Forum Discussion

Samir's avatar
Jun 26, 2023

Generate csr via ansible script

Hi All,

Did any one tried to create CSR via f5 ansible module. I am trying my but can't make it. Written below script but it is unable to find ansible module for csr. 


- name: Generate F5 BIG-IP CSR
  hosts: all
  gather_facts: no
    - f5networks.f5_modules
  connection: local
    f5_server: "{{ your_f5_server }}"
    f5_username: "{{ your_f5_username }}"
    f5_password: "{{ your_f5_password }}"
    csr_name: "{{ your_csr_name }}"
    csr_common_name: "{{ your_csr_common_name }}"
      - "{{ your_csr_sans }}"
    csr_key_size: "{{ your_csr_key_size }}"
    csr_key_type: "{{ your_csr_key_type }}"
    csr_algorithm: "{{ your_csr_algorithm }}"
    csr_key_password: "{{ your_csr_key_password }}"
    - name: Generate CSR
          server: "{{ f5_server }}"
          user: "{{ f5_username }}"
          password: "{{ f5_password }}"
          validate_certs: no
        name: "{{ csr_name }}"
        common_name: "{{ csr_common_name }}"
        subject_alternative_names: "{{ csr_subject_alternative_names }}"
        key_size: "{{ csr_key_size }}"
        key_type: "{{ csr_key_type }}"
        algorithm: "{{ csr_algorithm }}"
        key_password: "{{ csr_key_password }}"
      register: csr_result


ERROR! couldn't resolve module/action 'bigip_device_certificate_csr'. This often indicates a misspelling, missing collection, or incorrect module path.

Please help. Thanks

5 Replies

  • Samir I have not but it seems like a lot of work to go through to generate a CSR. I definitely need to become more familiar with ansible and then maybe I could assist more with this.

    • Samir's avatar
      Icon for MVP rankMVP

      Thank yo so much. Source code is correct, I have install all collections from ansible galaxy. Because reset other F5 ansible playbook is working. Infact I have change module to 


      But no luck. I feel development team to have a look n advice.

  • Above link is only helpful for self-sign cert with no parameter such as (not Country, No Organization, etc). I wanted to generate CA based CSR, so that later i can send to CA for public cert. Used both module bigip_ssl_csr and bigip_device_certificate_csr but no luck. 

    msg: 'Unsupported parameters for (f5networks.f5_modules.bigip_ssl_csr) module: algorithm, key_size, key_type, mode, subject_alternative_names. Supported parameters include: common_name, dest, force, key_name, name, provider, state.'

    I don't see much example.