Skip to content
Snippets Groups Projects
Commit a742c5d5 authored by void's avatar void
Browse files

zertifikatskette aufbauen

parent 911872b4
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
common/docker_traefik/tasks/certificate.yml
+ 16
2
View file @ a742c5d5
...@@ -73,12 +73,26 @@ ...@@ -73,12 +73,26 @@
when: not cert_cert_stat_result.stat.exists when: not cert_cert_stat_result.stat.exists
- name: "Create ServerCert from CSR" - name: "Create ServerCert from CSR"
community.crypto.x509_certificate: community.crypto.x509_certificate_pipe:
path: "{{ basedir }}/cert.pem"
csr_content: "{{ cert_csr.csr }}" csr_content: "{{ cert_csr.csr }}"
provider: ownca provider: ownca
ownca_path: "{{ basedir }}/ca.pem" ownca_path: "{{ basedir }}/ca.pem"
ownca_privatekey_path: "{{ basedir }}/ca.key" ownca_privatekey_path: "{{ basedir }}/ca.key"
ownca_not_after: +9999d # long lifetime ownca_not_after: +9999d # long lifetime
ownca_not_before: "-1d" # valid since yesterday ownca_not_before: "-1d" # valid since yesterday
register: cert
when: not cert_cert_stat_result.stat.exists
- name: "Create ServerCert chain"
community.crypto.certificate_complete_chain:
input_chain: "{{ cert.certificate }}"
root_certificates:
- "{{ basedir }}/ca.pem"
register: cert_chain
when: not cert_cert_stat_result.stat.exists when: not cert_cert_stat_result.stat.exists
- name: "Create ServerCert chain"
copy:
dest: "{{ basedir }}/cert.pem"
content: "{{ ''.join(cert_chain.complete_chain) }}"
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment