archive
/
ansible
mirror of https://github.com/ansible/ansible.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
devel
stable-2.15
stable-2.14
stable-2.16
stable-2.17
milestone
stable-2.12
stable-2.13
stable-2.9
stable-2.11
stable-2.3
stable-2.10
stable-2.8
stable-2.4
stable-2.5
stable-2.6
stable-2.7
temp-2.10-devel
mazer_role_loader
stable-2.2
threading_plus_forking
threading_instead_of_forking
stable-2.1
stable-1.9
stable-2.0
stable-2.0.0.1
stable-2.0-network
release1.8.4
release1.8.3
release1.8.2
release1.8.1
release1.8.0
release1.7.2
release1.7.1
release1.7.0
release1.6.8
release1.6.10
release1.6.9
release1.6.7
release1.6.6
release1.6.5
release1.6.4
release1.6.3
release1.6.2
release1.6.1
release1.6.0
release1.5.5
release1.5.4
release1.5.3
release1.5.2
release1.5.1
release1.5.0
v2.14.3
v2.13.8
v2.14.3rc1
v2.13.8rc1
v2.14.2
v2.14.2rc1
v2.14.1
v2.13.7
v2.13.7rc1
v2.14.1rc1
v2.13.6
v2.14.0
v2.14.0rc2
v2.13.6rc1
v2.14.0rc1
v2.14.0b3
v2.13.5
v2.12.10
v2.14.0b2
v2.13.5rc1
v2.12.10rc1
v2.14.0b1
v2.12.9
v2.13.4
v2.13.4rc1
v2.12.9rc1
v2.13.3
v2.12.8
v2.12.8rc1
v2.13.3rc1
v2.13.2
v2.13.2rc1
v2.12.7
v2.13.1
v2.12.7rc1
v2.13.1rc1
v2.12.6
v2.11.12
v2.12.6rc1
v2.11.12rc1
v2.13.0
v2.13.0rc1
v2.13.0b1
v2.12.5
v2.11.11
v2.12.5rc1
v2.11.11rc1
v2.13.0b0
v2.12.4
v2.11.10
v2.12.4rc1
v2.11.10rc1
v2.11.9
v2.12.3
v2.12.3rc1
v2.11.9rc1
v2.12.2
v2.11.8
v2.10.17
v2.12.2rc1
v2.11.8rc1
v2.10.17rc1
v2.12.1
v2.11.7
v2.10.16
v2.10.16rc1
v2.11.7rc1
v2.12.1rc1
v2.12.0
v2.12.0rc1
v2.12.0b2
v2.11.6
v2.10.15
v2.9.27
v2.9.27rc1
v2.10.15rc1
v2.11.6rc1
v2.12.0b1
v2.11.5
v2.10.14
v2.9.26
v2.11.5rc1
v2.10.14rc1
v2.9.26rc1
v2.11.4
v2.10.13
v2.9.25
v2.9.25rc1
v2.10.13rc1
v2.11.4rc1
v2.11.3
v2.10.12
v2.9.24
v2.11.3rc1
v2.10.12rc1
v2.9.24rc1
v2.9.23
v2.10.11
v2.11.2
v2.11.2rc1
v2.10.11rc1
v2.9.23rc1
v2.11.1
v2.10.10
v2.9.22
v2.9.22rc1
v2.10.10rc1
v2.11.1rc1
v2.10.9
v2.9.21
v2.10.9rc1
v2.9.21rc1
v2.11.0
v2.8.20
v2.9.20
v2.10.8
v2.11.0rc2
v2.8.20rc1
v2.9.20rc1
v2.10.8rc1
v2.11.0rc1
stable-2.11-branchpoint
v2.11.0b4
v2.11.0b3
v2.11.0b2
v2.10.7
v2.9.19
v2.10.7rc1
v2.9.19rc1
v2.11.0b1
v2.8.19
v2.9.18
v2.10.6
v2.8.19rc1
v2.9.18rc1
v2.10.6rc1
v2.9.17
v2.10.5
v2.10.5rc1
v2.9.17rc1
v2.8.18
v2.9.16
v2.10.4
