diff options
author | Bartek Grzybowski <b.grzybowski@partner.samsung.com> | 2021-04-09 13:31:47 +0200 |
---|---|---|
committer | Bartek Grzybowski <b.grzybowski@partner.samsung.com> | 2021-04-09 13:31:47 +0200 |
commit | 2d74c25ebeacf0c693b473bd84c7b9326fa1e96a (patch) | |
tree | 972c3e4f66ec8b3d37aaa821f87a3619587462e5 /ansible/roles/certificates | |
parent | 31990268811b0fc80a5332f93248131163fb511d (diff) |
[ANSIBLE 3.2.0] Upgrade 'certificates' role tasks to be ansible 3.2.0 compliant
Change-Id: Id1d8da0a1dabdbe79cdb24179ddeff5564b00f17
Issue-ID: OOM-2722
Signed-off-by: Bartek Grzybowski <b.grzybowski@partner.samsung.com>
Diffstat (limited to 'ansible/roles/certificates')
-rw-r--r-- | ansible/roles/certificates/tasks/generate-certificates.yml | 18 |
1 files changed, 2 insertions, 16 deletions
diff --git a/ansible/roles/certificates/tasks/generate-certificates.yml b/ansible/roles/certificates/tasks/generate-certificates.yml index 9bf75fff..43b774bc 100644 --- a/ansible/roles/certificates/tasks/generate-certificates.yml +++ b/ansible/roles/certificates/tasks/generate-certificates.yml @@ -20,13 +20,13 @@ country_name: "{{ certificates.country_name }}" locality_name: "{{ certificates.locality_name }}" basic_constraints: - - CA:true + - CA:TRUE basic_constraints_critical: true key_usage: - - critical - digitalSignature - cRLSign - keyCertSign + key_usage_critical: true - name: Generate root CA certificate openssl_certificate: @@ -34,19 +34,12 @@ path: "{{ certificates_local_dir }}/rootCA.crt" csr_path: "{{ certificates_local_dir }}/rootCA.csr" privatekey_path: "{{ certificates_local_dir }}/rootCA.key" - key_usage: - - critical - - digitalSignature - - cRLSign - - keyCertSign - force: true notify: Restart Docker - name: Generate private Nexus key openssl_privatekey: path: "{{ certificates_local_dir }}/nexus_server.key" size: 4096 - force: false - name: Generate Nexus CSR (certificate signing request) openssl_csr: @@ -75,10 +68,3 @@ csr_path: "{{ certificates_local_dir }}/nexus_server.csr" ownca_path: "{{ certificates_local_dir }}/rootCA.crt" ownca_privatekey_path: "{{ certificates_local_dir }}/rootCA.key" - key_usage: - - digitalSignature - - nonRepudiation - - keyEncipherment - - dataEncipherment - subject_alt_name: - "{{ all_simulated_hosts | map('regex_replace', '(.*)', 'DNS:\\1') | list }}" |