a54e77193b
* win_cert_stat initial commit with tests * documentation fix. first attempt windows server 2008 compatibility * add formatted dates removed debug tests * make choices generic list * return a list of certificates use .net x509 store instead of PS cert provider * fixed tests file * fix timestamps returning null * rename to win_certificate_info * rename tests win_certificate_info * return certificates as a sorted array open the store with readonly privileges * extensions always returned as an array
90 lines
3.6 KiB
YAML
90 lines
3.6 KiB
YAML
---
|
|
|
|
- name: get stats on a store that doesn't exist
|
|
win_certificate_info:
|
|
store_name: teststore
|
|
register: test_store
|
|
|
|
- name: ensure exists is false
|
|
assert:
|
|
that:
|
|
- test_store.exists == false
|
|
|
|
- name: get stats on the root certificate store
|
|
win_certificate_info:
|
|
store_name: Root
|
|
register: root_store
|
|
|
|
- name: at least one certificate is returned
|
|
assert:
|
|
that:
|
|
- "root_store.exists"
|
|
- "root_store.certificates | length > 0"
|
|
|
|
- name: get stats on a certificate that doesn't exist
|
|
win_certificate_info:
|
|
thumbprint: ABC
|
|
register: actual
|
|
|
|
- name: ensure exists is false
|
|
assert:
|
|
that: actual.exists == false
|
|
|
|
- name: get stats on root certificate
|
|
win_certificate_info:
|
|
thumbprint: '{{ root_thumbprint }}'
|
|
store_name: Root
|
|
register: root_stats
|
|
|
|
- name: root certificate stats returned are expected values
|
|
assert:
|
|
that:
|
|
- root_stats.exists
|
|
- root_stats.certificates[0].archived == false
|
|
- root_stats.certificates[0].dns_names == [ 'root.ansible.com' ]
|
|
- root_stats.certificates[0].extensions|count == 3
|
|
- root_stats.certificates[0].has_private_key == false
|
|
- root_stats.certificates[0].issued_by == 'root.ansible.com'
|
|
- root_stats.certificates[0].issued_to == 'root.ansible.com'
|
|
- root_stats.certificates[0].issuer == 'C=US, CN=root.ansible.com'
|
|
- root_stats.certificates[0].path_length_constraint == 0
|
|
# - root_stats.certificates[0].public_key == (root_pub.stdout_lines|join())
|
|
- root_stats.certificates[0].raw == root_raw.stdout_lines|join()
|
|
- root_stats.certificates[0].serial_number == '00FD6F21D1A0309BFF'
|
|
- root_stats.certificates[0].signature_algorithm == 'sha256RSA'
|
|
- root_stats.certificates[0].ski == 'BA7D9382E63A7011E113ABAA16FE08575B936FA8'
|
|
- root_stats.certificates[0].subject == 'C=US, CN=root.ansible.com'
|
|
- root_stats.certificates[0].valid_from == 1513327172
|
|
- root_stats.certificates[0].valid_from_iso8601 == '2017-12-15T08:39:32Z'
|
|
- root_stats.certificates[0].valid_to == 3660799172
|
|
- root_stats.certificates[0].valid_to_iso8601 == '2086-01-02T08:39:32Z'
|
|
- root_stats.certificates[0].version == 3
|
|
|
|
- name: get stats on subject certificate
|
|
win_certificate_info:
|
|
thumbprint: '{{ subj_thumbprint }}'
|
|
register: subj_stats
|
|
|
|
- name: subject certificate stats returned are expected values
|
|
assert:
|
|
that:
|
|
- subj_stats.exists
|
|
- subj_stats.certificates[0].archived == false
|
|
- subj_stats.certificates[0].dns_names == [ 'subject.ansible.com' ]
|
|
- subj_stats.certificates[0].extensions|count == 0
|
|
- subj_stats.certificates[0].has_private_key == false
|
|
- subj_stats.certificates[0].issued_by == 'root.ansible.com'
|
|
- subj_stats.certificates[0].issued_to == 'subject.ansible.com'
|
|
- subj_stats.certificates[0].issuer == 'C=US, CN=root.ansible.com'
|
|
- subj_stats.certificates[0].path_length_constraint is undefined
|
|
# - subj_stats.certificates[0].public_key == subj_pub.stdout_lines|join()
|
|
- subj_stats.certificates[0].raw == subj_raw.stdout_lines|join()
|
|
- subj_stats.certificates[0].serial_number == '00BF32D3816B5503A7'
|
|
- subj_stats.certificates[0].signature_algorithm == 'sha256RSA'
|
|
- subj_stats.certificates[0].ski is undefined
|
|
- subj_stats.certificates[0].subject == 'C=US, CN=subject.ansible.com'
|
|
- subj_stats.certificates[0].valid_from == 1513328190
|
|
- subj_stats.certificates[0].valid_from_iso8601 == '2017-12-15T08:56:30Z'
|
|
- subj_stats.certificates[0].valid_to == 3660800190
|
|
- subj_stats.certificates[0].valid_to_iso8601 == '2086-01-02T08:56:30Z'
|
|
- subj_stats.certificates[0].version == 1
|