Commit 45a7b524 authored by godog's avatar godog

public-ssl-cert: switch to certbot pem names

See also ai3/prod#31
parent 0ed7d159
......@@ -11,13 +11,13 @@
state: directory
- name: "Create a self-signed certificate for {{ cn }}"
shell: "openssl req -x509 -newkey rsa:2048 -keyout private_key.pem -nodes -out cert.pem -days 3650 -subj '/CN={{ cn }}'"
shell: "openssl req -x509 -newkey rsa:2048 -keyout privkey.pem -nodes -out fullchain.pem -days 3650 -subj '/CN={{ cn }}'"
chdir: "/etc/credentials/selfsigned/{{ cn }}"
creates: "/etc/credentials/selfsigned/{{ cn }}/cert.pem"
creates: "/etc/credentials/selfsigned/{{ cn }}/fullchain.pem"
- file:
path: "/etc/credentials/selfsigned/{{ cn }}/private_key.pem"
path: "/etc/credentials/selfsigned/{{ cn }}/privkey.pem"
owner: root
group: public-credentials
mode: 0440
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment