roles/common/tasks/ca.yml


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33

- name: Installation de mon autorité de certification
  copy:
    src: root.pem
    dest: /etc/pki/ca-trust/source/anchors/root.pem
    mode: 0444
  register: cafile
  tags: firstinstall

- name: Installation du CA de Nicosss
  copy:
    src: root-nicosss.pem
    dest: /etc/pki/ca-trust/source/anchors/root-nicosss.pem
    mode: 0444
  register: cafile2

- name: Mise à jour de la base de confiance CA
  command: /usr/bin/update-ca-trust
  when: cafile is changed or cafile2 is changed
  tags: firstinstall

- name: Installation CA personnel pour applis serveur
  copy:
    src: root.pem
    dest: /etc/pki/tls/certs/mon-ca.crt
    mode: 0444
  tags: keys

- name: Mise à jour de la CRL
  copy:
    src: crt-crl.pem
    dest: /etc/pki/tls/certs/crt-crl.pem
    mode: 0444
  tags: keys