Fix the self signed certificate generation.
This commit is contained in:
parent
f5e287613b
commit
2c19eff17f
|
@ -51,11 +51,23 @@
|
|||
get_url: url={{ rsyslog_remote_ca_url }} dest={{ rsyslog_tls_ca }} owner=root group=root mode='0644'
|
||||
when: rsyslog_ca_is_remote
|
||||
|
||||
- name: Check if the certificate file is present
|
||||
- name: Check if a private key for the certificate is present
|
||||
stat:
|
||||
path: '{{ rsyslog_tls_cert }}'
|
||||
path: '{{ rsyslog_tls_key }}'
|
||||
get_checksum: no
|
||||
register: cert_file_presence
|
||||
register: cert_key_presence
|
||||
|
||||
- name: Create a certificate private key
|
||||
openssl_privatekey:
|
||||
path: '{{ rsyslog_tls_key }}'
|
||||
when: not cert_key_presence.stat.exists
|
||||
|
||||
- name: Create a certificate request
|
||||
openssl_csr:
|
||||
path: '{{ rsyslog_tls_certs_dir }}/cert.csr'
|
||||
privatekey_path: '{{ rsyslog_tls_key }}'
|
||||
common_name: '{{ ansible_fqdn }}'
|
||||
when: not cert_key_presence.stat.exists
|
||||
|
||||
- name: Create a self signed certificate is one is not present
|
||||
openssl_certificate:
|
||||
|
@ -63,7 +75,7 @@
|
|||
privatekey_path: '{{ rsyslog_tls_key }}'
|
||||
csr_path: '{{ rsyslog_tls_certs_dir }}/cert.csr'
|
||||
provider: selfsigned
|
||||
when: not cert_file_presence.stat.exists
|
||||
when: not cert_key_presence.stat.exists
|
||||
|
||||
when:
|
||||
- rsyslog_tls_status == 'enabled'
|
||||
|
|
Loading…
Reference in New Issue