diff --git a/tasks/trusted_ca.yml b/tasks/trusted_ca.yml index d9d74a7..96d3b79 100644 --- a/tasks/trusted_ca.yml +++ b/tasks/trusted_ca.yml @@ -34,12 +34,12 @@ - name: Ensure that ca-certificates is installed apt: pkg=ca-certificates state=present cache_valid_time=1800 - - name: Get the CA files that we want to trust + - name: Get the CA files that we want to trust on deb get_url: url={{ item.ca_url }} dest=/etc/ssl/certs/{{ item.ca }} owner=root group=root mode='0444' with_items: '{{ trusted_ca_additional_ca_files }}' register: ca_files_installation - - name: Trust the CA files + - name: Trust the CA files on deb command: /usr/sbin/update-ca-certificates when: ca_files_installation is changed @@ -49,11 +49,11 @@ - name: Manage the Letsencrypt CA files on deb block: - name: Copy the letsencrypt CA files on deb - copy: src=letsencrypt_ca_files/{{ item.ca }} dest=/etc/pki/ca-trust/source/anchors/{{ item.ca }} owner=root group=root mode='0444' + copy: src=letsencrypt_ca_files/{{ item.ca }} dest=/etc/ssl/certs/{{ item.ca }} owner=root group=root mode='0444' with_items: '{{ trusted_ca_letsencrypt_ca_files }}' register: letsencrypt_ca_files_installation - - name: Trust the CA files on EL + - name: Trust the CA files on deb command: /usr/sbin/update-ca-certificates when: letsencrypt_ca_files_installation is changed