check - renew VPN certificates
Description
This Ansible playbook checks and renews the management certifciates on the VPN Palo Alto's. It first requests all the palo alto firewalls managed by Panorama. Then it requests all the certificates via https but skips if they are in the excemption group. Then it verifies if it is still valid and if it does not expire withing 90 days, or if it has an issuer that is not D09-Issuing-CA2. If it is expired or will expire soon it requests a new certificate and uploads this to the firewalls.
Credentials
Input
| Variable | Description |
|---|---|
| Loopitem | list with items |
| .0 - | - |
None
Output
→ number of certs that is renew