ansible/roles/generate_self_signed_certificate/tasks/main.yml

37 lines
1.1 KiB
YAML
Raw Normal View History

2021-01-26 19:36:59 +01:00
---
2021-07-28 02:55:28 +02:00
- name: Install openssl
apt:
name: python3-openssl
state: latest
update_cache: true
register: apt_result
retries: 3
until: apt_result is succeeded
2021-01-26 19:36:59 +01:00
- name: Ensure the cert directory exists
file:
path: /var/certificates
state: directory
- name: Generate an OpenSSL private key
openssl_privatekey:
path: "/var/certificates/{{ server_hostname }}_privkey.pem"
size: 4096
type: RSA
- name: Generate an OpenSSL Certificate Signing Request with Subject information
openssl_csr:
path: "/var/certificates/{{ server_hostname }}.csr"
privatekey_path: "/var/certificates/{{ server_hostname }}_privkey.pem"
country_name: "{{ country_name }}"
organization_name: "{{ organization_name }}"
email_address: "{{ vault_email }}"
common_name: "{{ server_hostname }}"
- name: Generate a Self Signed OpenSSL certificate
openssl_certificate:
path: "/var/certificates/{{ server_hostname }}_cert.pem"
privatekey_path: "/var/certificates/{{ server_hostname }}_privkey.pem"
csr_path: "/var/certificates/{{ server_hostname }}.csr"
provider: selfsigned