ansible/test/integration/targets/acme_certificate/tasks/main.yml
Felix Fontein aef16ee195 ACME: use Cryptography (if a new enough version is available) instead of OpenSSL (#42170)
* Collecting PEM -> DER conversions.

* Using cryptography instead of OpenSSL binary in some situations.

* Moving key-to-disk writing for key content to parse_account_key.

* Rename parse_account_key -> parse_key.

* Move OpenSSL specific code for key parsing and request signing into global functions.

* Also using cryptography for key parsing and request signing.

* Remove assert statements.

* Fixing handling of key contents for cryptography code path.

* Allow to disable the use of cryptography.

* Updating documentation.

* 1.5 seems to work as well (earlier versions don't have EC sign function). Making Python 2.x adjustments.

* Changing option to select_crypto_backend.

* Python 2.6 compatibility.

* Trying to test both backends separately for acme_account.

* Also testing both backends separately for acme_certificate and acme_certificate_revoke.

* Adding changelog entry which informs about select_crypto_backend option in case autodetect fails.

* Fixing YAML.
2018-08-12 19:12:01 +02:00

31 lines
734 B
YAML

---
- block:
- name: Running tests with OpenSSL backend
include_tasks: impl.yml
vars:
select_crypto_backend: openssl
- import_tasks: ../tests/validate.yml
# Old 0.9.8 versions have insufficient CLI support for signing with EC keys
when: openssl_version.stdout is version('1.0.0', '>=')
- name: Remove output directory
file:
path: "{{ output_dir }}"
state: absent
- name: Re-create output directory
file:
path: "{{ output_dir }}"
state: directory
- block:
- name: Running tests with cryptography backend
include_tasks: impl.yml
vars:
select_crypto_backend: cryptography
- import_tasks: ../tests/validate.yml
when: cryptography_version.stdout is version('1.5', '>=')