From 0a7b0837615f09af2e1c94c089891d3fd6386363 Mon Sep 17 00:00:00 2001 From: Andrea Dell'Amico Date: Fri, 8 Oct 2021 13:41:21 +0200 Subject: [PATCH] Always update the ca-certificates package. --- tasks/trusted_ca.yml | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/tasks/trusted_ca.yml b/tasks/trusted_ca.yml index eec71aa..fa0f034 100644 --- a/tasks/trusted_ca.yml +++ b/tasks/trusted_ca.yml @@ -47,8 +47,11 @@ - name: Manage optional CA files on deb block: - - name: Ensure that ca-certificates is installed - apt: pkg=ca-certificates state=present cache_valid_time=1800 + - name: Ensure that ca-certificates is installed and up to date + apt: + pkg: ca-certificates + state: latest + cache_valid_time: 1800 - name: Get the CA files that we want to trust on deb get_url: url={{ item.ca_url }} dest={{ trusted_ca_deb_path }}/{{ item.ca }} owner=root group=root mode='0444'