diff options
author | Jonas Gunz <himself@jonasgunz.de> | 2021-09-01 04:11:37 +0200 |
---|---|---|
committer | Jonas Gunz <himself@jonasgunz.de> | 2021-09-01 04:11:37 +0200 |
commit | a024ad57e94976f7541bdd352e2d0a364c2aa5fb (patch) | |
tree | b04a92bdb939f6ecba135c0feb5d82fd148838e8 /roles/signed_certificate/tasks/sign.yml | |
download | ansible_collection-a024ad57e94976f7541bdd352e2d0a364c2aa5fb.tar.gz |
initial
Diffstat (limited to 'roles/signed_certificate/tasks/sign.yml')
-rw-r--r-- | roles/signed_certificate/tasks/sign.yml | 31 |
1 files changed, 31 insertions, 0 deletions
diff --git a/roles/signed_certificate/tasks/sign.yml b/roles/signed_certificate/tasks/sign.yml new file mode 100644 index 0000000..b99df32 --- /dev/null +++ b/roles/signed_certificate/tasks/sign.yml @@ -0,0 +1,31 @@ +--- +- name: Create CSR + community.crypto.openssl_csr_pipe: + privatekey_path: '{{ key_path }}/{{ cert_name }}.key' + common_name: '{{ ansible_facts.fqdn }}' + subject_alt_name: '{{ alt_name }}' + register: request + become: yes + +- name: Sign OpenSSL Certificate + community.crypto.x509_certificate_pipe: + provider: ownca + ownca_privatekey_path: '{{ signed_certificate.privkey_path }}' + ownca_privatekey_passphrase: '{{ signed_certificate.privkey_passphrase }}' + ownca_content: '{{ signed_certificate.cert_content }}' + ownca_not_after: '{{ signed_certificate.valid_for }}' + csr_content: '{{ request.csr }}' + delegate_to: localhost + register: cert + +- name: Install Signed OpenSSL Certificate + copy: + dest: '{{ cert_path }}/{{ cert_name }}.pem' + content: '{{ cert.certificate }}' + owner: '{{ owner }}' + group: '{{ group }}' + become: yes + +- name: Set cert_changed flag + set_fact: + cert_changed: True |