blob: b99df3293cb2a1d3f0f458f0fe6e4b393f7be8bf (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
|
---
- name: Create CSR
community.crypto.openssl_csr_pipe:
privatekey_path: '{{ key_path }}/{{ cert_name }}.key'
common_name: '{{ ansible_facts.fqdn }}'
subject_alt_name: '{{ alt_name }}'
register: request
become: yes
- name: Sign OpenSSL Certificate
community.crypto.x509_certificate_pipe:
provider: ownca
ownca_privatekey_path: '{{ signed_certificate.privkey_path }}'
ownca_privatekey_passphrase: '{{ signed_certificate.privkey_passphrase }}'
ownca_content: '{{ signed_certificate.cert_content }}'
ownca_not_after: '{{ signed_certificate.valid_for }}'
csr_content: '{{ request.csr }}'
delegate_to: localhost
register: cert
- name: Install Signed OpenSSL Certificate
copy:
dest: '{{ cert_path }}/{{ cert_name }}.pem'
content: '{{ cert.certificate }}'
owner: '{{ owner }}'
group: '{{ group }}'
become: yes
- name: Set cert_changed flag
set_fact:
cert_changed: True
|