Ansible: Split A String By Length

This is something I needed to allow me to push a base64 encoded certificate into A Cisco ASA, but there was buffer limit on the input

ERROR: Input line size exceeded available buffer (510 characters)

When you enter the certificate manually, you need to take the PKCS12 file which is in binary format and encode it to base64, and paste the result in the terminal, by default the base64 command will wrap on the 76 character, and you can select the output and paste it into the terminal, and that will work.

But Ansible don’t have (yet?) support for splitting a string to chunks basked on a requested length, So I came out with this small trick which combine regex search and replace to mark each 510th character, and then use split to break the string into multiple line which the ASA can digest.

- name: Get Certificate
  set_fact:
    cert: >
      {{ (lookup('file', cert_file) | b64encode | regex_replace('(.{1,510})', '\1|')).split('|') | list }}

- name: Import A New Certificate Into The TrustPoint
  asa_config:
    replace: block
    parents: crypto ca import SSL-Trustpoint-Ansible pkcs12 password123 nointeractive
    lines: "{{ cert }}"
  notify:
    - Set SSL Trust-Point

 

You may also like...

Leave a Reply

Your email address will not be published.