Skip to content

Instantly share code, notes, and snippets.

@bunam

bunam/ansible_ssl_cert.yaml

Forked from jsidhu/ansible_ssl_cert.yaml
Created April 18, 2019 12:27
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save bunam/516f71101f9b31ee2896a9b6df0a689a to your computer and use it in GitHub Desktop.
Save bunam/516f71101f9b31ee2896a9b6df0a689a to your computer and use it in GitHub Desktop.
Download ZIP
Ansible snippet to create a self signed ssl certificate
Raw
ansible_ssl_cert.yaml
# - name: Generate DH Params (may take several minutes!)
# command: openssl dhparam \
# -out "/data/jenkins_home/ssl/dhparam.pem" 2048
# args:
# creates: "/data/jenkins_home/ssl/dhparam.pem"
#
# - name: Generate ECC Key
# command: openssl ecparam \
# -genkey \
# -name prime256v1 \
# -out "/data/jenkins_home/ssl/key.pem"
# args:
# creates: "/data/jenkins_home/ssl/key.pem"
- name: Generate RSA Key
command: openssl genrsa \
-out "/data/jenkins_home/ssl/key.pem" 2048
args:
creates: "/data/jenkins_home/ssl/key.pem"
- name: Generate CSR
command: openssl req \
-new \
-subj '/C=US/ST=CA/L=Mountain View/O=Jasmeet/CN={{ fqdn }}'
-key "/data/jenkins_home/ssl/key.pem" \
-out "/data/jenkins_home/ssl/csr.pem"
args:
creates: "/data/jenkins_home/ssl/csr.pem"
- name: Generate Self-signed Certificate
command: openssl req \
-x509 \
-days 1825 \
-key "/data/jenkins_home/ssl/key.pem" \
-in "/data/jenkins_home/ssl/csr.pem" \
-out "/data/jenkins_home/ssl/cert.pem"
args:
creates: "/data/jenkins_home/ssl/cert.pem"
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment