2020-02-07 22:38:33 +01:00
|
|
|
- name: RedHat - Enable the dynamic CA configuration feature
|
|
|
|
command: update-ca-trust force-enable
|
|
|
|
when: ansible_os_family == 'RedHat'
|
|
|
|
|
|
|
|
- name: RedHat - Retrieve test cacert
|
|
|
|
get_url:
|
|
|
|
url: "http://ansible.http.tests/cacert.pem"
|
|
|
|
dest: "/etc/pki/ca-trust/source/anchors/ansible.pem"
|
|
|
|
when: ansible_os_family == 'RedHat'
|
|
|
|
|
|
|
|
- name: Get client cert/key
|
|
|
|
get_url:
|
|
|
|
url: "http://ansible.http.tests/{{ item }}"
|
|
|
|
dest: "{{ remote_tmp_dir }}/{{ item }}"
|
|
|
|
with_items:
|
|
|
|
- client.pem
|
|
|
|
- client.key
|
|
|
|
|
|
|
|
- name: Suse - Retrieve test cacert
|
|
|
|
get_url:
|
|
|
|
url: "http://ansible.http.tests/cacert.pem"
|
|
|
|
dest: "/etc/pki/trust/anchors/ansible.pem"
|
|
|
|
when: ansible_os_family == 'Suse'
|
|
|
|
|
2020-08-07 21:28:10 +02:00
|
|
|
- name: Debian/Alpine - Retrieve test cacert
|
2020-02-07 22:38:33 +01:00
|
|
|
get_url:
|
|
|
|
url: "http://ansible.http.tests/cacert.pem"
|
|
|
|
dest: "/usr/local/share/ca-certificates/ansible.crt"
|
2020-08-07 21:28:10 +02:00
|
|
|
when: ansible_os_family in ['Debian', 'Alpine']
|
2020-02-07 22:38:33 +01:00
|
|
|
|
|
|
|
- name: Redhat - Update ca trust
|
|
|
|
command: update-ca-trust extract
|
|
|
|
when: ansible_os_family == 'RedHat'
|
|
|
|
|
2020-08-07 21:28:10 +02:00
|
|
|
- name: Debian/Alpine/Suse - Update ca certificates
|
2020-02-07 22:38:33 +01:00
|
|
|
command: update-ca-certificates
|
2020-08-07 21:28:10 +02:00
|
|
|
when: ansible_os_family in ['Debian', 'Alpine', 'Suse']
|
2020-02-07 22:38:33 +01:00
|
|
|
|
|
|
|
- name: FreeBSD - Retrieve test cacert
|
|
|
|
get_url:
|
|
|
|
url: "http://ansible.http.tests/cacert.pem"
|
|
|
|
dest: "/tmp/ansible.pem"
|
|
|
|
when: ansible_os_family == 'FreeBSD'
|
|
|
|
|
|
|
|
- name: FreeBSD - Add cacert to root certificate store
|
|
|
|
blockinfile:
|
|
|
|
path: "/etc/ssl/cert.pem"
|
|
|
|
block: "{{ lookup('file', '/tmp/ansible.pem') }}"
|
|
|
|
when: ansible_os_family == 'FreeBSD'
|
|
|
|
|
|
|
|
- name: MacOS - Retrieve test cacert
|
|
|
|
get_url:
|
|
|
|
url: "http://ansible.http.tests/cacert.pem"
|
|
|
|
dest: "/usr/local/etc/openssl/certs/ansible.pem"
|
|
|
|
when: ansible_os_family == 'Darwin'
|
|
|
|
|
|
|
|
- name: MacOS - Update ca certificates
|
|
|
|
command: /usr/local/opt/openssl/bin/c_rehash
|
|
|
|
when: ansible_os_family == 'Darwin'
|