--- - debug: msg: "Executing tests with backend {{ select_crypto_backend }}" - name: ({{select_crypto_backend}}) Get CSR info openssl_csr_info: path: '{{ output_dir }}/csr_1.csr' select_crypto_backend: '{{ select_crypto_backend }}' register: result - name: Check whether subject behaves as expected assert: that: - result.subject.organizationalUnitName == 'ACME Department' - "['organizationalUnitName', 'Crypto Department'] in result.subject_ordered" - "['organizationalUnitName', 'ACME Department'] in result.subject_ordered" - name: Check SubjectKeyIdentifier and AuthorityKeyIdentifier assert: that: - result.subject_key_identifier == "00:11:22:33" - result.authority_key_identifier == "44:55:66:77" - result.authority_cert_issuer == expected_authority_cert_issuer - result.authority_cert_serial_number == 12345 vars: expected_authority_cert_issuer: - "DNS:ca.example.org" - "IP:1.2.3.4" when: select_crypto_backend != 'pyopenssl' and cryptography_version.stdout is version('1.3', '>=') - name: Update result list set_fact: info_results: "{{ info_results + [result] }}" - name: ({{select_crypto_backend}}) Get CSR info directly openssl_csr_info: content: '{{ lookup("file", output_dir ~ "/csr_1.csr") }}' select_crypto_backend: '{{ select_crypto_backend }}' register: result_direct - name: ({{select_crypto_backend}}) Compare output of direct and loaded info assert: that: - result == result_direct - name: ({{select_crypto_backend}}) Get CSR info openssl_csr_info: path: '{{ output_dir }}/csr_2.csr' select_crypto_backend: '{{ select_crypto_backend }}' register: result - name: Update result list set_fact: info_results: "{{ info_results + [result] }}" - name: ({{select_crypto_backend}}) Get CSR info openssl_csr_info: path: '{{ output_dir }}/csr_3.csr' select_crypto_backend: '{{ select_crypto_backend }}' register: result - name: Check AuthorityKeyIdentifier assert: that: - result.authority_key_identifier is none - result.authority_cert_issuer == expected_authority_cert_issuer - result.authority_cert_serial_number == 12345 vars: expected_authority_cert_issuer: - "DNS:ca.example.org" - "IP:1.2.3.4" when: select_crypto_backend != 'pyopenssl' and cryptography_version.stdout is version('1.3', '>=') - name: Update result list set_fact: info_results: "{{ info_results + [result] }}" - name: ({{select_crypto_backend}}) Get CSR info openssl_csr_info: path: '{{ output_dir }}/csr_4.csr' select_crypto_backend: '{{ select_crypto_backend }}' register: result - name: Check AuthorityKeyIdentifier assert: that: - result.authority_key_identifier == "44:55:66:77" - result.authority_cert_issuer is none - result.authority_cert_serial_number is none when: select_crypto_backend != 'pyopenssl' and cryptography_version.stdout is version('1.3', '>=') - name: Update result list set_fact: info_results: "{{ info_results + [result] }}"