Check VMware VCSA certs validity using Ansible and RestAPI

Recently a requirement came, where VMware VCSA 6.x compliance need to be checked using Ansible.  Vendor wants to use VMware RestApi [Not interested to use VMware Python SDK].

Note: VMware Ansible module comes with VMware Python SDK [PyVmomi]. This compliance check was having

ssh , ipv6, ntp, CA certs, DNS check and set (in case of value has changed).  Most of the option was available except CA cert check. Below yaml code has three parts;

  • VCSA login
  • cert fetch
  • logging

—-vc_cert_check.yaml–

This is used for Product hardening!!