44 lines
1.2 KiB
YAML
44 lines
1.2 KiB
YAML
---
|
|
- name: Sanity checks
|
|
assert:
|
|
that:
|
|
- selfsignedcert_basename|default("") != ""
|
|
|
|
|
|
- name: Generate private key
|
|
openssl_privatekey:
|
|
path: '{{ selfsignedcert_basename }}.{{ selfsignedcert_suffix_key }}'
|
|
size: '{{ selfsignedcert_keysize|default(2048) }}'
|
|
mode: 0600
|
|
register: selfsignedcert_result_key
|
|
|
|
|
|
- name: Generate CSR
|
|
openssl_csr:
|
|
path: '{{ selfsignedcert_basename }}.{{ selfsignedcert_suffix_csr }}'
|
|
privatekey_path: '{{ selfsignedcert_basename }}.{{ selfsignedcert_suffix_key }}'
|
|
common_name: '{{ selfsigned_cn|default(ansible_hostname) }}'
|
|
subject_alt_name: '{{ selfsigned_san|default([]) }}'
|
|
|
|
|
|
- name: Generate certificate
|
|
openssl_certificate:
|
|
path: '{{ selfsignedcert_basename }}.{{ selfsignedcert_suffix_crt }}'
|
|
privatekey_path: '{{ selfsignedcert_basename }}.{{ selfsignedcert_suffix_key }}'
|
|
csr_path: '{{ selfsignedcert_basename }}.{{ selfsignedcert_suffix_csr }}'
|
|
provider: selfsigned
|
|
register: selfsignedcert_result_crt
|
|
|
|
|
|
- name: Combine key and certificate
|
|
template:
|
|
src: combined.j2
|
|
dest: '{{ selfsignedcert_basename }}.{{ selfsignedcert_suffix_combined }}'
|
|
mode: 0600
|
|
backup: yes
|
|
|
|
|
|
- debug: var=xxx1
|
|
- debug: var=xxx2
|
|
|