1234567891011121314151617181920212223242526272829303132333435363738394041424344 |
- ---
- - name: Install openssl
- apt:
- update_cache: yes
- state: present
- pkg:
- - openssl
- - name: Make certificates directory
- file:
- path: "{{ ca_cert_dir }}"
- state: directory
- - name: Certification Authority - Check if the private key is already present
- stat:
- path: "{{ ca_cert_dir }}/{{ ca_cert_name }}.key"
- register: ca_cert_key
- - name: Certification Authority - Generate the CA private key
- shell: openssl genrsa -des3 -passout pass:"{{ ca_cert_key_pass }}" -out {{ ca_cert_name }}.key 4096
- args:
- chdir: "{{ ca_cert_dir }}"
- when: not ca_cert_key.stat.exists
- - name: Certification Authority - Check if the CA root certificate is already presentt
- stat:
- path: "{{ ca_cert_dir }}/{{ ca_cert_name }}.pem"
- register: ca_cert_pem
- - name: Certification Authority - Generate the CA root configuration file
- template:
- src: authority.conf.j2
- dest: "{{ ca_cert_dir }}/{{ ca_cert_name }}.conf"
- when: not ca_cert_pem.stat.exists
- - name: Certification Authority - Generate the CA root certificate
- shell: openssl req -x509 -new -nodes \
- -key {{ ca_cert_name }}.key \
- -passin pass:"{{ ca_cert_key_pass }}" \
- -sha256 -days {{ ca_cert_days }} -out {{ ca_cert_name }}.pem \
- -config {{ ca_cert_name }}.conf
- args:
- chdir: "{{ ca_cert_dir }}"
- when: not ca_cert_pem.stat.exists
|