scripts/srv-stage
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
srv-stage/certificate.yml
Gilles Mouchet 0010a5886d first commit
2025-01-19 20:23:14 +01:00

36 lines
1.1 KiB
YAML
Raw Permalink Blame History

---
#https://milliams.com/posts/2020/ansible-certificate-authority/
- name: create certs folder
file:
path: "{{ certs_path }}"
state: directory
- name: create CA key
openssl_privatekey:
path: "{{ certs_path }}/stageCA.key"
register: ca_key
- name: create the CA csr
openssl_csr:
path: "{{ certs_path }}/stageCA.csr"
privatekey_path: "{{ ca_key.filename }}"
common_name: "my-ca"
register: ca_csr
- name: sign the CA csr
openssl_certificate:
path: "{{ certs_path }}/stageCA.crt"
csr_path: "{{ ca_csr.filename }}"
privatekey_path: "{{ ca_key.filename }}"
provider: selfsigned
register: ca_crt
- name: create key and csr
shell: "openssl req -newkey rsa:2048 -days 1095 -nodes -keyout {{ certs_path }}/stage-ge.org.key -out {{ certs_path }}/stage-ge.org.csr -config ./files/certs/ca-config -subj '/'"
changed_when: false
- name: create wilcard cert
shell: "openssl x509 -req -in {{ certs_path }}/stage-ge.org.csr -CA {{ certs_path }}/stageCA.crt -CAkey {{ certs_path }}/stageCA.key -CAcreateserial -extfile ./files/certs/wilcard.cnf -out {{ certs_path }}/stage-ge.org.crt -days 365 -sha256"
changed_when: false
Reference in New Issue View Git Blame Copy Permalink