ansible/cfssl-server-role
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

add auth key and server_client role

Browse source
This commit is contained in:
nono 2022-12-21 01:31:34 +01:00
parent b518e20b2e
commit f2816881b3
1 changed files with 23 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

24
templates/cfssl.json.j2
View file

@ -1,6 +1,13 @@
{ {
"auth_keys": {
"key_srv": {
"type": "standard",
"key":"{{cfssl_auth_key}}"
}
},
"signing": { "signing": {
"default": { "default": {
"auth_key": "key_srv",
"crl_url": "http://{{inventory_hostname_short}}.{{vm_domain_name}}:8888/crl", "crl_url": "http://{{inventory_hostname_short}}.{{vm_domain_name}}:8888/crl",
"expiry": "26280h", "expiry": "26280h",
"usages": [ "usages": [
@ -11,6 +18,7 @@
}, },
"profiles": { "profiles": {
"intermediate_ca": { "intermediate_ca": {
"auth_key": "key_srv",
"usages": [ "usages": [
"signing", "signing",
"digital signature", "digital signature",
@ -27,16 +35,29 @@
"max_path_len_zero": true "max_path_len_zero": true
} }
}, },
"server": { "server_client": {
"auth_key": "key_srv",
"usages": [ "usages": [
"signing", "signing",
"digital signing", "digital signing",
"key encipherment", "key encipherment",
"server auth",
"client auth"
],
"expiry": "8760h"
},
"server": {
"auth_key": "key_srv",
"usages": [
"signing",
"digital signature",
"key encipherment",
"server auth" "server auth"
], ],
"expiry": "8760h" "expiry": "8760h"
}, },
"client": { "client": {
"auth_key": "key_srv",
"usages": [ "usages": [
"signing", "signing",
"digital signature", "digital signature",
@ -47,4 +68,5 @@
} }
} }
} }
}
} }