83 lines
2.7 KiB
YAML
83 lines
2.7 KiB
YAML
|
---
|
||
|
- name: Generate account key
|
||
|
command: openssl ecparam -name prime256v1 -genkey -out {{ output_dir }}/accountkey.pem
|
||
|
|
||
|
- name: Generate second account key
|
||
|
command: openssl ecparam -name prime256v1 -genkey -out {{ output_dir }}/accountkey2.pem
|
||
|
|
||
|
- name: Parse account key (to ease debugging some test failures)
|
||
|
command: openssl ec -in {{ output_dir }}/accountkey.pem -noout -text
|
||
|
|
||
|
- name: Check that account does not exist
|
||
|
acme_account_facts:
|
||
|
select_crypto_backend: "{{ select_crypto_backend }}"
|
||
|
account_key_src: "{{ output_dir }}/accountkey.pem"
|
||
|
acme_version: 2
|
||
|
acme_directory: https://{{ acme_host }}:14000/dir
|
||
|
validate_certs: no
|
||
|
register: account_not_created
|
||
|
|
||
|
- name: Create it now
|
||
|
acme_account:
|
||
|
select_crypto_backend: "{{ select_crypto_backend }}"
|
||
|
account_key_src: "{{ output_dir }}/accountkey.pem"
|
||
|
acme_version: 2
|
||
|
acme_directory: https://{{ acme_host }}:14000/dir
|
||
|
validate_certs: no
|
||
|
state: present
|
||
|
allow_creation: yes
|
||
|
terms_agreed: yes
|
||
|
contact:
|
||
|
- mailto:example@example.org
|
||
|
|
||
|
- name: Check that account exists
|
||
|
acme_account_facts:
|
||
|
select_crypto_backend: "{{ select_crypto_backend }}"
|
||
|
account_key_src: "{{ output_dir }}/accountkey.pem"
|
||
|
acme_version: 2
|
||
|
acme_directory: https://{{ acme_host }}:14000/dir
|
||
|
validate_certs: no
|
||
|
register: account_created
|
||
|
|
||
|
- name: Clear email address
|
||
|
acme_account:
|
||
|
select_crypto_backend: "{{ select_crypto_backend }}"
|
||
|
account_key_content: "{{ lookup('file', output_dir ~ '/accountkey.pem') }}"
|
||
|
acme_version: 2
|
||
|
acme_directory: https://{{ acme_host }}:14000/dir
|
||
|
validate_certs: no
|
||
|
state: present
|
||
|
allow_creation: no
|
||
|
contact: []
|
||
|
|
||
|
- name: Check that account was modified
|
||
|
acme_account_facts:
|
||
|
select_crypto_backend: "{{ select_crypto_backend }}"
|
||
|
account_key_src: "{{ output_dir }}/accountkey.pem"
|
||
|
acme_version: 2
|
||
|
acme_directory: https://{{ acme_host }}:14000/dir
|
||
|
validate_certs: no
|
||
|
account_uri: "{{ account_created.account_uri }}"
|
||
|
register: account_modified
|
||
|
|
||
|
- name: Check with wrong account URI
|
||
|
acme_account_facts:
|
||
|
select_crypto_backend: "{{ select_crypto_backend }}"
|
||
|
account_key_src: "{{ output_dir }}/accountkey.pem"
|
||
|
acme_version: 2
|
||
|
acme_directory: https://{{ acme_host }}:14000/dir
|
||
|
validate_certs: no
|
||
|
account_uri: "{{ account_created.account_uri }}test1234doesnotexists"
|
||
|
register: account_not_exist
|
||
|
|
||
|
- name: Check with wrong account key
|
||
|
acme_account_facts:
|
||
|
select_crypto_backend: "{{ select_crypto_backend }}"
|
||
|
account_key_src: "{{ output_dir }}/accountkey2.pem"
|
||
|
acme_version: 2
|
||
|
acme_directory: https://{{ acme_host }}:14000/dir
|
||
|
validate_certs: no
|
||
|
account_uri: "{{ account_created.account_uri }}"
|
||
|
ignore_errors: yes
|
||
|
register: account_wrong_key
|