mirror of
https://github.com/ansible-collections/community.general.git
synced 2024-09-14 20:13:21 +02:00
parent
c1173a2aec
commit
ac3781d40b
1 changed files with 4 additions and 4 deletions
|
@ -296,7 +296,7 @@ Signature-based authentication using certificates
|
||||||
Using signature-based authentication is more efficient and more reliable than password-based authentication.
|
Using signature-based authentication is more efficient and more reliable than password-based authentication.
|
||||||
|
|
||||||
Generate certificate and private key
|
Generate certificate and private key
|
||||||
,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,
|
````````````````````````````````````
|
||||||
Signature-based authentication requires a (self-signed) X.509 certificate with private key, and a configuration step for your AAA user in ACI. To generate a working X.509 certificate and private key, use the following procedure:
|
Signature-based authentication requires a (self-signed) X.509 certificate with private key, and a configuration step for your AAA user in ACI. To generate a working X.509 certificate and private key, use the following procedure:
|
||||||
|
|
||||||
.. code-block:: bash
|
.. code-block:: bash
|
||||||
|
@ -304,7 +304,7 @@ Signature-based authentication requires a (self-signed) X.509 certificate with p
|
||||||
$ openssl req -new -newkey rsa:1024 -days 36500 -nodes -x509 -keyout admin.key -out admin.crt -subj '/CN=Admin/O=Your Company/C=US'
|
$ openssl req -new -newkey rsa:1024 -days 36500 -nodes -x509 -keyout admin.key -out admin.crt -subj '/CN=Admin/O=Your Company/C=US'
|
||||||
|
|
||||||
Configure your local user
|
Configure your local user
|
||||||
,,,,,,,,,,,,,,,,,,,,,,,,,
|
`````````````````````````
|
||||||
Perform the following steps:
|
Perform the following steps:
|
||||||
|
|
||||||
- Add the X.509 certificate to your ACI AAA local user at :guilabel:`ADMIN` » :guilabel:`AAA`
|
- Add the X.509 certificate to your ACI AAA local user at :guilabel:`ADMIN` » :guilabel:`AAA`
|
||||||
|
@ -336,7 +336,7 @@ You can automate this by using the following Ansible task:
|
||||||
|
|
||||||
|
|
||||||
Use signature-based authentication with Ansible
|
Use signature-based authentication with Ansible
|
||||||
,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,
|
```````````````````````````````````````````````
|
||||||
You need the following parameters with your ACI module(s) for it to work:
|
You need the following parameters with your ACI module(s) for it to work:
|
||||||
|
|
||||||
.. code-block:: yaml
|
.. code-block:: yaml
|
||||||
|
@ -348,7 +348,7 @@ You need the following parameters with your ACI module(s) for it to work:
|
||||||
.. hint:: If you use a certificate name in ACI that matches the private key's basename, you can leave out the ``certificate_name`` parameter like the example above.
|
.. hint:: If you use a certificate name in ACI that matches the private key's basename, you can leave out the ``certificate_name`` parameter like the example above.
|
||||||
|
|
||||||
More information
|
More information
|
||||||
,,,,,,,,,,,,,,,,
|
````````````````
|
||||||
Detailed information about Signature-based Authentication is available from `Cisco APIC Signature-Based Transactions <https://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/kb/b_KB_Signature_Based_Transactions.html>`_.
|
Detailed information about Signature-based Authentication is available from `Cisco APIC Signature-Based Transactions <https://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/kb/b_KB_Signature_Based_Transactions.html>`_.
|
||||||
|
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue