permalink to this heading"></a></h2>
<aclass="ansibleOptionLink"href="#parameter-action"title="Permalink to this option"></a><pclass="ansible-option-type-line"><spanclass="ansible-option-type">string</span></p>
</div></td>
<td><divclass="ansible-option-cell"><p><codeclass="docutils literal notranslate"><spanclass="pre">export</span></code> or <codeclass="docutils literal notranslate"><spanclass="pre">parse</span></code> a PKCS#12.</p>
<aclass="ansibleOptionLink"href="#parameter-attributes"title="Permalink to this option"></a><pclass="ansible-option-type-line"><spanclass="ansible-option-aliases">aliases: attr</span></p>
<td><divclass="ansible-option-cell"><p>The attributes the resulting filesystem object should have.</p>
<p>To get supported flags look at the man page for <em>chattr</em> on the target system.</p>
<p>This string should contain the attributes in the same order as the one displayed by <em>lsattr</em>.</p>
<p>The <codeclass="docutils literal notranslate"><spanclass="pre">=</span></code> operator is assumed as default, otherwise <codeclass="docutils literal notranslate"><spanclass="pre">+</span></code> or <codeclass="docutils literal notranslate"><spanclass="pre">-</span></code> operators need to be included in the string.</p>
<aclass="ansibleOptionLink"href="#parameter-backup"title="Permalink to this option"></a><pclass="ansible-option-type-line"><spanclass="ansible-option-type">boolean</span></p>
</div></td>
<td><divclass="ansible-option-cell"><p>Create a backup file including a timestamp so you can get the original output file back if you overwrote it with a new one by accident.</p>
<aclass="ansibleOptionLink"href="#parameter-certificate_path"title="Permalink to this option"></a><pclass="ansible-option-type-line"><spanclass="ansible-option-type">path</span></p>
</div></td>
<td><divclass="ansible-option-cell"><p>The path to read certificates and private keys from.</p>
<aclass="ansibleOptionLink"href="#parameter-encryption_level"title="Permalink to this option"></a><pclass="ansible-option-type-line"><spanclass="ansible-option-type">string</span></p>
<p><spanclass="ansible-option-versionadded">added in community.crypto 2.8.0</span></p>
</div></td>
<td><divclass="ansible-option-cell"><p>Determines the encryption level used.</p>
<p><codeclass="docutils literal notranslate"><spanclass="pre">auto</span></code> uses the default of the selected backend. For <codeclass="docutils literal notranslate"><spanclass="pre">cryptography</span></code>, this is what the cryptography library’s specific version considers the best available encryption.</p>
<p><codeclass="docutils literal notranslate"><spanclass="pre">compatibility2022</span></code> uses compatibility settings for older software in 2022. This is only supported by the <codeclass="docutils literal notranslate"><spanclass="pre">cryptography</span></code> backend if cryptography >= 38.0.0 is available.</p>
<p><strong>Note</strong> that this option is <strong>not used for idempotency</strong>.</p>
<aclass="ansibleOptionLink"href="#parameter-force"title="Permalink to this option"></a><pclass="ansible-option-type-line"><spanclass="ansible-option-type">boolean</span></p>
</div></td>
<td><divclass="ansible-option-cell"><p>Should the file be regenerated even if it already exists.</p>
<aclass="ansibleOptionLink"href="#parameter-friendly_name"title="Permalink to this option"></a><pclass="ansible-option-type-line"><spanclass="ansible-option-aliases">aliases: name</span></p>
<aclass="ansibleOptionLink"href="#parameter-group"title="Permalink to this option"></a><pclass="ansible-option-type-line"><spanclass="ansible-option-type">string</span></p>
</div></td>
<td><divclass="ansible-option-cell"><p>Name of the group that should own the filesystem object, as would be fed to <em>chown</em>.</p>
<p>When left unspecified, it uses the current group of the current user unless you are root, in which case it can preserve the previous ownership.</p>
<aclass="ansibleOptionLink"href="#parameter-iter_size"title="Permalink to this option"></a><pclass="ansible-option-type-line"><spanclass="ansible-option-type">integer</span></p>
</div></td>
<td><divclass="ansible-option-cell"><p>Number of times to repeat the encryption step.</p>
<p>This is <strong>not considered during idempotency checks</strong>.</p>
<p>This is only used by the <codeclass="docutils literal notranslate"><spanclass="pre">pyopenssl</span></code> backend, or when <em>encryption_level=compatibility2022</em>.</p>
<p>When using it, the default is <codeclass="docutils literal notranslate"><spanclass="pre">2048</span></code> for <codeclass="docutils literal notranslate"><spanclass="pre">pyopenssl</span></code> and <codeclass="docutils literal notranslate"><spanclass="pre">50000</span></code> for <codeclass="docutils literal notranslate"><spanclass="pre">cryptography</span></code>.</p>
<aclass="ansibleOptionLink"href="#parameter-maciter_size"title="Permalink to this option"></a><pclass="ansible-option-type-line"><spanclass="ansible-option-type">integer</span></p>
</div></td>
<td><divclass="ansible-option-cell"><p>Number of times to repeat the MAC step.</p>
<p>This is <strong>not considered during idempotency checks</strong>.</p>
<p>This is only used by the <codeclass="docutils literal notranslate"><spanclass="pre">pyopenssl</span></code> backend. When using it, the default is <codeclass="docutils literal notranslate"><spanclass="pre">1</span></code>.</p>
<aclass="ansibleOptionLink"href="#parameter-mode"title="Permalink to this option"></a><pclass="ansible-option-type-line"><spanclass="ansible-option-type">any</span></p>
</div></td>
<td><divclass="ansible-option-cell"><p>The permissions the resulting filesystem object should have.</p>
<p>For those used to <em>/usr/bin/chmod</em> remember that modes are actually octal numbers. You must either add a leading zero so that Ansible’s YAML parser knows it is an octal number (like <codeclass="docutils literal notranslate"><spanclass="pre">0644</span></code> or <codeclass="docutils literal notranslate"><spanclass="pre">01777</span></code>) or quote it (like <codeclass="docutils literal notranslate"><spanclass="pre">'644'</span></code> or <codeclass="docutils literal notranslate"><spanclass="pre">'1777'</span></code>) so Ansible receives a string and can do its own conversion from string into number.</p>
<p>Giving Ansible a number without following one of these rules will end up with a decimal number which will have unexpected results.</p>
<p>As of Ansible 1.8, the mode may be specified as a symbolic mode (for example, <codeclass="docutils literal notranslate"><spanclass="pre">u+rwx</span></code> or <codeclass="docutils literal notranslate"><spanclass="pre">u=rw,g=r,o=r</span></code>).</p>
<p>If <codeclass="docutils literal notranslate"><spanclass="pre">mode</span></code> is not specified and the destination filesystem object <strong>does not</strong> exist, the default <codeclass="docutils literal notranslate"><spanclass="pre">umask</span></code> on the system will be used when setting the mode for the newly created filesystem object.</p>
<p>If <codeclass="docutils literal notranslate"><spanclass="pre">mode</span></code> is not specified and the destination filesystem object <strong>does</strong> exist, the mode of the existing filesystem object will be used.</p>
<p>Specifying <codeclass="docutils literal notranslate"><spanclass="pre">mode</span></code> is the best way to ensure filesystem objects are created with the correct permissions. See CVE-2020-1736 for further details.</p>
<aclass="ansibleOptionLink"href="#parameter-other_certificates"title="Permalink to this option"></a><pclass="ansible-option-type-line"><spanclass="ansible-option-aliases">aliases: ca_certificates</span></p>
<td><divclass="ansible-option-cell"><p>List of other certificates to include. Pre Ansible 2.8 this parameter was called <em>ca_certificates</em>.</p>
<p>Assumes there is one PEM-encoded certificate per file. If a file contains multiple PEM certificates, set <em>other_certificates_parse_all</em> to <codeclass="docutils literal notranslate"><spanclass="pre">true</span></code>.</p>