v2.8.18rc1
v2.9.16rc1
v2.10.4rc1
v2.8.17
v2.9.15
v2.10.3
v2.8.17rc1
v2.9.15rc1
v2.10.3rc1
v2.10.2
v2.9.14
v2.8.16
v2.8.16rc1
v2.9.14rc1
v2.10.2rc1
v2.10.1
v2.10.1rc3
v2.10.1rc2
v2.8.15
v2.9.13
v2.10.0
v2.9.12
v2.8.14
v2.10.0rc4
v2.10.0rc3
v2.10.0rc2
v2.10.0rc1
v2.9.11
v2.8.13
v2.9.10
v2.10.0b1
stable-2.10-branchpoint
v2.9.9
v2.7.18
v2.8.12
v2.9.8
v2.9.7
v2.8.11
v2.7.17
pre-ansible-base
v2.8.10
v2.8.9
v2.9.6
v2.9.5
v2.9.4
v2.9.3
v2.8.8
v2.7.16
v2.9.2
v2.9.1
v2.8.7
v2.7.15
v2.9.0
v2.9.0rc5
v2.8.6
v2.7.14
v2.9.0rc4
v2.6.20
v2.9.0rc3
v2.9.0rc2
v2.9.0rc1
v2.8.5
v2.9.0b1
stable-2.9-branchpoint
v2.6.19
v2.7.13
v2.8.4
v2.8.3
v2.6.18
v2.7.12
v2.8.2
v2.8.1
v2.7.11
v2.6.17
v2.8.0
v2.8.0rc3
v2.8.0rc2
v2.8.0rc1
v2.8.0b1
v2.8.0a1
v2.6.16
v2.7.10
v2.6.15
v2.7.9
v2.7.8
v2.6.14
v2.5.15
v2.7.7
v2.6.13
v2.6.12
v2.7.6
v2.5.14
v2.7.5
v2.6.11
v2.6.10
v2.7.4
v2.5.13
v2.7.3
v2.6.9
v2.5.12
v2.6.8
v2.7.2
v2.6.7
v2.5.11
v2.7.1
v2.6.6
v2.7.0
v2.6.5
v2.7.0rc4
v2.5.10
v2.7.0rc3
v2.7.0rc2
v2.5.9
v2.6.4
v2.7.0rc1
v2.7.0b1
v2.7.0.a1
v2.6.3
v2.5.8
v2.6.2
v2.5.7
v2.6.1
v2.5.6
v2.4.6.0-1
v2.6.0
v2.6.0rc5
v2.6.0rc4
v2.4.5.0-1
v2.6.0rc3
v2.5.5
v2.4.5.0-0.1.rc1
v2.6.0rc2
v2.6.0rc1
v2.5.4
v2.6.0a2
v2.6.0a1
v2.5.3
v2.5.2
v2.5.1
v2.4.4.0-1
v2.4.4.0-0.3.rc2
v2.5.0
v2.5.0rc3
v2.5.0rc2
v2.4.4-0.2.rc1
v2.3.4.0-0.1.rc1
v2.5.0rc1
v2.4.4-0.1.beta1
v2.5.0b1
v2.5.0a1
v2.4.3.0-1
v2.4.3.0-0.6.rc3
v2.4.3.0-0.5.rc2
v2.4.3.0-0.4.rc1
v2.4.3-0.3.beta3
v2.4.3.0-0.2.beta2
v2.3.3.0-1
v2.4.3.0-0.1.beta1
v2.4.2.0-1
v2.4.2.0-0.5.rc1
v2.4.2.0-0.4.beta4
v2.3.3.0-0.3.rc3
v2.4.2.0-0.3.beta3
v2.4.2.0-0.2.beta2
v2.4.2.0-0.1.beta1
v2.4.1.0-1
v2.4.1.0-0.4.rc2
v2.3.3.0-0.2.rc2
v2.4.1.0-0.3.rc1
v2.4.1.0-0.2.beta2
v2.3.3.0-0.1.rc1
v2.4.1.0-0.1.beta1
v2.4.0.0-1
v2.4.0.0-0.5.rc5
v2.4.0.0-0.4.rc4
v2.4.0.0-0.3.rc3
v2.4.0.0-0.2.rc2
v2.4.0.0-0.1.rc1
v2.3.2.0-1
v2.3.2.0-0.5.rc5
v2.3.2.0-0.4.rc4
v2.3.2.0-0.3.rc3
v2.3.2.0-0.2.rc2
v2.3.2.0-0.1.rc1
v2.1.6.0-1
v2.3.1.0-1
v2.3.1.0-0.2.rc2
v2.2.3.0-1
v2.1.6.0-0.1.rc1
v2.3.1.0-0.1.rc1
v2.3.0.0-1
v2.3.0.0-0.6.rc6
v2.3.0.0-0.5.rc5
v2.3.0.0-0.4.rc4
v2.2.3.0-0.1.rc1
v2.3.0.0-0.3.rc3
v2.3.0.0-0.2.rc2
v2.2.2.0-1
v2.1.5.0-1
v2.3.0.0-0.1.rc1
v2.1.5.0-0.2.rc2
v2.2.2.0-0.2.rc2
v2.1.5.0-0.1.rc1
v2.2.2.0-0.1.rc1
v2.1.4.0-1
v2.2.1.0-1
v2.1.4.0-0.3.rc3
v2.2.1.0-0.5.rc5
v2.1.4.0-0.2.rc2
v2.2.1.0-0.4.rc4
v2.1.4.0-0.1.rc1
v2.2.1.0-0.3.rc3
v2.2.1.0-0.2.rc2
v2.2.1.0-0.1.rc1
v2.1.3.0-1
v2.2.0.0-1
v2.2.0.0-0.4.rc4
v2.1.3.0-0.3.rc3
v2.1.3.0-0.2.rc2
v2.2.0.0-0.3.rc3
v2.1.3.0-0.1.rc1
v2.2.0.0-0.2.rc2
v2.2.0.0-0.1.rc1
v2.1.2.0-1
v2.1.2.0-0.5.rc5
v2.1.2.0-0.4.rc4
v2.1.2.0-0.3.rc3
v2.1.2.0-0.2.rc2
v2.1.2.0-0.1.rc1
v2.1.1.0-1
v2.1.1.0-0.5.rc5
v2.1.1.0-0.4.rc4
v2.1.1.0-0.3.rc3
v2.1.1.0-0.2.rc2
v2.1.1.0-0.1.rc1
v2.1.0.0-1
v2.1.0.0-0.4.rc4
v2.1.0.0-0.2.rc2
v2.1.0.0-0.3.rc3
v2.1.0.0-0.1.rc1
v2.0.2.0-1
v1.9.6-1
v2.0.2.0-0.4.rc4
v2.0.2.0-0.3.rc3
v1.9.6-0.1.rc1
v2.0.2.0-0.2.rc2
v2.0.2.0-0.1.rc1
v1.9.5-1
v1.9.5-0.1.rc1
v2.0.1.0-1
v2.0.1.0-0.2.rc2
v2.0.1.0-0.1.rc1
v2.0.0.2-1
v2.0.0.1-1
v2.0.0.0-1
v2.0.0-0.9.rc4
v2.0.0-0.8.rc3
v2.0.0-0.7.rc2
v2.0.0-0.6.rc1
v2.0.0-0.5.beta3
v2.0.0-0.4.beta2
v1.9.4-1
v2.0.0-0.3.beta1
v1.9.4-0.3.rc3
v1.9.4-0.2.rc2
v1.9.4-0.1.rc1
v2.0.0-0.2.alpha2
v1.9.3-1
v2.0.0-0.1.alpha1
v1.9.3-0.3.rc3
v1.9.3-0.2.rc2
v1.9.3-0.1.rc1
v1.9.2-1
v1.9.2-0.2.rc2
v1_last
v1.9.2-0.1.rc1
v1.9.1-1
v1.9.1-0.4.rc4
v1.9.1-0.3.rc3
v1.9.1-0.2.rc2
v1.9.1-0.1.rc1
v1.9.0.1-1
v1.9.0-2
v1.9.0-1
v1.9.0-0.2.rc2
v1.9.0-0.1.rc1
v1.8.4
v1.8.3
v1.8.2
v1.8.1
v1.8.0
v1.7.2
v1.7.1
v1.7.0
v1.6.10
v1.6.9
v1.6.8
v1.6.7
v1.6.6
v1.6.5
v1.6.4
v1.6.3
v1.6.2
v1.6.1
v1.6.0
v1.5.5
v1.5.4
v1.5.3
v1.5.2
v1.5.1
v1.5.0
v1.4.5
v1.4.4
v1.4.3
v1.4.2
v1.4.1
v1.4.0
v1.3.4
v1.3.3
v1.3.2
v1.3.1
v1.3.0
v1.2.3
v1.2.2
v1.2.1
v1.2
v1.1
v1.0
0.8
0.7.2
0.7
0.6
0.5
0.4.1
0.4
0.3.1
0.3
0.01
0.0.1
0.0.2
0.7.1
v0.9
v2.13.10
v2.13.10rc1
v2.13.11
v2.13.11rc1
v2.13.12
v2.13.12rc1
v2.13.13
v2.13.13rc1
v2.13.9
v2.13.9rc1
v2.14.10
v2.14.10rc1
v2.14.11
v2.14.11rc1
v2.14.12
v2.14.12rc1
v2.14.13
v2.14.14
v2.14.14rc1
v2.14.15
v2.14.15rc1
v2.14.16
v2.14.16rc1
v2.14.17
v2.14.17rc1
v2.14.4
v2.14.4rc1
v2.14.5
v2.14.5rc1
v2.14.6
v2.14.6rc1
v2.14.7
v2.14.7rc1
v2.14.8
v2.14.8rc1
v2.14.9
v2.14.9rc1
v2.15.0
v2.15.0b1
v2.15.0b2
v2.15.0b3
v2.15.0rc1
v2.15.0rc2
v2.15.1
v2.15.10
v2.15.10rc1
v2.15.11
v2.15.11rc1
v2.15.12
v2.15.12rc1
v2.15.1rc1
v2.15.2
v2.15.2rc1
v2.15.3
v2.15.3rc1
v2.15.4
v2.15.4rc1
v2.15.5
v2.15.5rc1
v2.15.6
v2.15.6rc1
v2.15.7
v2.15.7rc1
v2.15.8
v2.15.9
