blob: ec45282e8e5fb3b39c9d0d54b336c2020a2d4d0b (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
|
---
# Reference: https://bgstack15.wordpress.com/2016/06/30/manipulating-ssl-certificates/
- name: save private key file as variable
shell: warn=no echo "{{ certreq.stdout }}" | awk '/^key:/{print $2;}'
register: privatekey
failed_when: privatekey.stdout_lines | length != 1
changed_when: false
# privatekey.stdout
- name: save public key file as variable
shell: warn=no echo "{{ certreq.stdout }}" | awk '/^certificate:/{print $2;}'
register: publickey
failed_when: publickey.stdout_lines | length != 1
changed_when: false
# publickey.stdout
- name: save cert chain file as variable
shell: warn=no echo "{{ certreq.stdout }}" | awk '/^chain:/{print $2;}'
register: chain
failed_when: chain.stdout_lines | length != 1
changed_when: false
# chain.stdout
- name: generate pkcs12 file
shell: warn=no openssl pkcs12 -export -in "{{ publickey.stdout }}" -inkey "{{ privatekey.stdout }}" -out /tmp/certnew.pfx -CAfile "{{ chain.stdout }}" -certfile "{{ chain.stdout }}" -passin pass:'' -passout pass:''
register: pfx
...
|
