roles/common/tasks/ca.yml


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27

- name: Installation de mon autorité de certification
  copy:
    src: root.pem
    dest: /etc/pki/ca-trust/source/anchors/root.pem
    mode: 0444
  register: cafile

- name: Désinstallation de l'autorité de certification CACert
  file:
    path: /etc/pki/ca-trust/source/anchors/cacert.pem
    state: absent

- name: Mise à jour de la base de confiance CA
  command: /usr/bin/update-ca-trust
  when: cafile is changed

- name: Installation CA personnel pour applis serveur
  copy:
    src: root.pem
    dest: /etc/pki/tls/certs/mon-ca.crt
    mode: 0444

- name: Installation et renouvellement de la CRL
  copy:
    src: crt-crl.pem
    dest: /etc/pki/tls/certs/crt-crl.pem
    mode: 0444