diff --git a/changelogs/fragments/httpapi_options.yaml b/changelogs/fragments/httpapi_options.yaml
new file mode 100644
index 000000000..ef9cdb511
--- /dev/null
+++ b/changelogs/fragments/httpapi_options.yaml
@@ -0,0 +1,5 @@
+---
+minor_changes:
+ - httpapi - Add additional option ``ca_path``, ``client_cert``, ``client_key``, and
+ ``http_agent`` that are available in open_url but not to httpapi.
+ (https://github.com/ansible-collections/ansible.netcommon/issues/528)
diff --git a/docs/ansible.netcommon.httpapi_connection.rst b/docs/ansible.netcommon.httpapi_connection.rst
index 5131703c8..eb8e5b424 100644
--- a/docs/ansible.netcommon.httpapi_connection.rst
+++ b/docs/ansible.netcommon.httpapi_connection.rst
@@ -81,6 +81,25 @@ Parameters
This option allows the become method to be specified in for handling privilege escalation. Typically the become_method value is set to enable but could be defined as other values.
+
+ |
+
+ ca_path
+
+
+ path
+
+ added in 5.2.0
+ |
+
+ |
+
+ var: ansible_httpapi_ca_path
+ |
+
+ Path to CA cert bundle to use.
+ |
+
|
@@ -105,6 +124,44 @@ Parameters
This option will have no effect on ansible-core<2.14 but a warning will be emitted.
|
+
+ |
+
+ client_cert
+
+
+ -
+
+ added in 5.2.0
+ |
+
+ |
+
+ var: ansible_httpapi_client_cert
+ |
+
+ PEM formatted certificate chain file to be used for SSL client authentication. This file can also include the key as well, and if the key is included, client_key is not required
+ |
+
+
+ |
+
+ client_key
+
+
+ -
+
+ added in 5.2.0
+ |
+
+ |
+
+ var: ansible_httpapi_client_key
+ |
+
+ PEM formatted file that contains the private key to be used for SSL client authentication. If client_cert contains both the certificate and key, this option is not required.
+ |
+
|
@@ -125,6 +182,25 @@ Parameters
Specifies the remote device FQDN or IP address to establish the HTTP(S) connection to.
|
+
+ |
+
+ http_agent
+
+
+ -
+
+ added in 5.2.0
+ |
+
+ |
+
+ var: ansible_httpapi_http_agent
+ |
+
+ User-Agent to use in the request.
+ |
+
|
diff --git a/plugins/connection/httpapi.py b/plugins/connection/httpapi.py
index d16028d2f..21f735979 100644
--- a/plugins/connection/httpapi.py
+++ b/plugins/connection/httpapi.py
@@ -81,6 +81,34 @@
- When specified, I(password) is ignored.
vars:
- name: ansible_httpapi_session_key
+ ca_path:
+ description:
+ - Path to CA cert bundle to use.
+ type: path
+ version_added: 5.2.0
+ vars:
+ - name: ansible_httpapi_ca_path
+ client_cert:
+ description:
+ - PEM formatted certificate chain file to be used for SSL client
+ authentication. This file can also include the key as well, and if the key
+ is included, I(client_key) is not required
+ version_added: 5.2.0
+ vars:
+ - name: ansible_httpapi_client_cert
+ client_key:
+ description:
+ - PEM formatted file that contains the private key to be used for SSL client
+ authentication. If I(client_cert) contains both the certificate and key,
+ this option is not required.
+ version_added: 5.2.0
+ vars:
+ - name: ansible_httpapi_client_key
+ http_agent:
+ description: User-Agent to use in the request.
+ version_added: 5.2.0
+ vars:
+ - name: ansible_httpapi_http_agent
use_ssl:
type: boolean
description:
@@ -279,10 +307,14 @@ def send(self, path, data, retries=None, **kwargs):
Sends the command to the device over api
"""
url_kwargs = dict(
+ headers={},
+ use_proxy=self.get_option("use_proxy"),
timeout=self.get_option("persistent_command_timeout"),
validate_certs=self.get_option("validate_certs"),
- use_proxy=self.get_option("use_proxy"),
- headers={},
+ http_agent=self.get_option("http_agent"),
+ client_cert=self.get_option("client_cert"),
+ client_key=self.get_option("client_key"),
+ ca_path=self.get_option("ca_path"),
)
url_kwargs.update(kwargs)
|