From 7e5a76e7996ebcba36536c8fecd31a95280f3417 Mon Sep 17 00:00:00 2001
From: B Stack <bgstack15@gmail.com>
Date: Wed, 6 Dec 2017 06:51:36 -0500
Subject: Initial commit

---
 tasks/2_generate_pfx.yml | 29 +++++++++++++++++++++++++++++
 1 file changed, 29 insertions(+)
 create mode 100644 tasks/2_generate_pfx.yml

(limited to 'tasks/2_generate_pfx.yml')

diff --git a/tasks/2_generate_pfx.yml b/tasks/2_generate_pfx.yml
new file mode 100644
index 0000000..ec45282
--- /dev/null
+++ b/tasks/2_generate_pfx.yml
@@ -0,0 +1,29 @@
+---
+# Reference: https://bgstack15.wordpress.com/2016/06/30/manipulating-ssl-certificates/
+
+- name: save private key file as variable
+  shell: warn=no echo "{{ certreq.stdout }}" | awk '/^key:/{print $2;}'
+  register: privatekey
+  failed_when: privatekey.stdout_lines | length != 1
+  changed_when: false
+# privatekey.stdout
+
+- name: save public key file as variable
+  shell: warn=no echo "{{ certreq.stdout }}" | awk '/^certificate:/{print $2;}'
+  register: publickey
+  failed_when: publickey.stdout_lines | length != 1
+  changed_when: false
+# publickey.stdout
+
+- name: save cert chain file as variable
+  shell: warn=no echo "{{ certreq.stdout }}" | awk '/^chain:/{print $2;}'
+  register: chain
+  failed_when: chain.stdout_lines | length != 1
+  changed_when: false
+# chain.stdout
+
+- name: generate pkcs12 file
+  shell: warn=no openssl pkcs12 -export -in "{{ publickey.stdout }}" -inkey "{{ privatekey.stdout }}" -out /tmp/certnew.pfx -CAfile "{{ chain.stdout }}" -certfile "{{ chain.stdout }}" -passin pass:'' -passout pass:''
+  register: pfx
+
+...
-- 
cgit