---
# we'll generate 3 certificates locally for the test
# Upload the first
# overwrite it with the second
# and the third is unrelated, to check we only get info about the first when we want
local_certs:
  - priv_key: "{{ remote_tmp_dir }}/private-1.pem"
    cert: "{{ remote_tmp_dir }}/public-1.pem"
    csr: "{{ remote_tmp_dir }}/csr-1.csr"
    domain: "acm1.{{ aws_acm_test_uuid }}.ansible.com"
    name: "{{ resource_prefix }}_{{ aws_acm_test_uuid }}_1"
    
  - priv_key: "{{ remote_tmp_dir }}/private-2.pem"
    cert: "{{ remote_tmp_dir }}/public-2.pem"
    csr: "{{ remote_tmp_dir }}/csr-2.csr"
    domain: "acm2.{{ aws_acm_test_uuid }}.ansible.com"
    name: "{{ resource_prefix }}_{{ aws_acm_test_uuid }}_2"
    
  - priv_key: "{{ remote_tmp_dir }}/private-3.pem"
    cert: "{{ remote_tmp_dir }}/public-3.pem"
    csr: "{{ remote_tmp_dir }}/csr-3.csr"
    domain: "acm3.{{ aws_acm_test_uuid }}.ansible.com"
    name: "{{ resource_prefix }}_{{ aws_acm_test_uuid }}_3"
    
# we'll have one private key
# make 2 chains using it
# so we can test what happens when you change just the chain
# not the domain or key
chained_cert:
    priv_key: "{{ remote_tmp_dir }}/private-ch-0.pem"
    domain: "acm-ch.{{ aws_acm_test_uuid }}.ansible.com"
    name: "{{ resource_prefix }}_{{ aws_acm_test_uuid }}_4"
    chains:
     - cert: "{{ remote_tmp_dir }}/public-ch-0.pem"
       csr: "{{ remote_tmp_dir }}/csr-ch-0.csr"
       ca: 0 # index into local_certs
     - cert: "{{ remote_tmp_dir }}/public-ch-1.pem"
       csr: "{{ remote_tmp_dir }}/csr-ch-1.csr"
       ca: 1 # index into local_certs