zscaler.zpacloud.zpa_enrollement_certificate_info module – Retrieves enrollment certificate information.

Note

This module is part of the zscaler.zpacloud collection (version 1.4.2).

It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it, use: ansible-galaxy collection install zscaler.zpacloud. You need further requirements to be able to use this module, see Requirements for details.

To use it in a playbook, specify: zscaler.zpacloud.zpa_enrollement_certificate_info.

New in zscaler.zpacloud 1.0.0

Synopsis

  • This module will allow the retrieval of information about a Enrollment Certificate detail from the ZPA Cloud.

Requirements

The below requirements are needed on the host that executes this module.

Parameters

Parameter

Comments

client_id

string

The ZPA API client ID generated from the ZPA console.

client_secret

string

The ZPA API client secret generated from the ZPA console.

cloud

string

The ZPA cloud provisioned for your organization.

Choices:

  • "PRODUCTION"

  • "BETA"

  • "QA"

  • "QA2"

  • "GOV"

  • "GOVUS"

  • "PREVIEW"

  • "ZPATWO"

customer_id

string

The ZPA tenant ID found in the Administration Company menu in the ZPA console.

id

string

ID of the browser certificate.

name

string

Name of the browser certificate.

provider

dictionary

A dict object containing authentication details.

client_id

string

The ZPA API client ID generated from the ZPA console.

client_secret

string

The ZPA API client secret generated from the ZPA console.

cloud

string

The ZPA cloud provisioned for your organization.

Choices:

  • "PRODUCTION"

  • "BETA"

  • "QA"

  • "QA2"

  • "GOV"

  • "GOVUS"

  • "PREVIEW"

  • "ZPATWO"

customer_id

string

The ZPA tenant ID found in the Administration Company menu in the ZPA console.

Notes

Note

  • Check mode is not supported.

Examples

- name: Gather Information Details of All Enrollment Certificates
  zscaler.zpacloud.zpa_enrollment_cert_facts:
    provider: "{{ zpa_cloud }}"

- name: Gather Information Details of the Root Enrollment Certificates by Name
  zscaler.zpacloud.zpa_enrollment_cert_facts:
    provider: "{{ zpa_cloud }}"
    name: "Root"

- name: Gather Information Details of the Client Enrollment Certificates by Name
  zscaler.zpacloud.zpa_enrollment_cert_facts:
    provider: "{{ zpa_cloud }}"
    name: "Client"

- name: Gather Information Details of the Connector Enrollment Certificates by Name
  zscaler.zpacloud.zpa_enrollment_cert_facts:
    provider: "{{ zpa_cloud }}"
    name: "Connector"

- name: Gather Information Details of the Service Edge Enrollment Certificates by Name
  zscaler.zpacloud.zpa_enrollment_cert_facts:
    provider: "{{ zpa_cloud }}"
    name: "Service Edge"

- name: Gather Information Details of the Isolation Client Enrollment Certificates by Name
  zscaler.zpacloud.zpa_enrollment_cert_facts:
    provider: "{{ zpa_cloud }}"
    name: "Isolation Client"

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key

Description

certificates

list / elements=dictionary

Details of the Enrollment Certificates.

Returned: always

allow_signing

boolean

Indicates whether signing is allowed for this Enrollment Certificate.

Returned: always

Sample: true

c_name

string

The common name (CN) of the Enrollment Certificate.

Returned: always

Sample: "********.zpa-customer.com/Connector"

certificate

string

The full certificate in PEM format.

Returned: always

Sample: "-----BEGIN CERTIFICATE-----\nMIIDbjCCAlagAwIBAgIQfayCMxHt3mhQbVAuKHCYPTANBgkqhkiG9w0BAQsFADBe\n...\n-----END CERTIFICATE-----\n"

client_cert_type

string

The type of client certificate associated with the Enrollment Certificate.

Returned: always

Sample: "NONE"

creation_time

string

The time when the Enrollment Certificate was created, in epoch format.

Returned: always

Sample: "1649998646"

csr

string

The Certificate Signing Request (CSR) associated with the Enrollment Certificate in PEM format.

Returned: always

Sample: "-----BEGIN CERTIFICATE REQUEST-----\nMIIC2jCCAcICAQAwYzEQMA4GA1UEChMHWnNjYWxlcjEXMBUGA1UECxMOUHJpdmF0\n...\n-----END CERTIFICATE REQUEST-----\n"

description

string

The description of the Enrollment Certificate.

Returned: always

Sample: "Connector Enrollment Certificate"

id

string

The unique identifier of the Enrollment Certificate.

Returned: always

Sample: "16560"

issued_by

string

The issuer of the Enrollment Certificate.

Returned: always

Sample: "O=Zscaler,OU=Private Access,CN=********.zpa-customer.com/Root"

issued_to

string

The entity to which the Enrollment Certificate was issued.

Returned: always

Sample: "O=Zscaler,OU=Private Access,CN=********.zpa-customer.com/Connector"

modified_by

string

The ID of the user who last modified the Enrollment Certificate.

Returned: always

Sample: "123456789"

modified_time

string

The time when the Enrollment Certificate was last modified, in epoch format.

Returned: always

Sample: "1693027973"

name

string

The name of the Enrollment Certificate.

Returned: always

Sample: "Connector"

parent_cert_id

string

The unique identifier of the parent certificate if this is an intermediate certificate.

Returned: always

Sample: "16558"

parent_cert_name

string

The name of the parent certificate.

Returned: always

Sample: "Root"

public_key_present

boolean

Indicates whether the private key is present for the Enrollment Certificate.

Returned: always

Sample: true

serial_no

string

The serial number of the Enrollment Certificate.

Returned: always

Sample: "167049215292216048285546948781507909693"

valid_from_in_epoch_sec

string

The start of the certificate validity period in epoch seconds.

Returned: always

Sample: "1649912246"

valid_to_in_epoch_sec

string

The end of the certificate validity period in epoch seconds.

Returned: always

Sample: "2123038646"

Authors

  • William Guilherme (@willguibr)