With Ansible 2.10 my patch got integrated by upstream. Therefore, the Ansible module java_cert provides a new option for trusting imported CA certificates. This comes handy when you are running an infrastructure with a self signed root CA (Certificate Authority). As a result, you may define your own imported root CA as trusted which directly allows secure SSL/TLS connections between JAVA application without allowing untrusted CAs.
Example:
- name: Import trusted CA from SSL certificate java_cert: cert_path: /opt/certs/rootca.crt keystore_path: /tmp/cacerts keystore_pass: changeit keystore_create: yes state: present cert_alias: LE_RootCA trust_cacert: True
Resources:
PR: add trustcacerts option for JAVA keytool #61750