fix: set cipher correctly

fix(root_ca): set passphrase correctly
fix(intermediate_ca): set passphrase correctly
2025-07-31 09:53:01 +02:00 · 2025-07-31 09:49:12 +02:00 · 2025-07-31 09:48:51 +02:00
5 changed files with 5 additions and 2 deletions
--- a/tasks/client_certificate_protected.yaml
+++ b/tasks/client_certificate_protected.yaml
@ -5,6 +5,7 @@
    path: "{{ certificate_authority_client_path }}/privkey.pem"
    type: "{{ certificate_authority_client_tls_key_type }}"
    passphrase: "{{ certificate_authority_client_tls_key_passphrase }}"
+    cipher: auto

 - name: Create a certificate signing request (CSR) for client certificate without subject alternative names (SANs)
  community.crypto.openssl_csr:
--- a/tasks/intermediate_certificate_authority.yaml
+++ b/tasks/intermediate_certificate_authority.yaml
@ -16,7 +16,7 @@
        certificate_authority_intermediate_ca_tls_key_passphrase | length <= 0

 - name: Create passphrase protected intermediate Certificate Authority (CA)
-  ansible.builtin.include_tasks: intermediate_certificate_authority_unprotected.yaml
+  ansible.builtin.include_tasks: intermediate_certificate_authority_protected.yaml
  when: certificate_authority_intermediate_ca_create is defined and
        certificate_authority_intermediate_ca_create and
        certificate_authority_intermediate_ca_tls_key_passphrase is defined and
--- a/tasks/intermediate_certificate_authority_protected.yaml
+++ b/tasks/intermediate_certificate_authority_protected.yaml
@ -5,6 +5,7 @@
    passphrase: "{{ certificate_authority_intermediate_ca_tls_key_passphrase }}"
    path: "{{ certificate_authority_intermediate_ca_path }}/privkey.pem"
    type: "{{ certificate_authority_intermediate_ca_tls_key_type }}"
+    cipher: auto

 - name: Create a certificate signing request (CSR) for intermediate CA
  community.crypto.openssl_csr:
--- a/tasks/root_certificate_authority.yaml
+++ b/tasks/root_certificate_authority.yaml
@ -16,7 +16,7 @@
        certificate_authority_root_ca_tls_key_passphrase | length <= 0

 - name: Create passphrase protected root Certificate Authority (CA)
-  ansible.builtin.include_tasks: root_certificate_authority_unprotected.yaml
+  ansible.builtin.include_tasks: root_certificate_authority_protected.yaml
  when: certificate_authority_root_ca_create is defined and
        certificate_authority_root_ca_create and
        certificate_authority_root_ca_tls_key_passphrase is defined and
--- a/tasks/root_certificate_authority_protected.yaml
+++ b/tasks/root_certificate_authority_protected.yaml
@ -5,6 +5,7 @@
    passphrase: "{{ certificate_authority_root_ca_tls_key_passphrase }}"
    path: "{{ certificate_authority_root_ca_path }}/privkey.pem"
    type: "{{ certificate_authority_root_ca_tls_key_type }}"
+    cipher: auto

 - name: Create a certificate signing request (CSR) for root CA
  community.crypto.openssl_csr:
Author	SHA1	Message	Date
Markus Pesch	61b0a7c9ec	fix: set cipher correctly Some checks failed Ansible Linter / ansible-lint (push) Failing after 59s Details Lint Markdown files / markdown-lint (push) Successful in 11s Details	2025-07-31 09:53:01 +02:00
Markus Pesch	dbbaacdc69	fix(root_ca): set passphrase correctly Some checks failed Lint Markdown files / markdown-lint (push) Successful in 10s Details Ansible Linter / ansible-lint (push) Failing after 1m0s Details	2025-07-31 09:49:12 +02:00
Markus Pesch	505f0450d4	fix(intermediate_ca): set passphrase correctly Some checks failed Lint Markdown files / markdown-lint (push) Has been cancelled Details Ansible Linter / ansible-lint (push) Has been cancelled Details	2025-07-31 09:48:51 +02:00