volker.raschek/ansible-role-certificate-authority
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

Initial Commit
Some checks failed
Lint Markdown files / markdown-lint (push) Successful in 11s
Details
Ansible Linter / ansible-lint (push) Failing after 49s
Details

Browse Source
This commit is contained in:
Markus Pesch
2025-07-30 22:09:38 +02:00
commit a0ea59c528
27 changed files with 2808 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
tasks/root_certificate_authority_protected.yaml Normal file
View File

@ -0,0 +1,26 @@
---
- name: Create private key for root CA
community.crypto.openssl_privatekey:
passphrase: "{{ certificate_authority_root_ca_tls_key_passphrase }}"
path: "{{ certificate_authority_root_ca_path }}/privkey.pem"
type: "{{ certificate_authority_root_ca_tls_key_type }}"
- name: Create a certificate signing request (CSR) for root CA
community.crypto.openssl_csr:
basic_constraints:
- "CA:TRUE"
common_name: "{{ certificate_authority_root_ca_common_name }}"
path: "{{ certificate_authority_root_ca_path }}/cert-req.pem"
privatekey_path: "{{ certificate_authority_root_ca_path }}/privkey.pem"
use_common_name_for_san: false
- name: Create self-signed certificate for root CA
community.crypto.x509_certificate:
csr_path: "{{ certificate_authority_root_ca_path }}/cert-req.pem"
path: "{{ certificate_authority_root_ca_path }}/cert.pem"
privatekey_passphrase: "{{ certificate_authority_root_ca_tls_key_passphrase }}"
privatekey_path: "{{ certificate_authority_root_ca_path }}/privkey.pem"
provider: selfsigned
selfsigned_not_after: "{{ certificate_authority_root_ca_not_after }}"
selfsigned_not_before: "{{ certificate_authority_root_ca_not_before }}"