Nelze vybrat více než 25 témat
Téma musí začínat písmenem nebo číslem, může obsahovat pomlčky („-“) a může být dlouhé až 35 znaků.
|
- ---
-
- - include_role:
- name: certificate
- vars:
- certificate_name: ca
- certificate_provider: manual
- certificate_authority: true
- certificate_key_usage:
- - digitalSignature
- - cRLSign
- - keyCertSign
- certificate_directory: "{{ certificate_authority_directory }}"
- certificate_file: "{{ certificate_authority_directory }}/certs/ca.cert.pem"
- certificate_signing_request_file: "{{ certificate_authority_directory }}/csr/ca.csr.pem"
- certificate_signing_request_config_file: "{{ certificate_authority_directory }}/csr/ca.csr.cnf"
- certificate_private_key_file: "{{ certificate_authority_directory }}/private/ca.key.pem"
- certificate_private_key_password: "{{ certificate_authority_private_key_password }}"
-
- - name: self sign certificate
- command: openssl ca -selfsign -batch -notext
- -config cnf/ca.cnf
- -in csr/ca.csr.pem
- -out certs/ca.cert.pem
- {{ certificate_authority_private_key_password is defined | ternary('-passin env:PRIVATE_KEY_PASSWORD','') }}
- args:
- chdir: "{{ certificate_authority_directory }}"
- creates: "{{ certificate_authority_directory }}/certs/ca.cert.pem"
- environment:
- PRIVATE_KEY_PASSWORD: "{{ certificate_authority_private_key_password | default('') }}"
- when: certificate_authority_type == "root"
-
- # - name: certificate stat
- # stat:
- # path: "{{ certificate_authority_directory }}/certs/ca.cert.pem"
- # register: _certificate_authority_stat
- # changed_when: not _certificate_authority_stat.stat.exists
- # notify: self sign certificate
-
- # - debug:
- # msg: "{{ _certificate_authority_stat }}"
|
