From d74caa1d87a3ba369e454b6c24acfc1ca236b949 Mon Sep 17 00:00:00 2001
From: Andrea Dell'Amico <adellam@isti.cnr.it>
Date: Mon, 23 Oct 2017 19:09:04 +0200
Subject: [PATCH] pki-basics: shorten the certificate CN because when we use
 long hostnames it could overflow.

---
 ubuntu-deb-general/tasks/pki-basics.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ubuntu-deb-general/tasks/pki-basics.yml b/ubuntu-deb-general/tasks/pki-basics.yml
index f51c0eb1..c1e3379d 100644
--- a/ubuntu-deb-general/tasks/pki-basics.yml
+++ b/ubuntu-deb-general/tasks/pki-basics.yml
@@ -28,7 +28,7 @@
   tags: [ 'pki', 'ssl', 'letsencrypt' ]
 
 - name: When we are going to install letsencrypt certificates, create a preliminary path and a self signed cert. Now the certificate and private key
-  command: openssl req -x509 -newkey rsa:2048 -keyout {{ letsencrypt_acme_user_home | default(omit) }}/keys/fakeselfsignedcert/privkey -out {{ letsencrypt_acme_user_home | default(omit) }}/certs/fakeselfsignedcert/cert -days 365 -nodes -subj '/CN={{ ansible_fqdn }} self signed certificate'
+  command: openssl req -x509 -newkey rsa:2048 -keyout {{ letsencrypt_acme_user_home | default(omit) }}/keys/fakeselfsignedcert/privkey -out {{ letsencrypt_acme_user_home | default(omit) }}/certs/fakeselfsignedcert/cert -days 365 -nodes -subj '/CN={{ ansible_fqdn }} self signed'
   args:
     creates: '{{ letsencrypt_acme_user_home | default(omit) }}/certs/fakeselfsignedcert/cert'
   when: