From 67b71595c09babc143552276f79bdef7e0231724 Mon Sep 17 00:00:00 2001 From: Andrea Dell'Amico Date: Fri, 23 Sep 2016 11:45:14 +0200 Subject: [PATCH] library/roles/oracle-jdk/tasks/main.yml: Add the letsencrypt CA to the keyring only if the jdk version is <= 7. --- oracle-jdk/tasks/main.yml | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/oracle-jdk/tasks/main.yml b/oracle-jdk/tasks/main.yml index c79e2ee2..89972d31 100644 --- a/oracle-jdk/tasks/main.yml +++ b/oracle-jdk/tasks/main.yml @@ -38,7 +38,7 @@ notify: Set the default Oracle JDK - name: Install a custom version of Oracle JDK from a tar file - unarchive: src={{ jdk_tarfile }} dest={{ jdk_java_home_prefix }} + unarchive: src={{ jdk_tarfile }} dest={{ jdk_java_home_prefix }} copy={{ jdk_copy_tarfile | default(omit) }} when: '{{ jdk_use_tarfile }}' - name: Set fact jdk_installed @@ -46,9 +46,12 @@ - name: Get the Letsencrypt cross signed X3 CA certificate get_url: url='https://letsencrypt.org/certs/lets-encrypt-x3-cross-signed.der' dest=/srv/lets-encrypt-x3-cross-signed.der + when: jdk_default <= 7 - name: Change the default keyring. Insert the Letsencrypt X3 cross signed CA certificate shell: keytool -trustcacerts -keystore {{ jdk_java_home }}/jre/lib/security/cacerts -storepass changeit -noprompt -importcert -alias lets-encrypt-x3-cross-signed -file /srv/lets-encrypt-x3-cross-signed.der - when: ( jdk_install | changed ) + when: + - ( jdk_install | changed ) + - jdk_default <= 7 tags: [ 'oracle_jdk', 'jdk' ]