https://community.netapp.com/t5/ONTAP-Rest-API-Discussions/How-to-automate-renewal-installation-of-CA-signed-certificate/m-p/433124#M292 <P><SPAN>&nbsp;Hello, I am trying to use the ansible module&nbsp;<A href="https://docs.ansible.com/ansible/2.10/collections/netapp/ontap/na_ontap_security_certificates_module.html" target="_blank" rel="nofollow noopener noreferrer">https://docs.ansible.com/ansible/2.10/collections/netapp/ontap/na_ontap_security_certificates_module.html</A></SPAN></P><P>&nbsp;</P><P><SPAN>We’re updating an expiring signed certificate, which requires the deletion of an existing certificate, which stops the ssl service. If the service stops every time a certificate is deleted, how am I supposed to install the new one. The SSL service is down after deleting.</SPAN></P><P>&nbsp;</P><P><SPAN>I have also tried using the netapp command line module which allows me to run the proper command "cert install (parameters)" but I cannot use this workaround because I cannot figure out how to get ansible to wait for the user inputs (I am prompted for my certificate and private key).</SPAN></P><P>&nbsp;</P><P>I have also made a post here:<SPAN>&nbsp;</SPAN><A href="https://github.com/ansible-collections/netapp.ontap/issues/53" target="_blank" rel="nofollow noopener noreferrer">https://github.com/ansible-collections/netapp.ontap/issues/53</A>&nbsp;which shows my ansible playbook.</P> Wed, 04 Jun 2025 10:03:23 GMT rcordova 2025-06-04T10:03:23Z https://community.netapp.com/t5/ONTAP-Rest-API-Discussions/How-to-automate-renewal-installation-of-CA-signed-certificate/m-p/433124#M292 <P><SPAN>&nbsp;Hello, I am trying to use the ansible module&nbsp;<A href="https://docs.ansible.com/ansible/2.10/collections/netapp/ontap/na_ontap_security_certificates_module.html" target="_blank" rel="nofollow noopener noreferrer">https://docs.ansible.com/ansible/2.10/collections/netapp/ontap/na_ontap_security_certificates_module.html</A></SPAN></P><P>&nbsp;</P><P><SPAN>We’re updating an expiring signed certificate, which requires the deletion of an existing certificate, which stops the ssl service. If the service stops every time a certificate is deleted, how am I supposed to install the new one. The SSL service is down after deleting.</SPAN></P><P>&nbsp;</P><P><SPAN>I have also tried using the netapp command line module which allows me to run the proper command "cert install (parameters)" but I cannot use this workaround because I cannot figure out how to get ansible to wait for the user inputs (I am prompted for my certificate and private key).</SPAN></P><P>&nbsp;</P><P>I have also made a post here:<SPAN>&nbsp;</SPAN><A href="https://github.com/ansible-collections/netapp.ontap/issues/53" target="_blank" rel="nofollow noopener noreferrer">https://github.com/ansible-collections/netapp.ontap/issues/53</A>&nbsp;which shows my ansible playbook.</P> Wed, 04 Jun 2025 10:03:23 GMT https://community.netapp.com/t5/ONTAP-Rest-API-Discussions/How-to-automate-renewal-installation-of-CA-signed-certificate/m-p/433124#M292 rcordova 2025-06-04T10:03:23Z https://community.netapp.com/t5/ONTAP-Rest-API-Discussions/How-to-automate-renewal-installation-of-CA-signed-certificate/m-p/433127#M293 <P>The folks in that GitHub issue or in the #configurationmgmt channel of Slack will know best about the Anisible specifics. However, as far as a general workflow goes, I would expect it to be something like this:</P><P>&nbsp;</P><OL><LI>Install the new certificate</LI><LI>Modify the web service to use the new certificate</LI><LI>Remove the old certificate</LI></OL><P>You may end up with a disconnection before you get a response to step 2, I'm not sure. You'd want to handle the error and retry in that case.</P> Thu, 17 Mar 2022 20:16:28 GMT https://community.netapp.com/t5/ONTAP-Rest-API-Discussions/How-to-automate-renewal-installation-of-CA-signed-certificate/m-p/433127#M293 RobertBlackhart 2022-03-17T20:16:28Z