v2.15.9rc1
v2.16.0
v2.16.0b1
v2.16.0b2
v2.16.0rc1
v2.16.1
v2.16.10
v2.16.10rc1
v2.16.11
v2.16.11rc1
v2.16.1rc1
v2.16.2
v2.16.3
v2.16.3rc1
v2.16.4
v2.16.4rc1
v2.16.5
v2.16.5rc1
v2.16.6
v2.16.7
v2.16.7rc1
v2.16.8
v2.16.8rc1
v2.16.9
v2.16.9rc1
v2.17.0
v2.17.0b1
v2.17.0rc1
v2.17.0rc2
v2.17.1
v2.17.1rc1
v2.17.2
v2.17.2rc1
v2.17.2rc2
v2.17.3
v2.17.3rc1
v2.17.4
v2.17.4rc1
v2.5.0b2
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '627c5e7f50'
${ noResults }
ansible/test/integration/targets/openssl_certificate/tasks/expired.yml

49 lines
2.0 KiB
YAML
Raw Normal View History Unescape Escape

openssl_certificate, fixed has_expired to check the cert expiration date (#53168)
6 years ago
---
New cryptography backend for openssl_certificate (#53924) * New cryptography backend for openssl_certificate load_* functions in module_utils/crypto.py now have a backend paramter which when set to 'cryptography' will return cryptography objects so they can be used for both pyopenssl and cryptography backends. Added a select_message_digest function too returning a cryptography digest hash from `cryptography.hazmat.primitives.hashes` Added new classes for Cryptography backend * Run test with various backends. * Prefixing tests. * Make sure we have the correct backend available. * Linting (flake8). * Moved cryptography import to separate try/except * Make sure certificate is actually valid at some time in the past. * Improve error handling. * Trying to fix validation for cryptography backend. * Fixed issue with keyUsage test in assertonly * Fixed CI/Lint issues * Fix private key problem for OwnCA. * Cryptography backend doesn't support v2 certs. * issue an expired cert with command when using cryptography backend * Added warning when backend is auto and v2 cert is requested * Bumped min cryptography version to 1.6 * Correctly check for failure when backend is cryptography and cert is v2 * Use self.backend where possible * Use secp521r1 EC when testing on CentOS6 * Fixed pylint issue * AcmeCertificate support for both backends * Review fixes * Fixed missing '(' when raising error * Fixed date_fmt loop * Updated docs and requirements with cryptography * Add openssl_certificate to changelog.
