openssl genrsa require password in ansible script

Pradeep_Drall · September 1, 2018, 4:27pm

when I run below mentioned commands to generate RSA and csr in linux prompt , its require a password (Enter pass phrase for pradeep.key) and mention there “abc” password. Please do let me know how to capture this password in ansible script. When I mention -des3 then its require the password and its mandatory part.

openssl genrsa -des3 -out pradeep.key 2048
openssl req -new -key pradeep.key -out pradeepcsr.csr -config set.txt
openssl pkcs12 -export -out pradeep.p12 -inkey pradeep.key -in cert.pem

Generating RSA private key, 2048 bit long modulus
…+++
…+++
e is 65537 (0x10001)
Enter pass phrase for pradeep.key:
Verifying - Enter pass phrase for pradeep.key:

I mentioned below ansible script :

command: openssl genrsa
-des3
-out “/app/ex.key” 2048

command: openssl req
-new
-subj ‘/C=US/ST=Florida/L=atlanta View/O=xx/CN=abc’
-key “/app/ex.key”
-out “/app/ex.csr”

Secondly, can we do this part with any ansible module, I tried with openssl_privatekey but its not cover all above details.

Yanis_Guenane · September 1, 2018, 9:40pm

Hi Pradeep,

The scenario you mentionned can be realized using only Ansible openssl
modules[1]. Note: openssl_pkcs12 is only available starting with Ansible
2.7.

ipitythaphool · September 1, 2018, 11:06pm

Assuming you have pyopenssl, and depending on your requirements and python knowledge... you could write your own module to do this pretty easily for earlier ansible versions

Topic		Views
openssl genrsa require password in ansible script Ansible Project	3	September 2, 2018
OpenSSL (Private Keys, CSR, Certificates) management - Request for feedbacks Ansible Developer	1	July 14, 2016
Error "msg": "credssp: __enter__", Ansible Developer windows	0	November 25, 2021
openssl_csr, what bit encryption? Ansible Project	1	September 4, 2020
Ansible - Generating OpenSSL Private Keys Ansible Project	0	July 15, 2017

openssl genrsa require password in ansible script

Related topics