Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

get_certificate extend starttls options #706

Open
C-F-A opened this issue Feb 1, 2024 · 1 comment
Open

get_certificate extend starttls options #706

C-F-A opened this issue Feb 1, 2024 · 1 comment
Labels
enhancement New feature or request

Comments

@C-F-A
Copy link

C-F-A commented Feb 1, 2024

SUMMARY

get_certificate option starttls currently only supports mysql.
This seems to be introduced with Pull Request #264

Would be great to extend this to more protocols to be more usefull.

Looking at openssl, there are many more options available:

$ openssl version
OpenSSL 3.0.7 1 Nov 2022 (Library: OpenSSL 3.0.7 1 Nov 2022)
$ openssl s_client -connect 10.10.10.10 -starttls xxx
s_client: Value must be one of:
smtp
pop3
imap
ftp
xmpp
xmpp-server
telnet
irc
mysql
postgres
lmtp
nntp
sieve
ldap

ISSUE TYPE
  • Feature Idea
COMPONENT NAME

plugins/modules/get_certificate.py

ADDITIONAL INFORMATION

Certificate Check with STARTTLS option is currently only possible with mysql. Other protocols like FTP or SMTP are currently not possible to verirfy.
@felixfontein felixfontein added the enhancement New feature or request label Feb 1, 2024
@felixfontein
Copy link
Contributor

The module does not use the openssl binary, so this would have to be explicitly (re-)implemented. I'm happy to review PRs if someone wants to work on this (or at least one or some of these).

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@felixfontein @C-F-A