From e0000cde3f6bc40014d5c5c80c2c860eed20983a Mon Sep 17 00:00:00 2001
From: Michal Nasiadka <mnasiadka@gmail.com>
Date: Fri, 2 Dec 2022 14:05:57 +0100
Subject: [PATCH] vault_pki: Fix writing out cert if common name is empty

---
 roles/vault_pki/tasks/create_cert.yml | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/roles/vault_pki/tasks/create_cert.yml b/roles/vault_pki/tasks/create_cert.yml
index 4b92f42..383a2f7 100644
--- a/roles/vault_pki/tasks/create_cert.yml
+++ b/roles/vault_pki/tasks/create_cert.yml
@@ -11,12 +11,14 @@
   register: certificate_data
 
 - name: "Write out certificate pem_bundle"
+  vars:
+    cert_name: "{{ item.item.common_name if item.item.common_name | length > 0 else item.item.extra_params.ip_sans }}"
   copy:
     content: |
       {{ item.data.certificate }}
       {{ item.data.issuing_ca }}
       {{ item.data.private_key }}
-    dest: "{{ vault_pki_certificates_directory }}/{{ item.item.common_name | replace(' ', '-') }}.pem"
+    dest: "{{ vault_pki_certificates_directory }}/{{ cert_name | replace(' ', '-') }}.pem"
     mode: 0600
   delegate_to: "{{ vault_pki_write_certificates_host }}"
   loop: "{{ certificate_data.results }}"