<aclass="ansibleOptionLink"href="#parameter-other_certificates_parse_all"title="Permalink to this option"></a><pclass="ansible-option-type-line"><spanclass="ansible-option-type">boolean</span></p>
<p><spanclass="ansible-option-versionadded">added in community.crypto 1.4.0</span></p>
</div></td>
<td><divclass="ansible-option-cell"><p>If set to <codeclass="docutils literal notranslate"><spanclass="pre">true</span></code>, assumes that the files mentioned in <em>other_certificates</em> can contain more than one certificate per file (or even none per file).</p>
<aclass="ansibleOptionLink"href="#parameter-owner"title="Permalink to this option"></a><pclass="ansible-option-type-line"><spanclass="ansible-option-type">string</span></p>
</div></td>
<td><divclass="ansible-option-cell"><p>Name of the user that should own the filesystem object, as would be fed to <em>chown</em>.</p>
<p>When left unspecified, it uses the current user unless you are root, in which case it can preserve the previous ownership.</p>
<aclass="ansibleOptionLink"href="#parameter-passphrase"title="Permalink to this option"></a><pclass="ansible-option-type-line"><spanclass="ansible-option-type">string</span></p>
<p><strong>Note:</strong> PKCS12 encryption is not secure and should not be used as a security mechanism. If you need to store or send a PKCS12 file safely, you should additionally encrypt it with something else.</p>
<aclass="ansibleOptionLink"href="#parameter-path"title="Permalink to this option"></a><pclass="ansible-option-type-line"><spanclass="ansible-option-type">path</span> / <spanclass="ansible-option-required">required</span></p>
</div></td>
<td><divclass="ansible-option-cell"><p>Filename to write the PKCS#12 file to.</p>
<aclass="ansibleOptionLink"href="#parameter-privatekey_content"title="Permalink to this option"></a><pclass="ansible-option-type-line"><spanclass="ansible-option-type">string</span></p>
<p><spanclass="ansible-option-versionadded">added in community.crypto 2.3.0</span></p>
</div></td>
<td><divclass="ansible-option-cell"><p>Content of the private key file.</p>
<p>Mutually exclusive with <em>privatekey_path</em>.</p>
<aclass="ansibleOptionLink"href="#parameter-privatekey_passphrase"title="Permalink to this option"></a><pclass="ansible-option-type-line"><spanclass="ansible-option-type">string</span></p>
</div></td>
<td><divclass="ansible-option-cell"><p>Passphrase source to decrypt any input private keys with.</p>
<aclass="ansibleOptionLink"href="#parameter-privatekey_path"title="Permalink to this option"></a><pclass="ansible-option-type-line"><spanclass="ansible-option-type">path</span></p>
</div></td>
<td><divclass="ansible-option-cell"><p>File to read private key from.</p>
<p>Mutually exclusive with <em>privatekey_content</em>.</p>
<aclass="ansibleOptionLink"href="#parameter-return_content"title="Permalink to this option"></a><pclass="ansible-option-type-line"><spanclass="ansible-option-type">boolean</span></p>
<p><spanclass="ansible-option-versionadded">added in community.crypto 1.0.0</span></p>
</div></td>
<td><divclass="ansible-option-cell"><p>If set to <codeclass="docutils literal notranslate"><spanclass="pre">true</span></code>, will return the (current or generated) PKCS#12’s content as <em>pkcs12</em>.</p>
<aclass="ansibleOptionLink"href="#parameter-select_crypto_backend"title="Permalink to this option"></a><pclass="ansible-option-type-line"><spanclass="ansible-option-type">string</span></p>
<p><spanclass="ansible-option-versionadded">added in community.crypto 1.7.0</span></p>
</div></td>
<td><divclass="ansible-option-cell"><p>Determines which crypto backend to use.</p>
<p>The default choice is <codeclass="docutils literal notranslate"><spanclass="pre">auto</span></code>, which tries to use <codeclass="docutils literal notranslate"><spanclass="pre">cryptography</span></code> if available, and falls back to <codeclass="docutils literal notranslate"><spanclass="pre">pyopenssl</span></code>. If <em>iter_size</em> is used together with <em>encryption_level != compatibility2022</em>, or if <em>maciter_size</em> is used, <codeclass="docutils literal notranslate"><spanclass="pre">auto</span></code> will always result in <codeclass="docutils literal notranslate"><spanclass="pre">pyopenssl</span></code> to be chosen for backwards compatibility.</p>
