2021-01-26 19:36:59 +01:00
|
|
|
---
|
2021-07-28 02:55:28 +02:00
|
|
|
- name: Install openssl
|
|
|
|
apt:
|
|
|
|
name: python3-openssl
|
|
|
|
state: latest
|
|
|
|
update_cache: true
|
|
|
|
register: apt_result
|
|
|
|
retries: 3
|
|
|
|
until: apt_result is succeeded
|
|
|
|
|
2021-01-26 19:36:59 +01:00
|
|
|
- name: Ensure the cert directory exists
|
|
|
|
file:
|
|
|
|
path: /var/certificates
|
|
|
|
state: directory
|
|
|
|
|
|
|
|
- name: Generate an OpenSSL private key
|
|
|
|
openssl_privatekey:
|
|
|
|
path: "/var/certificates/{{ server_hostname }}_privkey.pem"
|
|
|
|
size: 4096
|
|
|
|
type: RSA
|
|
|
|
|
|
|
|
- name: Generate an OpenSSL Certificate Signing Request with Subject information
|
|
|
|
openssl_csr:
|
|
|
|
path: "/var/certificates/{{ server_hostname }}.csr"
|
|
|
|
privatekey_path: "/var/certificates/{{ server_hostname }}_privkey.pem"
|
|
|
|
country_name: "{{ country_name }}"
|
|
|
|
organization_name: "{{ organization_name }}"
|
|
|
|
email_address: "{{ vault_email }}"
|
|
|
|
common_name: "{{ server_hostname }}"
|
|
|
|
|
|
|
|
- name: Generate a Self Signed OpenSSL certificate
|
|
|
|
openssl_certificate:
|
|
|
|
path: "/var/certificates/{{ server_hostname }}_cert.pem"
|
|
|
|
privatekey_path: "/var/certificates/{{ server_hostname }}_privkey.pem"
|
|
|
|
csr_path: "/var/certificates/{{ server_hostname }}.csr"
|
|
|
|
provider: selfsigned
|