With Ansible 2.10 my patch got integrated by upstream. Therefore, the Ansible module java_cert provides a new option for trusting imported CA certificates. This comes handy when you are running an infrastructure with a self signed root CA (Certificate Authority). As a result, you may define your own imported root CA as trusted which directly allows secure SSL/TLS connections between JAVA application without allowing untrusted CAs.
Example:
- name: Import trusted CA from SSL certificate
java_cert:
cert_path: /opt/certs/rootca.crt
keystore_path: /tmp/cacerts
keystore_pass: changeit
keystore_create: yes
state: present
cert_alias: LE_RootCA
trust_cacert: True
Resources:
PR: add trustcacerts option for JAVA keytool #61750