F5Networks
Unable to generate CSR via bigip_command [if City name is München, Baden-Württemberg]
COMPONENT NAME
bigip_command
Environment
Prod
ANSIBLE VERSION
**ansible [core 2.15.1]
python version = 3.11.9
jinja version = 3.1.2**
ansible.netcommon 6.0.0
ansible.posix 1.5.4
ansible.utils 3.1.0
arista.eos 7.0.0
cisco.aci 2.8.0
cisco.asa 5.0.1
cisco.ios 6.1.2
cisco.iosxr 7.1.0
cisco.nxos 6.0.3
community.general 8.4.0
community.hashi_vault 6.1.0
f5networks.f5_bigip 3.6.2
f5networks.f5_modules 1.30.1
fortinet.fortios 2.3.5
netbox.netbox 3.17.0
openstack.cloud 1.10.0
BIGIP VERSION
Sys::Version Main Package Product BIG-IP Version 16.1.4.1 Build 0.132.5
CONFIGURATION
OS / ENVIRONMENT
SUMMARY
BIGIP Ansible command module(bigip_command) is failing to generate CSR via ansible input, when use unicode charater in city name or, state name i.e city name: 'München' or State Name: 'Baden-Württemberg'. however tmos command and web ui works well.
STEPS TO REPRODUCE
---
- hosts: all
gather_facts: false
vars_files: vars/lba_provider_vars.yaml
connection: local
vars:
- cust_obj: "www.example.com"
- keySize: 2048
- country: "DE"
- subject_alternative_name: "DNS:*.abc.com"
- state: "München"
- my_commonName: "*.example.com"
- ou: "IT"
- city: "Ulm"
- organization: "Microsoft"
tasks:
- name: Create command tmsh Command dynamically
ansible.builtin.set_fact:
create_tmos_command: >-
create sys crypto key '{{ cust_obj }}' key-size {{ keySize }}
gen-csr country '{{ country }}'
city '{{ city }}'
state '{{ state }}'
organization '{{ organization }}'
ou '{{ ou }}'
common-name '{{ my_commonName }}'
subject-alternative-name '{{ subject_alternative_name }}'
delegate_to: localhost
- name: "Generate the CSR On Device"
f5networks.f5_modules.bigip_command:
provider: "{{ provider }}"
commands:
- "{{ create_tmos_command }}"
delegate_to: localhost
EXPECTED RESULTS
ACTUAL RESULTS
"changed": false, "invocation": { "module_args": { "chdir": null, "commands": [ "create sys crypto key 'www.example.com' key-size 2048 gen-csr country 'DE' city 'Ulm' state 'München' organization 'Microsoft' ou 'IT' common-name '.example.com' subject-alternative-name 'DNS:.abc.com'" ], "interval": 1, "match": "all", "provider": { "auth_provider": null, "no_f5_teem": true, "password": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER", "server": "10.10.20.90", "server_port": 443, "ssh_keyfile": null, "timeout": null, "transport": "rest", "user": "unix", "validate_certs": false }, "retries": 10, "wait_for": null, "warn": true } }, "msg": "double quotes are not balanced" }
Hi @f5killer,
Have you tried using bigip_ssl_csr module from declarative collection? https://clouddocs.f5.com/products/orchestration/ansible/devel/f5_bigip/modules_2_0/bigip_ssl_csr_module.html#bigip-ssl-csr-module-2
Issue is still same in that module 'bigip_ssl_csr' too. I have opened the f5 case.
Hi,
Thanks for reporting. Added to the backlog and internal tracking ID for this request is: INFRAANO-1657.
Hi @f5killer , Issue closed in latest collection version, please open new issue if issue observe
