Module to support Active Directory Certificate Services (ADCS) Certificate Enrollment Web Service (CES)?

[ghost]

SUMMARY

Some year(s) ago I wrote a playbook to request certificates from ADCS via CES since me and my team really needed this to be automated. In this case I used Ansible as a golden hammer and have tasks which I'm not too proud of. To be able to do this I had to intercept the traffic from certreq.exe towards CES and then examine what was happening. The request is sent and received via SOAP-XML. Saving the request XML and having Ansible manipulate it was in the end working. This playbook is not idempotent in anyway and will gladly request a new certificate for each run.

I've always thought about trying to turn it into a module but this is way over my head so therefor I'm creating this issue just to see if there is any interest in implementing this functionality? Maybe it's just a waste of time and one should instead look at solutions which can give an ACME interface to ADCS, e.g. https://github.com/grindsa/acme2certifier, https://github.com/glatzert/ACME-Server-ACDS. I have not tested these myself, it's just what I found by searching some.

If this is of interest I'm happy to help in anyway I can.

ISSUE TYPE

• Feature Idea

COMPONENT NAME

new module

ADDITIONAL INFORMATION

You can see the playbook and the XML files in the following gist: https://gist.github.com/dopice/922d21766e70fca6e9c5085f182d6c4b

[itcultus]

It's too bad that this RFE is not implemented...

[felixfontein]

@itcultus you (or someone else) could create a PR to implement this :)