--- - name: Generate privatekey openssl_privatekey: path: '{{ output_dir }}/privatekey.pem' - name: Generate CSR openssl_csr: path: '{{ output_dir }}/csr.csr' privatekey_path: '{{ output_dir }}/privatekey.pem' subject: commonName: www.example.com - name: Generate selfsigned certificate openssl_certificate: path: '{{ output_dir }}/cert.pem' csr_path: '{{ output_dir }}/csr.csr' privatekey_path: '{{ output_dir }}/privatekey.pem' provider: selfsigned selfsigned_digest: sha256 register: selfsigned_certificate - name: Generate selfsigned certificate openssl_certificate: path: '{{ output_dir }}/cert.pem' csr_path: '{{ output_dir }}/csr.csr' privatekey_path: '{{ output_dir }}/privatekey.pem' provider: selfsigned selfsigned_digest: sha256 register: selfsigned_certificate_idempotence - name: Generate selfsigned certificate (check mode) openssl_certificate: path: '{{ output_dir }}/cert.pem' csr_path: '{{ output_dir }}/csr.csr' privatekey_path: '{{ output_dir }}/privatekey.pem' provider: selfsigned selfsigned_digest: sha256 check_mode: yes - name: Check selfsigned certificate openssl_certificate: path: '{{ output_dir }}/cert.pem' privatekey_path: '{{ output_dir }}/privatekey.pem' provider: assertonly has_expired: False version: 3 signature_algorithms: - sha256WithRSAEncryption - sha256WithECDSAEncryption subject: commonName: www.example.com - name: Generate selfsigned v2 certificate openssl_certificate: path: '{{ output_dir }}/cert_v2.pem' csr_path: '{{ output_dir }}/csr.csr' privatekey_path: '{{ output_dir }}/privatekey.pem' provider: selfsigned selfsigned_digest: sha256 selfsigned_version: 2 - name: Generate privatekey2 openssl_privatekey: path: '{{ output_dir }}/privatekey2.pem' - name: Generate CSR2 openssl_csr: subject: CN: www.example.com C: US ST: California L: Los Angeles O: ACME Inc. OU: - Roadrunner pest control - Pyrotechnics path: '{{ output_dir }}/csr2.csr' privatekey_path: '{{ output_dir }}/privatekey2.pem' keyUsage: - digitalSignature extendedKeyUsage: - ipsecUser - biometricInfo - name: Generate selfsigned certificate2 openssl_certificate: path: '{{ output_dir }}/cert2.pem' csr_path: '{{ output_dir }}/csr2.csr' privatekey_path: '{{ output_dir }}/privatekey2.pem' provider: selfsigned selfsigned_digest: sha256 - name: Check selfsigned certificate2 openssl_certificate: path: '{{ output_dir }}/cert2.pem' privatekey_path: '{{ output_dir }}/privatekey2.pem' provider: assertonly has_expired: False version: 3 signature_algorithms: - sha256WithRSAEncryption - sha256WithECDSAEncryption subject: commonName: www.example.com C: US ST: California L: Los Angeles O: ACME Inc. OU: - Roadrunner pest control - Pyrotechnics keyUsage: - digitalSignature extendedKeyUsage: - ipsecUser - biometricInfo - name: Create private key 3 openssl_privatekey: path: "{{ output_dir }}/privatekey3.pem" - name: Create CSR 3 openssl_csr: subject: CN: www.example.com privatekey_path: "{{ output_dir }}/privatekey3.pem" path: "{{ output_dir }}/csr3.pem" - name: Create certificate3 with notBefore and notAfter openssl_certificate: provider: selfsigned selfsigned_not_before: 20181023133742Z selfsigned_not_after: 20191023133742Z path: "{{ output_dir }}/cert3.pem" csr_path: "{{ output_dir }}/csr3.pem" privatekey_path: "{{ output_dir }}/privatekey3.pem" - name: Generate privatekey openssl_privatekey: path: '{{ output_dir }}/privatekey_ecc.pem' type: ECC curve: secp256k1 - name: Generate CSR openssl_csr: path: '{{ output_dir }}/csr_ecc.csr' privatekey_path: '{{ output_dir }}/privatekey_ecc.pem' subject: commonName: www.example.com - name: Generate selfsigned certificate openssl_certificate: path: '{{ output_dir }}/cert_ecc.pem' csr_path: '{{ output_dir }}/csr_ecc.csr' privatekey_path: '{{ output_dir }}/privatekey_ecc.pem' provider: selfsigned selfsigned_digest: sha256 register: selfsigned_certificate_ecc - import_tasks: ../tests/validate_selfsigned.yml