Add helper method for retrieving serial number of certificate.

plugins/module_utils/crypto/cryptography_support.py

@@ -288,3 +288,15 @@ def cryptography_compare_public_keys(key1, key2):
             b = key2.public_bytes(serialization.Encoding.Raw, serialization.PublicFormat.Raw)
             return a == b
     return key1.public_numbers() == key2.public_numbers()
+
+
+def cryptography_serial_number_of_cert(cert):
+    '''Returns cert.serial_number.
+
+    Also works for old versions of cryptography.
+    '''
+    try:
+        return cert.serial_number
+    except AttributeError:
+        # The property was called "serial" before cryptography 1.4
+        return cert.serial

plugins/modules/x509_certificate.py

@@ -890,6 +890,7 @@
     cryptography_name_to_oid,
     cryptography_key_needs_digest_for_signing,
     cryptography_parse_key_usage_params,
+    cryptography_serial_number_of_cert,
 )
 
 MINIMAL_CRYPTOGRAPHY_VERSION = '1.6'
@@ -1241,7 +1242,7 @@ def dump(self, check_mode=False):
             result.update({
                 'notBefore': self.cert.not_valid_before.strftime("%Y%m%d%H%M%SZ"),
                 'notAfter': self.cert.not_valid_after.strftime("%Y%m%d%H%M%SZ"),
-                'serial_number': self.cert.serial_number,
+                'serial_number': cryptography_serial_number_of_cert(self.cert),
             })
 
         return result
@@ -1538,7 +1539,7 @@ def dump(self, check_mode=False):
             result.update({
                 'notBefore': self.cert.not_valid_before.strftime("%Y%m%d%H%M%SZ"),
                 'notAfter': self.cert.not_valid_after.strftime("%Y%m%d%H%M%SZ"),
-                'serial_number': self.cert.serial_number,
+                'serial_number': cryptography_serial_number_of_cert(self.cert),
             })
 
         return result
@@ -2402,7 +2403,7 @@ def _get_cert_details(self):
                 time_string = to_native(self.cert.get_notAfter())
                 expiry = datetime.datetime.strptime(time_string, "%Y%m%d%H%M%SZ")
             elif self.backend == 'cryptography':
-                serial_number = "{0:X}".format(self.cert.serial_number)
+                serial_number = "{0:X}".format(cryptography_serial_number_of_cert(self.cert))
                 expiry = self.cert.not_valid_after
 
             # get some information about the expiry of this certificate

plugins/modules/x509_certificate_info.py

@@ -330,6 +330,7 @@
     cryptography_decode_name,
     cryptography_get_extensions_from_cert,
     cryptography_oid_to_name,
+    cryptography_serial_number_of_cert,
 )
 
 from ansible_collections.community.crypto.plugins.module_utils.crypto.pyopenssl_support import (
@@ -671,7 +672,7 @@ def _get_authority_key_identifier(self):
             return None, None, None
 
     def _get_serial_number(self):
-        return self.cert.serial_number
+        return cryptography_serial_number_of_cert(self.cert)
 
     def _get_all_extensions(self):
         return cryptography_get_extensions_from_cert(self.cert)

plugins/modules/x509_crl.py

@@ -376,6 +376,7 @@
     cryptography_get_name,
     cryptography_name_to_oid,
     cryptography_oid_to_name,
+    cryptography_serial_number_of_cert,
 )
 
 from ansible_collections.community.crypto.plugins.module_utils.crypto.cryptography_crl import (
@@ -462,11 +463,7 @@ def __init__(self, module):
                     if rc['content'] is not None:
                         rc['content'] = rc['content'].encode('utf-8')
                     cert = load_certificate(rc['path'], content=rc['content'], backend='cryptography')
-                    try:
-                        result['serial_number'] = cert.serial_number
-                    except AttributeError:
-                        # The property was called "serial" before cryptography 1.4
-                        result['serial_number'] = cert.serial
+                    result['serial_number'] = cryptography_serial_number_of_cert(cert)
                 except OpenSSLObjectError as e:
                     if rc['content'] is not None:
                         module.fail_json(