From ad8eae987beb3032e9461b60777b3c9917a01156 Mon Sep 17 00:00:00 2001
From: Andrea Dell'Amico <andrea.dellamico@isti.cnr.it>
Date: Wed, 6 Dec 2023 19:47:53 +0100
Subject: [PATCH] Add a passphrase to the pkcs12.

---
 tasks/main.yml | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/tasks/main.yml b/tasks/main.yml
index 4480f49..fb6e21f 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -25,6 +25,7 @@
         certificate_path: "{{ mkcert_cert_dest_path }}"
         privatekey_path: "{{ mkcert_key_dest_path }}"
         other_certificates: '{{ java_trusted_certificates_list }}'
+        passphrase: "{{ java_keystore_pwd }}"
         owner: root
         group: root
         mode: "0600"
@@ -33,9 +34,12 @@
     - name: Import the CA certificate
       community.general.java_cert:
         pkcs12_path: "{{ pki_dir }}/keys/{{ ansible_fqdn }}.pkcs12"
+        pkcs12_alias: "{{ java_keystore_cert_alias }}"
+        pkcs12_password: "{{ java_keystore_pwd }}"
         cert_alias: "{{ java_keystore_cert_alias }}"
         keystore_path: "{{ java_keystore_file }}"
         keystore_pass: "{{ java_keystore_pwd }}"
+        keystore_type: JKS
         keystore_create: true
         state: present
 
@@ -50,10 +54,11 @@
         action: export
         friendly_name: "{{ java_keystore_cert_alias }}"
         path: "{{ letsencrypt_acme_sh_certificates_install_path }}/{{ letsencrypt_acme_sh_certificates_install_dir }}.pkcs12"
-        certificate_path: "{{ letsencrypt_acme_sh_certificates_install_path }}/cert"
         privatekey_path: "{{ letsencrypt_acme_sh_certificates_install_path }}/privkey"
         other_certificates:
           - '{{ letsencrypt_acme_sh_certificates_install_path }}/fullchain'
+        other_certificates_parse_all: true
+        passphrase: "{{ java_keystore_pwd }}"
         owner: root
         group: root
         mode: "0600"
@@ -63,7 +68,10 @@
       community.general.java_cert:
         pkcs12_path: "{{ letsencrypt_acme_sh_certificates_install_path }}/{{ letsencrypt_acme_sh_certificates_install_dir }}.pkcs12"
         cert_alias: "{{ java_keystore_cert_alias }}"
+        pkcs12_alias: "{{ java_keystore_cert_alias }}"
+        pkcs12_password: "{{ java_keystore_pwd }}"
         keystore_path: "{{ java_keystore_file }}"
         keystore_pass: "{{ java_keystore_pwd }}"
+        keystore_type: JKS
         keystore_create: true
         state: present