Commit 45a7b524 authored by godog's avatar godog

public-ssl-cert: switch to certbot pem names

See also ai3/prod#31
parent 0ed7d159
...@@ -11,13 +11,13 @@ ...@@ -11,13 +11,13 @@
state: directory state: directory
- name: "Create a self-signed certificate for {{ cn }}" - name: "Create a self-signed certificate for {{ cn }}"
shell: "openssl req -x509 -newkey rsa:2048 -keyout private_key.pem -nodes -out cert.pem -days 3650 -subj '/CN={{ cn }}'" shell: "openssl req -x509 -newkey rsa:2048 -keyout privkey.pem -nodes -out fullchain.pem -days 3650 -subj '/CN={{ cn }}'"
args: args:
chdir: "/etc/credentials/selfsigned/{{ cn }}" chdir: "/etc/credentials/selfsigned/{{ cn }}"
creates: "/etc/credentials/selfsigned/{{ cn }}/cert.pem" creates: "/etc/credentials/selfsigned/{{ cn }}/fullchain.pem"
- file: - file:
path: "/etc/credentials/selfsigned/{{ cn }}/private_key.pem" path: "/etc/credentials/selfsigned/{{ cn }}/privkey.pem"
owner: root owner: root
group: public-credentials group: public-credentials
mode: 0440 mode: 0440
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment