Ansible/pki-server
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
b0d10fb992748b31d7ff09c5fc8c63c7ab0f2fbb
pki-server/roles/create_ldap_cert/tasks/main.yml
ytshih 9940e21540 Initial commit
2024-11-29 21:50:27 +00:00

34 lines
981 B
YAML
Raw Blame History

---
- name: Install ldap directory
ansible.builtin.file:
path: /etc/pki/ldap.konchin.com
state: directory
mode: '0700'
owner: root
group: root
- name: Create private key for ldap
community.crypto.openssl_privatekey:
path: /etc/pki/ldap.konchin.com/cert.key
- name: Create CSR for ldap
community.crypto.openssl_csr_pipe:
privatekey_path: /etc/pki/ldap.konchin.com/cert.key
subject_alt_name:
- 'DNS:ldap'
- 'DNS:ldaps'
- 'DNS:ldap.konchin.com'
- 'DNS:ldaps.konchin.com'
register: csr
- name: Sign with root ca
community.crypto.x509_certificate:
path: /etc/pki/ldap.konchin.com/cert.pem
csr_content: "{{ csr.csr }}"
provider: ownca
ownca_path: /etc/pki/konchin.com/rootca.pem
ownca_privatekey_path: /etc/pki/konchin.com/rootca.key
ownca_privatekey_passphrase: "{{ secret_ca_passphrase }}"
ownca_not_after: +365d # valid for one year
ownca_not_before: "-1d" # valid since yesterday
Reference in New Issue View Git Blame Copy Permalink