Add a stat state to win_certificate_store

[cruscio]

SUMMARY

As a role developer for software install on Windows Server, I would like to publish a role that can be configured to either

• accept a certificate file (and deploy that certificate to the Windows certificate manager) or
• accept a certificate thumbprint, for a certificate that is already distributed to the machine

It's common in my field for a system administrator to generate and sign a CSR (so a key never leaves the server), or for a system administrator to deploy a certificate to the Windows certificate store as unexportable. Either method would be separate from the ansible play utilizing that certificate.

Current behavior of ansible.windows.win_certificate requires a file path to get certificate info: Path: This is required when state is present or exported

It would be ideal to have one of the following modifications to ansible.windows.win_certificate

• add a stat state that allows fetching the details of a certificate by thumbprint or by file path
• modify the behavior of the present state to allow path to be undefined, and to lookup/stat info for the provided thumbprint.
• or create a new task module: ansible.windows.win_certificate_stat that could return certificate info from either a file or from the certificate store (similar to win_file and win_stat)

ISSUE TYPE

• Feature Idea

COMPONENT NAME

ansible.windows.win_certificate

ADDITIONAL INFORMATION

[jborean93]

We try to now avoid overloading the state option for returning information in favour of a dedicated _info module instead. We should look at promoting https://github.com/ansible-collections/community.windows/blob/main/plugins/modules/win_certificate_info.ps1 instead to this collection and making the changes necessary for that promotion.