ansible/cfssl-server-role
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

fix role

Browse source
This commit is contained in:
nono 2022-12-21 20:51:34 +01:00
parent f2816881b3
commit a171adff47
5 changed files with 78 additions and 78 deletions
Download patch file Download diff file Expand all files Collapse all files

123
templates/cfssl.json.j2
View file

@ -1,72 +1,71 @@
{
"auth_keys": {
"key_srv": {
"type": "standard",
"key":"{{cfssl_auth_key}}"
}
"auth_keys": {
"key_srv": {
"type": "standard",
"key": "{{cfssl_auth_key}}"
}
},
"signing": {
"default": {
"auth_key": "key_srv",
"crl_url": "http://{{inventory_hostname_short}}.{{vm_domain_name}}:8888/crl",
"expiry": "26280h",
"usages": [
"signing",
"key encipherment",
"client auth"
]
},
"signing": {
"default": {
"auth_key": "key_srv",
"crl_url": "http://{{inventory_hostname_short}}.{{vm_domain_name}}:8888/crl",
"expiry": "26280h",
"usages": [
"signing",
"key encipherment",
"client auth"
]
},
"profiles": {
"intermediate_ca": {
"auth_key": "key_srv",
"usages": [
"signing",
"digital signature",
"key encipherment",
"cert sign",
"crl sign",
"server auth",
"client auth"
],
"expiry": "87600h",
"ca_constraint": {
"is_ca": true,
"max_path_len": 0,
"max_path_len_zero": true
}
},
"server_client": {
"auth_key": "key_srv",
"usages": [
"profiles": {
"intermediate_ca": {
"auth_key": "key_srv",
"usages": [
"signing",
"digital signing",
"digital signature",
"key encipherment",
"cert sign",
"crl sign",
"server auth",
"client auth"
],
"expiry": "8760h"
},
"server": {
"auth_key": "key_srv",
"usages": [
"signing",
"digital signature",
"key encipherment",
"server auth"
],
"expiry": "8760h"
},
"client": {
"auth_key": "key_srv",
"usages": [
"signing",
"digital signature",
"key encipherment",
"client auth"
],
"expiry": "8760h"
],
"expiry": "87600h",
"ca_constraint": {
"is_ca": true,
"max_path_len": 0,
"max_path_len_zero": true
}
}
},
"server_client": {
"auth_key": "key_srv",
"usages": [
"signing",
"digital signing",
"key encipherment",
"server auth",
"client auth"
],
"expiry": "8760h"
},
"server": {
"auth_key": "key_srv",
"usages": [
"signing",
"digital signature",
"key encipherment",
"server auth"
],
"expiry": "8760h"
},
"client": {
"auth_key": "key_srv",
"usages": [
"signing",
"digital signature",
"key encipherment",
"client auth"
],
"expiry": "8760h"
}
}
}
}

6
templates/csr_ROOT_CA.json.j2
View file

@ -1,6 +1,6 @@
{
"CN": {{pki_ca.cname | to_json}},
"key" : {{pki_key | to_json}},
"names" : {{pki_names | to_json}},
"ca": {"expiry": "{{pki_ca.expiry | to_json}}"}
"key": {{pki_key | to_json}},
"names": {{pki_names | to_json}},
"ca": {"expiry": {{pki_ca.expiry | to_json}}}
}

7
templates/csr_intermediate_CA.json.j2
View file

@ -1,6 +1,5 @@
{
"CN": {{pki_intermediate_ca.cname | to_json}},
"key" : {{pki_key | to_json}},
"names" : {{pki_names | to_json}},
"ca": {"expiry": "{{pki_intermediate_ca.expiry | to_json}}"}
}
"key": {{pki_key | to_json}},
"names": {{pki_names | to_json}}
}