��
�Udac������������@`��s_���d��d��l��m��Z��m��Z��m��Z���e��Z��i��d��d��6d��g��d��6d��d��6Z��d��Z��d �Z��d
�Z �d��d��l
�m��Z��m��Z���d��d��l
�m��Z���d��d
�l��m��Z���d��d��l��m��Z���d��d��l��m��Z���d��d��l��m��Z��m��Z���d��d��l��m��Z��m��Z��m��Z��m��Z���d��d��l��Z��d��d��l��Z��d��d��l��Z��d��d��l �Z �d��Z!�d��Z"�d��Z$�y��d��d��l��m%�Z%��Wn#��e&�k
�r[����e �j'����Z$�e(�Z)�n��Xe*�Z)�d��Z+�y/�d��d��l,�Z,�d��d
�l,�m��Z���e��e,�j-����Z.�Wn#��e&�k
�r�����e �j'����Z+�e(�Z/�n��Xe*�Z/�d��Z0�yG�d��d��l1�Z1�d��d��l2�Z1�d��d��l3�Z1�d��d��l4�m5�Z6��e��e1�j-����Z7�Wn#��e&�k
�r5����e �j'����Z0�e(�Z8�n��Xe*�Z8�d�����Z9�e:�d��k��r[�e9�����n��d��S(����i����(����t����absolute_importt����divisiont����print_functions����1.1t����metadata_versiont����previewt����statust ���communityt����supported_bys����
---
module: get_certificate
author: "John Westcott IV (@john-westcott-iv)"
version_added: "2.8"
short_description: Get a certificate from a host:port
description:
- Makes a secure connection and returns information about the presented certificate
- The module can use the cryptography Python library, or the pyOpenSSL Python
library. By default, it tries to detect which one is available. This can be
overridden with the I(select_crypto_backend) option. Please note that the PyOpenSSL
backend was deprecated in Ansible 2.9 and will be removed in Ansible 2.13."
options:
host:
description:
- The host to get the cert for (IP is fine)
type: str
required: true
ca_cert:
description:
- A PEM file containing one or more root certificates; if present, the cert will be validated against these root certs.
- Note that this only validates the certificate is signed by the chain; not that the cert is valid for the host presenting it.
type: path
port:
description:
- The port to connect to
type: int
required: true
proxy_host:
description:
- Proxy host used when get a certificate.
type: str
version_added: 2.9
proxy_port:
description:
- Proxy port used when get a certificate.
type: int
default: 8080
version_added: 2.9
timeout:
description:
- The timeout in seconds
type: int
default: 10
select_crypto_backend:
description:
- Determines which crypto backend to use.
- The default choice is C(auto), which tries to use C(cryptography) if available, and falls back to C(pyopenssl).
- If set to C(pyopenssl), will try to use the L(pyOpenSSL,https://pypi.org/project/pyOpenSSL/) library.
- If set to C(cryptography), will try to use the L(cryptography,https://cryptography.io/) library.
type: str
default: auto
choices: [ auto, cryptography, pyopenssl ]
version_added: "2.9"
notes:
- When using ca_cert on OS X it has been reported that in some conditions the validate will always succeed.
requirements:
- "python >= 2.7 when using C(proxy_host)"
- "cryptography >= 1.6 or pyOpenSSL >= 0.15"
s����
cert:
description: The certificate retrieved from the port
returned: success
type: str
expired:
description: Boolean indicating if the cert is expired
returned: success
type: bool
extensions:
description: Extensions applied to the cert
returned: success
type: list
elements: dict
contains:
critical:
returned: success
type: bool
description: Whether the extension is critical.
asn1_data:
returned: success
type: str
description: The Base64 encoded ASN.1 content of the extnesion.
name:
returned: success
type: str
description: The extension's name.
issuer:
description: Information about the issuer of the cert
returned: success
type: dict
not_after:
description: Expiration date of the cert
returned: success
type: str
not_before:
description: Issue date of the cert
returned: success
type: str
serial_number:
description: The serial number of the cert
returned: success
type: str
signature_algorithm:
description: The algorithm used to sign the cert
returned: success
type: str
subject:
description: Information about the subject of the cert (OU, CN, etc)
returned: success
type: dict
version:
description: The version number of the certificate
returned: success
type: str
s9���
- name: Get the cert from an RDP port
get_certificate:
host: "1.2.3.4"
port: 3389
delegate_to: localhost
run_once: true
register: cert
- name: Get a cert from an https port
get_certificate:
host: "www.google.com"
port: 443
delegate_to: localhost
run_once: true
register: cert
- name: How many days until cert expires
debug:
msg: "cert expires in: {{ expire_days }} days."
vars:
expire_days: "{{ (( cert.not_after | to_datetime('%Y%m%d%H%M%SZ')) - (ansible_date_time.iso8601 | to_datetime('%Y-%m-%dT%H:%M:%SZ')) ).days }}"
(����t
���AnsibleModulet����missing_required_lib(����t����to_bytes(����t����crypto(����t����LooseVersion(����t����isfile(����t����setdefaulttimeoutt����socket(����t����get_server_certificatet����DER_cert_to_PEM_certt ���CERT_NONEt
���CERT_OPTIONALNs����0.15s����1.6(����t����create_default_context(����t����default_backendc������������C`��sw���t��d��t��d��t��d��d�����d��t��d��d��d��t�����d��t��d��d �d��t�����d
�t��d��d�����d��t��d��d �d��d
����d��t��d��d �d��d�����d��t��d��d��d��d��d��d��g��d��d�����������}��|��j��j��d�����}��|��j��j��d�����}��|��j��j��d�����}��|��j��j��d
����}��|��j��j��d�����}��|��j��j��d�����}��|��j��j��d�����}��|��d��k��r��t��oG�t��t��t�����k��}��t �o_�t
�t��t�����k��} �|��rq�d��}��n��| �r��d��}��n��|��d��k��r��|��j��d��d��j
�t��t���������q��n��|��d��k��r��t �s��|��j��d��t��d��j
�t��������d��t������n��|��j��d��d��d������n=�|��d��k��r;�t��s;�|��j��d��t��d��j
�t��������d��t������q;�n��t��d��t�����}
�|��r]�t��|������n��|��r��t��|�����s��|��j��d��d������q��n��|��r��t��s��|��j��d��d��d��t������n��y��d �|��|��f���}��t�����}��t��j��|��j������|��j��|��|��f������|��j��|��j���������|��j��d!�����t�����}
�t��|
�_ �t!�|
�_"�|��rF�t#�|
�_"�|
�j$�d"�|������n��|
�j%�|��d#�|�����j&�t�����}��t'�|�����}��Wq���t(�k
�r���}���|��j��d��d$�j
�|���������q��XnK�y��t)�|��|��f��d%�|�����}��Wn,��t(�k
�r���}���|��j��d��d$�j
�|���������n��X|��|
�d&�<|��d��k��rm�t*�j+�t*�j,�|�����}��i��|
�d'�<x0�|��j-����j.����D]��}��|��d(��|
�d'��|��d)��<q6�W|��j/����|
�d*�<g��|
�d+�<|��j0����}��x^�t1�d)�|�����D]M�}��|��j2�|�����}��|
�d+��j3�i��|��j4����d,�6|��j5����d-�6|��j6����d.�6����q��Wi��|
�d/�<x0�|��j7����j.����D]��}��|��d(��|
�d/��|��d)��<q��W|��j8����|
�d0�<|��j9����|
�d1�<|��j:����|
�d2�<|��j;����|
�d3�<|��j<����|
�d��<n��|��d��k��rf�t=�j>�j?�t@�|�����tA�������}��i��|
�d'�<x4�|��jB�D])�}��|��jC�|
�d'��tD�jE�|��jF�d4�t�����<q��W|��jG�tH�jH�jI����k��|
�d*�<g��|
�d+�<x~�tD�jJ�|�����jK����D]g�\��}��}��t=�j>�jF�jL�|�����}��|
�d+��j3�i��|��d,��d,�6tM�jN�|��d5�����d-�6tD�jE�|��d4�t�����d.�6����q��Wi��|
�d/�<x4�|��jO�D])�}��|��jC�|
�d/��tD�jE�|��jF�d4�t�����<q��W|��jG�jP�d6����|
�d0�<|��jQ�jP�d6����|
�d1�<|��jR�|
�d2�<tD�jE�|��jS����|
�d3�<|��jT�t=�j>�jU�jV�k��r4�d9�|
�d��<qf�|��jT�t=�j>�jU�jW�k��rY�d:�|
�d��<qf�d8�|
�d��<n��|��jX�|
�����d��S(;���Nt
���argument_spect����ca_certt����typet����patht����hostt����strt����requiredt����portt����intt
���proxy_hostt
���proxy_portt����defaulti����t����timeouti
���t����select_crypto_backendt����choicest����autot ���pyopensslt����cryptographyt����msgs]���Can't detect any of the required Python libraries cryptography (>= {0}) or PyOpenSSL (>= {1})s����pyOpenSSL >= {0}t ���exceptionsK���The module is using the PyOpenSSL backend. This backend has been deprecatedt����versions����2.13s����cryptography >= {0}t����changeds����ca_cert file does not existsT���To use proxy_host, you must run the get_certificate module with Python 2.7 or newer.s����CONNECT %s:%s HTTP/1.0
