ansible-collections/community.crypto

DER format - `community.crypto.x509_certificate_info`

msl0 opened this issue · 1 comments

msl0 commented
SUMMARY

Currently only PEM format is supported for community.crypto.x509_certificate_info module, so when we try get info about certificate in DER format then we getting:

"msg": "Unable to load PEM file. See https://cryptography.io/en/latest/faq/#why-can-t-i-import-my-pem-file for more details. MalformedFraming"

I noticed community.crypto.x509_certificate_info module uses cryptography. Current code uses load_pem_x509_certificate method but there is a load_der_x509_certificate method in cryptography to load DER certificates.
It would be better than using openssl x509 -in cert.crt -inform der -text -noout command to get certificate info.

ISSUE TYPE
  • Feature Idea
COMPONENT NAME

community.crypto.x509_certificate_info

ADDITIONAL INFORMATION

community.crypto/plugins/module_utils/crypto/support.py

Line 207 in e4ebca0

return x509.load_pem_x509_certificate(cert_content, cryptography_backend())

https://cryptography.io/en/latest/x509/reference/#cryptography.x509.load_der_x509_certificate



msl0 commented 
#622 adds support for certificates in DER format when using path parameter


- name: Get DER certificate info
  community.crypto.x509_certificate_info:
    path: certificate.der