Manage a generic CA cert file, provided via a URL.

This commit is contained in:
Andrea Dell'Amico 2019-11-04 18:53:08 +01:00
parent d1b27304f3
commit 3108ff7ee9
2 changed files with 4 additions and 2 deletions

View File

@ -101,6 +101,7 @@ pki_dir: /etc/pki
pki_subdirs:
- certs
- keys
pki_install_a_custom_ca: False
# Install our /etc/resolv.conf
install_resolvconf: True

View File

@ -6,6 +6,7 @@
notify: Update the CA bundle list
tags: ca
- name: Install a CA file that contains both the letsencrypt complete chain, the INFN CA certs and the TERENA personal certs CA
copy: src=infn-letsencrypt-ca.crt dest={{ pki_dir }}/infn-letsencrypt-ca.crt
- name: Install a CA file with the certificates that we need. From a URL
get_url: url={{ pki_custom_ca_url }} dest={{ pki_dir }}/{{ pki_custom_ca_filename }}
when: pki_install_a_custom_ca | bool
tags: ca