* Fix IP address support for openssl_csr.
* Remove DirName support, which doesn't work as this and seems harder to fix. Also, I don't know of an example of how it actually works.
* Adding support for IP identifiers according to https://tools.ietf.org/html/draft-ietf-acme-ip-05.
* Add changelog.
* Make sure that the authorizations return value is unchanged for CSRs with DNS-only SANs.
* Remove unneeded import.
* type -> identifier_type
* Python 2.6 compatibility.
* Fix unit tests.
* Add IP address normalization.
* Extend tests.
* Move data into fixtures.
* Adjust BOTMETA.
* Raise OpenSSLBadPassphraseError if passphrase is wrong.
* Improve handling of passphrase errors.
Current behavior for modules is: if passphrase is wrong (or wrongly specified), fail.
Current behavior for openssl_privatekey is: if passphrase is worng (or wrongly specified), regenerate.
* Add changelog.
* Add tests.
* Adjustments for some versions of PyOpenSSL.
* Update lib/ansible/modules/crypto/openssl_certificate.py
Improve text.
Co-Authored-By: felixfontein <felix@fontein.de>
- The openssh_keypair module will return a public key output on the
private key creation.
- Add integration test in order to verify the public key output.
* New LUKS devices management module
- new module that uses cryptsetup (LUKS) functions for management
of encrypted devices
- unit tests included
* New LUKS devices management module
- modified interface by removing 'open' option and moving its functionality
into 'state' option
* Move relative time handling to module_utils and rewrite it
* Fix cases with no seconds defined
* fix a small typo along the way
* add relative time handling to the ownca provider in openssl_certificate
* add initial integration test for relative time ownca
* quote the documentation to produce valid yaml
* move timespec conversion and validation to the init function
* fix small edge case in conversion function
* add relative timestamp handling to the selfsigned provider
* add get_relative_time_option
* add relative timestamp handling to valid_in
* pep8 fix indentation
* add quotes in error message
* add changelog fragment
* Update changelogs/fragments/50570-relative_time_crypto.yaml
Co-Authored-By: MarkusTeufelberger <mteufelberger@mgit.at>
* Revert "Revert "openssl_csr: Allow to use cryptography as backend (#50324)""
This reverts commit bbd2e31e9f.
* Remove more complicated selection copy'n'pasted from openssl_privatekey.
* Add tests for backend selection.
* Add openssl_csr test for arbitrary string commonName.
* Allow to disable commonName -> SAN copying (fixes#36690).
* Allow to use cryptography as backend for openssl_csr.
* Use different curve.
* Adding changelog.
Includes changelog fragment for #49416, which didn't include one.
* add openssh_cert module
* fix some linter issues
* address review feedback
* add basis for integration tests
* change valid datetime formats
* handle principals as set not as list
* handle principals as set not as list
* handle principals as set not as list
* Add cryptography backend for openssl_privatekey.
* Adding ECC support.
No support for X25519 and X449, since they don't support serialization.
* Improve finterprint calculation to work with Python 3.
* Add fingerprint check.
* Fix typo.
* Use separate curve option for elliptic curves, and use type 'ECC'.
* Using curve names as defined in IANA registry.
* Bump minimal supported cryptography version. Older versions might work as well, but I couldn't test them.
* Improve documentation.
* Only one exit point.
* Refactoring account handling.
* Add diff support for acme_account.
* Insert public_account_key into acme_account_facts result and into acme_account diff.
* Add changelog.
* Fixed#47505: Type error in openssl_certificate
* Use to_bytes instead of str.encode in SelfSignedCertificate. Updates #47508
* Use to_bytes instead of str.encode in OwnCACertificate
* Added integration tests for openssl_certificate: selfsigned_not_before/after and ownca_not_before/after
Felix Fontein
John Wesley
Maxim Babushkin
Andrea Tartaglia
Chris Adams
Sayed Anisul Hoque
Dag Wieers
japokorn
Jordan Borean
MarkusTeufelberger
Abhijeet Kasurde
lolcube
Toshio Kuratomi
John Westcott IV
Edoardo T
s3lph