/
build-ca.yml
35 lines (32 loc) · 1.07 KB
/
build-ca.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
- name: Create local CA
hosts: localhost
connection: local
tags:
- control
- CA
any_errors_fatal: true
gather_facts: no
tasks:
- name: Ensure directory exists for local self-signed TLS certs.
file:
path: "{{ sdwan_cert_dir }}"
state: directory
- name: Generate an OpenSSL private key.
openssl_privatekey:
cipher: des3
passphrase: "{{ sdwan_CA_passphrase }}"
path: "{{ sdwan_cert_dir }}/myCA.key"
- name: Generate an OpenSSL CSR.
openssl_csr:
path: "{{ sdwan_cert_dir }}/myCA.csr"
privatekey_path: "{{ sdwan_cert_dir }}/myCA.key"
privatekey_passphrase: "{{ sdwan_CA_passphrase }}"
common_name: viptelaCA.local
- name: Generate a Self Signed OpenSSL certificate.
openssl_certificate:
path: "{{ sdwan_cert_dir }}/myCA.pem"
privatekey_path: "{{ sdwan_cert_dir }}/myCA.key"
privatekey_passphrase: "{{ sdwan_CA_passphrase }}"
csr_path: "{{ sdwan_cert_dir }}/myCA.csr"
# select_crypto_backend: pyopenssl
provider: selfsigned