<p>If set to <codeclass="docutils literal notranslate"><spanclass="pre">pyopenssl</span></code>, will try to use the <aclass="reference external"href="https://pypi.org/project/pyOpenSSL/">pyOpenSSL</a> library.</p>
<p>If set to <codeclass="docutils literal notranslate"><spanclass="pre">cryptography</span></code>, will try to use the <aclass="reference external"href="https://cryptography.io/">cryptography</a> library.</p>
<aclass="ansibleOptionLink"href="#parameter-selevel"title="Permalink to this option"></a><pclass="ansible-option-type-line"><spanclass="ansible-option-type">string</span></p>
</div></td>
<td><divclass="ansible-option-cell"><p>The level part of the SELinux filesystem object context.</p>
<p>This is the MLS/MCS attribute, sometimes known as the <codeclass="docutils literal notranslate"><spanclass="pre">range</span></code>.</p>
<p>When set to <codeclass="docutils literal notranslate"><spanclass="pre">_default</span></code>, it will use the <codeclass="docutils literal notranslate"><spanclass="pre">level</span></code> portion of the policy if available.</p>
<aclass="ansibleOptionLink"href="#parameter-serole"title="Permalink to this option"></a><pclass="ansible-option-type-line"><spanclass="ansible-option-type">string</span></p>
</div></td>
<td><divclass="ansible-option-cell"><p>The role part of the SELinux filesystem object context.</p>
<p>When set to <codeclass="docutils literal notranslate"><spanclass="pre">_default</span></code>, it will use the <codeclass="docutils literal notranslate"><spanclass="pre">role</span></code> portion of the policy if available.</p>
<aclass="ansibleOptionLink"href="#parameter-setype"title="Permalink to this option"></a><pclass="ansible-option-type-line"><spanclass="ansible-option-type">string</span></p>
</div></td>
<td><divclass="ansible-option-cell"><p>The type part of the SELinux filesystem object context.</p>
<p>When set to <codeclass="docutils literal notranslate"><spanclass="pre">_default</span></code>, it will use the <codeclass="docutils literal notranslate"><spanclass="pre">type</span></code> portion of the policy if available.</p>
<aclass="ansibleOptionLink"href="#parameter-seuser"title="Permalink to this option"></a><pclass="ansible-option-type-line"><spanclass="ansible-option-type">string</span></p>
</div></td>
<td><divclass="ansible-option-cell"><p>The user part of the SELinux filesystem object context.</p>
<p>By default it uses the <codeclass="docutils literal notranslate"><spanclass="pre">system</span></code> policy, where applicable.</p>
<p>When set to <codeclass="docutils literal notranslate"><spanclass="pre">_default</span></code>, it will use the <codeclass="docutils literal notranslate"><spanclass="pre">user</span></code> portion of the policy if available.</p>
<aclass="ansibleOptionLink"href="#parameter-src"title="Permalink to this option"></a><pclass="ansible-option-type-line"><spanclass="ansible-option-type">path</span></p>
</div></td>
<td><divclass="ansible-option-cell"><p>PKCS#12 file path to parse.</p>
<aclass="ansibleOptionLink"href="#parameter-state"title="Permalink to this option"></a><pclass="ansible-option-type-line"><spanclass="ansible-option-type">string</span></p>
</div></td>
<td><divclass="ansible-option-cell"><p>Whether the file should exist or not. All parameters except <codeclass="docutils literal notranslate"><spanclass="pre">path</span></code> are ignored when state is <codeclass="docutils literal notranslate"><spanclass="pre">absent</span></code>.</p>
<aclass="ansibleOptionLink"href="#parameter-unsafe_writes"title="Permalink to this option"></a><pclass="ansible-option-type-line"><spanclass="ansible-option-type">boolean</span></p>
</div></td>
<td><divclass="ansible-option-cell"><p>Influence when to use atomic operation to prevent data corruption or inconsistent reads from the target filesystem object.</p>
<p>By default this module uses atomic operations to prevent data corruption or inconsistent reads from the target filesystem objects, but sometimes systems are configured or just broken in ways that prevent this. One example is docker mounted filesystem objects, which cannot be updated atomically from inside the container and can only be written in an unsafe manner.</p>
<p>This option allows Ansible to fall back to unsafe methods of updating filesystem objects when atomic operations fail (however, it doesn’t force Ansible to perform unsafe writes).</p>
<p>IMPORTANT! Unsafe writes are subject to race conditions and can lead to data corruption.</p>
<td><divclass="ansible-option-cell"><p>Can run in <codeclass="docutils literal notranslate"><spanclass="pre">check_mode</span></code> and return changed status prediction without modifying target.</p>
<td><divclass="ansible-option-cell"><p>Will return details on what has changed (or possibly needs changing in <codeclass="docutils literal notranslate"><spanclass="pre">check_mode</span></code>), when in diff mode.</p>
<dt><aclass="reference internal"href="openssl_publickey_module.html#ansible-collections-community-crypto-openssl-publickey-module"><spanclass="std std-ref">community.crypto.openssl_publickey</span></a></dt><dd><p>Generate an OpenSSL public key from its private key.</p>
<h2><aclass="toc-backref"href="#id7">Return Values</a><aclass="headerlink"href="#return-values"title="Permalink to this heading"></a></h2>
<p>Common return values are documented <aclass="reference external"href="https://docs.ansible.com/ansible/devel/reference_appendices/common_return_values.html#common-return-values"title="(in Ansible vdevel)"><spanclass="xref std std-ref">here</span></a>, the following are the fields unique to this module:</p>
<aclass="ansibleOptionLink"href="#return-backup_file"title="Permalink to this return value"></a><pclass="ansible-option-type-line"><spanclass="ansible-option-type">string</span></p>
</div></td>
<td><divclass="ansible-option-cell"><p>Name of backup file created.</p>
<pclass="ansible-option-line"><spanclass="ansible-option-returned-bold">Returned:</span> changed and if <em>backup</em> is <codeclass="docutils literal notranslate"><spanclass="pre">true</span></code></p>
<aclass="ansibleOptionLink"href="#return-filename"title="Permalink to this return value"></a><pclass="ansible-option-type-line"><spanclass="ansible-option-type">string</span></p>
</div></td>
<td><divclass="ansible-option-cell"><p>Path to the generate PKCS#12 file.</p>
<pclass="ansible-option-line"><spanclass="ansible-option-returned-bold">Returned:</span> changed or success</p>
<aclass="ansibleOptionLink"href="#return-pkcs12"title="Permalink to this return value"></a><pclass="ansible-option-type-line"><spanclass="ansible-option-type">string</span></p>
<p><spanclass="ansible-option-versionadded">added in community.crypto 1.0.0</span></p>
</div></td>
<td><divclass="ansible-option-cell"><p>The (current or generated) PKCS#12’s content Base64 encoded.</p>
<pclass="ansible-option-line"><spanclass="ansible-option-returned-bold">Returned:</span> if <em>state</em> is <codeclass="docutils literal notranslate"><spanclass="pre">present</span></code> and <em>return_content</em> is <codeclass="docutils literal notranslate"><spanclass="pre">true</span></code></p>
<aclass="ansibleOptionLink"href="#return-privatekey"title="Permalink to this return value"></a><pclass="ansible-option-type-line"><spanclass="ansible-option-type">string</span></p>
</div></td>
<td><divclass="ansible-option-cell"><p>Path to the TLS/SSL private key the public key was generated from.</p>
<pclass="ansible-option-line"><spanclass="ansible-option-returned-bold">Returned:</span> changed or success</p>
<ahref="https://github.com/ansible-collections/community.crypto/issues/new?assignees=&labels=&template=bug_report.md"aria-role="button"target="_blank"rel="noopener external">Submit a bug report</a>
<ahref="https://github.com/ansible-collections/community.crypto/issues/new?assignees=&labels=&template=feature_request.md"aria-role="button"target="_blank"rel="noopener external">Request a feature</a>