i� ��t����cafilet����server_hostnames,���Failed to get cert from port with error: {0}t����ca_certst����certt����subjecti����i����t����expiredt
���extensionst����criticalt ���asn1_datat����namet����issuert ���not_aftert
���not_beforet
���serial_numbert����signature_algorithmt����shortt����values
���%Y%m%d%H%M%SZi����t����unknowni����i����(Y���R����t����dictt����Truet����paramst����gett����CRYPTOGRAPHY_FOUNDt����CRYPTOGRAPHY_VERSIONR����t����MINIMAL_CRYPTOGRAPHY_VERSIONt����PYOPENSSL_FOUNDt����PYOPENSSL_VERSIONt����MINIMAL_PYOPENSSL_VERSIONt ���fail_jsont����formatR ���t����PYOPENSSL_IMP_ERRt ���deprecatet����CRYPTOGRAPHY_IMP_ERRt����FalseR����R
���t����HAS_CREATE_DEFAULT_CONTEXTt����CREATE_DEFAULT_CONTEXT_IMP_ERRR����t����atexitt����registert����closet����connectt����sendt����encodet����recvR����t����check_hostnameR����t����verify_modeR����t����load_verify_locationst����wrap_sockett����getpeercertR����t ���ExceptionR����R����t����load_certificatet����FILETYPE_PEMt����get_subjectt����get_componentst����has_expiredt����get_extension_countt����ranget
���get_extensiont����appendt����get_criticalt����get_datat����get_short_namet
���get_issuert����get_notAftert
���get_notBeforet����get_serial_numbert����get_signature_algorithmt����get_versionR'���t����x509t����load_pem_x509_certificateR
���t����cryptography_backendR0���R<���t����crypto_utilst����cryptography_oid_to_namet����oidt����not_valid_aftert����datetimet����utcnowt%���cryptography_get_extensions_from_certt����itemst����ObjectIdentifiert����base64t ���b64decodeR6���t����strftimet����not_valid_beforeR9���t����signature_algorithm_oidR*���t����Versiont����v1t����v3t ���exit_json(����t����moduleR����R����R����R����R ���R"���t����backendt����can_use_cryptographyt����can_use_pyopensslt����resultRS���t����sockt����ctxR/���t����eRo���t ���componentt����extension_countt����indext ���extensiont ���attributet
���dotted_numbert����entryRt���(����(����sJ���/usr/lib/python2.7/site-packages/ansible/modules/crypto/get_certificate.pyt����main����s����������������������*����������������������� ��� ���������������
���������
��� ���
�������������
����� �������
� � � ��� ��������� ���������
�����
�������
�������
�
�
���
�������������������
���'���
�"���
�������
���'�����
�����
���
�
�t����__main__(;���t
���__future__R����R����R����R����t
���__metaclass__t����ANSIBLE_METADATAt
���DOCUMENTATIONt����RETURNt����EXAMPLESt����ansible.module_utils.basicR����R ���t����ansible.module_utils._textR
���t����ansible.module_utilsR����Rr���t����distutils.versionR����t����os.pathR
���R����R����t����sslR����R����R����R����RP���R{���Rv���t ���tracebackRG���RD���t����NoneRO���R����t����ImportErrort
���format_excRM���RN���R?���RJ���t����OpenSSLt����__version__RF���RE���RL���R'���t����cryptography.exceptionst����cryptography.x509t����cryptography.hazmat.backendsR����Rq���RC���RB���R����t����__name__(����(����(����sJ���/usr/lib/python2.7/site-packages/ansible/modules/crypto/get_certificate.pyt����<module>����sd�������
�
�
?�9����������������"�������������������
���
�������������
���
�����������������
���
��� ���
Anons79 File Manager Version 1.0, Coded By Anons79
Email: [email protected]
Anons79 Mini Shell