ansible/cfssl-server-role
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity
9 commits 1 branch 0 tags 279 KiB
Jinja 100%
Go to file
nono a171adff47 fix role
2022-12-21 20:51:34 +01:00
defaults fix role 2022-12-21 20:51:34 +01:00
handlers reorg directory 2022-12-21 01:04:13 +01:00
tasks fix role 2022-12-21 20:51:34 +01:00
templates fix role 2022-12-21 20:51:34 +01:00
README.md Add role 2022-12-16 17:51:39 +01:00

README.md

ansible-role-cfssl

Installes CFSSL (CloudFlare's PKI toolkit) binaries and generate certificate :

  • Self Signed Root CA
  • CA Signed Client Certificates

Role Variables

#Specifies the version of CFSSL toolkit we want to download and use
cfssl_version: "1.6.3"

# The directory where CFSSL binaries will be installed
cfssl_bin_directory: /usr/bin

# The CA directory where we will store CA, and Client certificates/keys.
pki_dir: /opt/cfssl

# The Certificates Key Algos for both CA and Client certificates.
pki_key:
    algo: rsa
    size: 4096

# The CA Certificate Object and the default Client Certificate Object.
pki_names:
  - C: FR
    L: 'Paris'
    O: 'Acme'
    OU: IT

pki_ca:
  cname: My Internal Certification Authority

# The properties of the CA 
pki_ca:
  cname: My Internal Certification Authority
  expiry: 262800h (30 Years)

# The properties of the Intermediate CA  
pki_intermediate_ca:
  cname: My Intermediate Internal Certification Authority
  expiry: 262800h (30 Years)