6 years ago
- name: (Expired, {{select_crypto_backend}}) Generate privatekey
openssl_certificate, fixed has_expired to check the cert expiration date (#53168)
6 years ago
openssl_privatekey:
path: '{{ output_dir }}/has_expired_privatekey.pem'
New cryptography backend for openssl_certificate (#53924) * New cryptography backend for openssl_certificate load_* functions in module_utils/crypto.py now have a backend paramter which when set to 'cryptography' will return cryptography objects so they can be used for both pyopenssl and cryptography backends. Added a select_message_digest function too returning a cryptography digest hash from `cryptography.hazmat.primitives.hashes` Added new classes for Cryptography backend * Run test with various backends. * Prefixing tests. * Make sure we have the correct backend available. * Linting (flake8). * Moved cryptography import to separate try/except * Make sure certificate is actually valid at some time in the past. * Improve error handling. * Trying to fix validation for cryptography backend. * Fixed issue with keyUsage test in assertonly * Fixed CI/Lint issues * Fix private key problem for OwnCA. * Cryptography backend doesn't support v2 certs. * issue an expired cert with command when using cryptography backend * Added warning when backend is auto and v2 cert is requested * Bumped min cryptography version to 1.6 * Correctly check for failure when backend is cryptography and cert is v2 * Use self.backend where possible * Use secp521r1 EC when testing on CentOS6 * Fixed pylint issue * AcmeCertificate support for both backends * Review fixes * Fixed missing '(' when raising error * Fixed date_fmt loop * Updated docs and requirements with cryptography * Add openssl_certificate to changelog.
6 years ago
- name: (Expired, {{select_crypto_backend}}) Generate CSR
openssl_certificate, fixed has_expired to check the cert expiration date (#53168)
6 years ago
openssl_csr:
path: '{{ output_dir }}/has_expired_csr.csr'
privatekey_path: '{{ output_dir }}/has_expired_privatekey.pem'
subject:
commonName: www.example.com
New cryptography backend for openssl_certificate (#53924) * New cryptography backend for openssl_certificate load_* functions in module_utils/crypto.py now have a backend paramter which when set to 'cryptography' will return cryptography objects so they can be used for both pyopenssl and cryptography backends. Added a select_message_digest function too returning a cryptography digest hash from `cryptography.hazmat.primitives.hashes` Added new classes for Cryptography backend * Run test with various backends. * Prefixing tests. * Make sure we have the correct backend available. * Linting (flake8). * Moved cryptography import to separate try/except * Make sure certificate is actually valid at some time in the past. * Improve error handling. * Trying to fix validation for cryptography backend. * Fixed issue with keyUsage test in assertonly * Fixed CI/Lint issues * Fix private key problem for OwnCA. * Cryptography backend doesn't support v2 certs. * issue an expired cert with command when using cryptography backend * Added warning when backend is auto and v2 cert is requested * Bumped min cryptography version to 1.6 * Correctly check for failure when backend is cryptography and cert is v2 * Use self.backend where possible * Use secp521r1 EC when testing on CentOS6 * Fixed pylint issue * AcmeCertificate support for both backends * Review fixes * Fixed missing '(' when raising error * Fixed date_fmt loop * Updated docs and requirements with cryptography * Add openssl_certificate to changelog.
6 years ago
- name: (Expired, {{select_crypto_backend}}) Generate expired selfsigned certificate
openssl_certificate, fixed has_expired to check the cert expiration date (#53168)
6 years ago
openssl_certificate:
path: '{{ output_dir }}/has_expired_cert.pem'
csr_path: '{{ output_dir }}/has_expired_csr.csr'
privatekey_path: '{{ output_dir }}/has_expired_privatekey.pem'
provider: selfsigned
selfsigned_digest: sha256
selfsigned_not_after: "-1s"
New cryptography backend for openssl_certificate (#53924) * New cryptography backend for openssl_certificate load_* functions in module_utils/crypto.py now have a backend paramter which when set to 'cryptography' will return cryptography objects so they can be used for both pyopenssl and cryptography backends. Added a select_message_digest function too returning a cryptography digest hash from `cryptography.hazmat.primitives.hashes` Added new classes for Cryptography backend * Run test with various backends. * Prefixing tests. * Make sure we have the correct backend available. * Linting (flake8). * Moved cryptography import to separate try/except * Make sure certificate is actually valid at some time in the past. * Improve error handling. * Trying to fix validation for cryptography backend. * Fixed issue with keyUsage test in assertonly * Fixed CI/Lint issues * Fix private key problem for OwnCA. * Cryptography backend doesn't support v2 certs. * issue an expired cert with command when using cryptography backend * Added warning when backend is auto and v2 cert is requested * Bumped min cryptography version to 1.6 * Correctly check for failure when backend is cryptography and cert is v2 * Use self.backend where possible * Use secp521r1 EC when testing on CentOS6 * Fixed pylint issue * AcmeCertificate support for both backends * Review fixes * Fixed missing '(' when raising error * Fixed date_fmt loop * Updated docs and requirements with cryptography * Add openssl_certificate to changelog.
6 years ago
selfsigned_not_before: "-100s"
select_crypto_backend: '{{ select_crypto_backend }}'
when: select_crypto_backend == 'pyopenssl' # cryptography won't allow creating expired certificates
openssl_certificate, fixed has_expired to check the cert expiration date (#53168)
6 years ago
New cryptography backend for openssl_certificate (#53924) * New cryptography backend for openssl_certificate load_* functions in module_utils/crypto.py now have a backend paramter which when set to 'cryptography' will return cryptography objects so they can be used for both pyopenssl and cryptography backends. Added a select_message_digest function too returning a cryptography digest hash from `cryptography.hazmat.primitives.hashes` Added new classes for Cryptography backend * Run test with various backends. * Prefixing tests. * Make sure we have the correct backend available. * Linting (flake8). * Moved cryptography import to separate try/except * Make sure certificate is actually valid at some time in the past. * Improve error handling. * Trying to fix validation for cryptography backend. * Fixed issue with keyUsage test in assertonly * Fixed CI/Lint issues * Fix private key problem for OwnCA. * Cryptography backend doesn't support v2 certs. * issue an expired cert with command when using cryptography backend * Added warning when backend is auto and v2 cert is requested * Bumped min cryptography version to 1.6 * Correctly check for failure when backend is cryptography and cert is v2 * Use self.backend where possible * Use secp521r1 EC when testing on CentOS6 * Fixed pylint issue * AcmeCertificate support for both backends * Review fixes * Fixed missing '(' when raising error * Fixed date_fmt loop * Updated docs and requirements with cryptography * Add openssl_certificate to changelog.
6 years ago
- name: (Expired, {{select_crypto_backend}}) Generate expired selfsigned certificate
command: "openssl x509 -req -days -1 -in {{ output_dir }}/has_expired_csr.csr -signkey {{ output_dir }}/has_expired_privatekey.pem -out {{ output_dir }}/has_expired_cert.pem"
when: select_crypto_backend == 'cryptography' # So we create it with 'command'
- name: "(Expired) Check task fails because cert is expired (has_expired: false)"
openssl_certificate, fixed has_expired to check the cert expiration date (#53168)
6 years ago
openssl_certificate:
provider: assertonly
path: "{{ output_dir }}/has_expired_cert.pem"
has_expired: false
New cryptography backend for openssl_certificate (#53924) * New cryptography backend for openssl_certificate load_* functions in module_utils/crypto.py now have a backend paramter which when set to 'cryptography' will return cryptography objects so they can be used for both pyopenssl and cryptography backends. Added a select_message_digest function too returning a cryptography digest hash from `cryptography.hazmat.primitives.hashes` Added new classes for Cryptography backend * Run test with various backends. * Prefixing tests. * Make sure we have the correct backend available. * Linting (flake8). * Moved cryptography import to separate try/except * Make sure certificate is actually valid at some time in the past. * Improve error handling. * Trying to fix validation for cryptography backend. * Fixed issue with keyUsage test in assertonly * Fixed CI/Lint issues * Fix private key problem for OwnCA. * Cryptography backend doesn't support v2 certs. * issue an expired cert with command when using cryptography backend * Added warning when backend is auto and v2 cert is requested * Bumped min cryptography version to 1.6 * Correctly check for failure when backend is cryptography and cert is v2 * Use self.backend where possible * Use secp521r1 EC when testing on CentOS6 * Fixed pylint issue * AcmeCertificate support for both backends * Review fixes * Fixed missing '(' when raising error * Fixed date_fmt loop * Updated docs and requirements with cryptography * Add openssl_certificate to changelog.
