21 lines
1.2 KiB
YAML
21 lines
1.2 KiB
YAML
---
|
|
- name: Generate RSA key
|
|
command: openssl genrsa -out {{ ssl_certs_privkey_path }} {{ ssl_certs_key_size }} creates={{ ssl_certs_privkey_path }}
|
|
|
|
- name: RSA key file ownership
|
|
file: path={{ ssl_certs_privkey_path }} owner={{ ssl_certs_path_owner }} group={{ ssl_certs_path_group }} mode={{ ssl_certs_mode }}
|
|
|
|
- name: Generate CSR
|
|
command: openssl req -new -sha256 -subj "{{ ssl_certs_fields }}" -key {{ ssl_certs_privkey_path }} -out {{ ssl_certs_csr_path }} creates={{ ssl_certs_csr_path }}
|
|
|
|
- name: CSR file ownership
|
|
file: path={{ ssl_certs_csr_path }} owner={{ ssl_certs_path_owner }} group={{ ssl_certs_path_group }} mode={{ ssl_certs_mode }}
|
|
|
|
- name: Generate self-signed SSL certificate
|
|
command: openssl req -nodes -x509 -sha256 -days {{ ssl_certs_days }} -in {{ ssl_certs_csr_path }} -key {{ ssl_certs_privkey_path }} -out {{ ssl_certs_cert_path }} -extensions v3_ca creates={{ ssl_certs_cert_path }}
|
|
when: ssl_certs_generate_self_signed
|
|
|
|
- name: Self-signed SSL certificate file ownership
|
|
file: path={{ ssl_certs_cert_path }} owner={{ ssl_certs_path_owner }} group={{ ssl_certs_path_group }} mode={{ ssl_certs_mode }}
|
|
when: ssl_certs_generate_self_signed
|