From d9bc0b6f6a86575d70a7858697e6f45215d454db Mon Sep 17 00:00:00 2001 From: Andrea Dell'Amico Date: Fri, 4 Jun 2021 13:54:13 +0200 Subject: [PATCH] chain -> fullchain --- tasks/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tasks/main.yml b/tasks/main.yml index 50a53a2..f3fd7bb 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -20,10 +20,10 @@ - block: - name: Import the Letsencrypt intermediate CA cert - shell: RETVAL= ; {{ java_keytool_bin }} -list -keystore {{ java_keystore_file }} -storepass {{ java_keystore_pwd }} -noprompt | grep {{ java_keystore_letsencrypt_trusted_ca }} ; RETVAL=$? ; if [ $RETVAL -ne 0 ] ; then {{ java_keytool_bin }} -trustcacerts -keystore {{ java_keystore_file }} -storepass {{ java_keystore_pwd }} -noprompt -importcert -alias {{ java_keystore_letsencrypt_trusted_ca }} -dname "CN={{ ansible_fqdn }}" -file {{ letsencrypt_acme_certs_dir }}/chain ; fi + shell: RETVAL= ; {{ java_keytool_bin }} -list -keystore {{ java_keystore_file }} -storepass {{ java_keystore_pwd }} -noprompt | grep {{ java_keystore_letsencrypt_trusted_ca }} ; RETVAL=$? ; if [ $RETVAL -ne 0 ] ; then {{ java_keytool_bin }} -trustcacerts -keystore {{ java_keystore_file }} -storepass {{ java_keystore_pwd }} -noprompt -importcert -alias {{ java_keystore_letsencrypt_trusted_ca }} -dname "CN={{ ansible_fqdn }}" -file {{ letsencrypt_acme_certs_dir }}/fullchain ; fi - name: Import the letsencrypt certificate - shell: RETVAL= ; {{ java_keytool_bin }} -list -keystore {{ java_keystore_file }} -storepass {{ java_keystore_pwd }} -noprompt | grep {{ ansible_fqdn }} ; RETVAL=$? ; if [ $RETVAL -ne 0 ] ; then openssl pkcs12 -export -in {{ letsencrypt_acme_certs_dir }}/cert -inkey {{ letsencrypt_acme_certs_dir }}/privkey -CAfile {{ letsencrypt_acme_certs_dir }}/chain -name "{{ ansible_fqdn }}" -out /var/tmp/{{ ansible_fqdn }}.p12 -password pass:{{ java_keystore_pwd }} ; {{ java_keytool_bin }} -importkeystore -srcstorepass {{ java_keystore_pwd }} -deststorepass {{ java_keystore_pwd }} -destkeystore {{ java_keystore_file }} -srckeystore /var/tmp/{{ ansible_fqdn }}.p12 -srcstoretype PKCS12 ; rm -f /var/tmp/{{ ansible_fqdn }}.p12 ; fi + shell: RETVAL= ; {{ java_keytool_bin }} -list -keystore {{ java_keystore_file }} -storepass {{ java_keystore_pwd }} -noprompt | grep {{ ansible_fqdn }} ; RETVAL=$? ; if [ $RETVAL -ne 0 ] ; then openssl pkcs12 -export -in {{ letsencrypt_acme_certs_dir }}/cert -inkey {{ letsencrypt_acme_certs_dir }}/privkey -CAfile {{ letsencrypt_acme_certs_dir }}/fullchain -name "{{ ansible_fqdn }}" -out /var/tmp/{{ ansible_fqdn }}.p12 -password pass:{{ java_keystore_pwd }} ; {{ java_keytool_bin }} -importkeystore -srcstorepass {{ java_keystore_pwd }} -deststorepass {{ java_keystore_pwd }} -destkeystore {{ java_keystore_file }} -srckeystore /var/tmp/{{ ansible_fqdn }}.p12 -srcstoretype PKCS12 ; rm -f /var/tmp/{{ ansible_fqdn }}.p12 ; fi when: - java_import_letsencrypt_cert