6 years ago
select_crypto_backend: '{{ select_crypto_backend }}'
openssl_certificate, fixed has_expired to check the cert expiration date (#53168)
6 years ago
ignore_errors: true
register: expired_cert_check
New cryptography backend for openssl_certificate (#53924) * New cryptography backend for openssl_certificate load_* functions in module_utils/crypto.py now have a backend paramter which when set to 'cryptography' will return cryptography objects so they can be used for both pyopenssl and cryptography backends. Added a select_message_digest function too returning a cryptography digest hash from `cryptography.hazmat.primitives.hashes` Added new classes for Cryptography backend * Run test with various backends. * Prefixing tests. * Make sure we have the correct backend available. * Linting (flake8). * Moved cryptography import to separate try/except * Make sure certificate is actually valid at some time in the past. * Improve error handling. * Trying to fix validation for cryptography backend. * Fixed issue with keyUsage test in assertonly * Fixed CI/Lint issues * Fix private key problem for OwnCA. * Cryptography backend doesn't support v2 certs. * issue an expired cert with command when using cryptography backend * Added warning when backend is auto and v2 cert is requested * Bumped min cryptography version to 1.6 * Correctly check for failure when backend is cryptography and cert is v2 * Use self.backend where possible * Use secp521r1 EC when testing on CentOS6 * Fixed pylint issue * AcmeCertificate support for both backends * Review fixes * Fixed missing '(' when raising error * Fixed date_fmt loop * Updated docs and requirements with cryptography * Add openssl_certificate to changelog.
6 years ago
- name: (Expired, {{select_crypto_backend}}) Ensure previous task failed
openssl_certificate, fixed has_expired to check the cert expiration date (#53168)
6 years ago
assert:
that: expired_cert_check is failed
New cryptography backend for openssl_certificate (#53924) * New cryptography backend for openssl_certificate load_* functions in module_utils/crypto.py now have a backend paramter which when set to 'cryptography' will return cryptography objects so they can be used for both pyopenssl and cryptography backends. Added a select_message_digest function too returning a cryptography digest hash from `cryptography.hazmat.primitives.hashes` Added new classes for Cryptography backend * Run test with various backends. * Prefixing tests. * Make sure we have the correct backend available. * Linting (flake8). * Moved cryptography import to separate try/except * Make sure certificate is actually valid at some time in the past. * Improve error handling. * Trying to fix validation for cryptography backend. * Fixed issue with keyUsage test in assertonly * Fixed CI/Lint issues * Fix private key problem for OwnCA. * Cryptography backend doesn't support v2 certs. * issue an expired cert with command when using cryptography backend * Added warning when backend is auto and v2 cert is requested * Bumped min cryptography version to 1.6 * Correctly check for failure when backend is cryptography and cert is v2 * Use self.backend where possible * Use secp521r1 EC when testing on CentOS6 * Fixed pylint issue * AcmeCertificate support for both backends * Review fixes * Fixed missing '(' when raising error * Fixed date_fmt loop * Updated docs and requirements with cryptography * Add openssl_certificate to changelog.
6 years ago
- name: "(Expired) Check expired cert check is ignored (has_expired: true)"
openssl_certificate, fixed has_expired to check the cert expiration date (#53168)
6 years ago
openssl_certificate:
provider: assertonly
path: "{{ output_dir }}/has_expired_cert.pem"
has_expired: true
New cryptography backend for openssl_certificate (#53924) * New cryptography backend for openssl_certificate load_* functions in module_utils/crypto.py now have a backend paramter which when set to 'cryptography' will return cryptography objects so they can be used for both pyopenssl and cryptography backends. Added a select_message_digest function too returning a cryptography digest hash from `cryptography.hazmat.primitives.hashes` Added new classes for Cryptography backend * Run test with various backends. * Prefixing tests. * Make sure we have the correct backend available. * Linting (flake8). * Moved cryptography import to separate try/except * Make sure certificate is actually valid at some time in the past. * Improve error handling. * Trying to fix validation for cryptography backend. * Fixed issue with keyUsage test in assertonly * Fixed CI/Lint issues * Fix private key problem for OwnCA. * Cryptography backend doesn't support v2 certs. * issue an expired cert with command when using cryptography backend * Added warning when backend is auto and v2 cert is requested * Bumped min cryptography version to 1.6 * Correctly check for failure when backend is cryptography and cert is v2 * Use self.backend where possible * Use secp521r1 EC when testing on CentOS6 * Fixed pylint issue * AcmeCertificate support for both backends * Review fixes * Fixed missing '(' when raising error * Fixed date_fmt loop * Updated docs and requirements with cryptography * Add openssl_certificate to changelog.
6 years ago
select_crypto_backend: '{{ select_crypto_backend }}'
openssl_certificate, fixed has_expired to check the cert expiration date (#53168)
6 years ago
register: expired_cert_skip