aboutsummaryrefslogtreecommitdiff
path: root/roles/signed_certificate/tasks/sign_selfsigned.yml
diff options
context:
space:
mode:
Diffstat (limited to 'roles/signed_certificate/tasks/sign_selfsigned.yml')
-rw-r--r--roles/signed_certificate/tasks/sign_selfsigned.yml31
1 files changed, 31 insertions, 0 deletions
diff --git a/roles/signed_certificate/tasks/sign_selfsigned.yml b/roles/signed_certificate/tasks/sign_selfsigned.yml
new file mode 100644
index 0000000..fb610f6
--- /dev/null
+++ b/roles/signed_certificate/tasks/sign_selfsigned.yml
@@ -0,0 +1,31 @@
+---
+- name: Create CSR
+ community.crypto.openssl_csr_pipe:
+ privatekey_path: '{{ key_path }}/{{ cert_name }}.key'
+ common_name: '{{ common_name }}'
+ subject_alt_name: '{{ alt_name }}'
+ register: request
+ become: yes
+
+- name: Sign OpenSSL Certificate
+ community.crypto.x509_certificate_pipe:
+ provider: ownca
+ ownca_privatekey_path: '{{ signed_certificate.privkey_path }}'
+ ownca_privatekey_passphrase: '{{ signed_certificate.privkey_passphrase }}'
+ ownca_content: '{{ signed_certificate.cert_content }}'
+ ownca_not_after: '{{ signed_certificate.valid_for }}'
+ csr_content: '{{ request.csr }}'
+ delegate_to: localhost
+ register: cert
+
+- name: Install Signed OpenSSL Certificate
+ copy:
+ dest: '{{ cert_path }}/{{ cert_name }}.pem'
+ content: '{{ cert.certificate }}'
+ owner: '{{ owner }}'
+ group: '{{ group }}'
+ become: yes
+
+- name: Set cert_changed flag
+ set_fact:
+ cert_changed: True
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-22 06:35:08 +0000