601a4b8f47
* Add cryptography backend for get_certificate. * Add changelog. * Use short names (if possible). * Adjust version (to behave as pyOpenSSL). * Work around bugs (needed for cryptography 1.2.3). * Don't run cryptography backend tests for CentOS 6. * Bump cryptography requirement to 1.6 or newer. Otherwise, signature_algorithm_oid isn't there, either. * Simplify requirement text. * CentOS 6 has cryptography 1.9, so we still need to block. * Add auto-detect test. * Improve YAML.
42 lines
1.2 KiB
YAML
42 lines
1.2 KiB
YAML
---
|
|
- block:
|
|
|
|
- name: Get servers certificate with backend auto-detection
|
|
get_certificate:
|
|
host: "{{ httpbin_host }}"
|
|
port: 443
|
|
|
|
when: |
|
|
pyopenssl_version.stdout is version('0.15', '>=') or
|
|
(cryptography_version.stdout is version('1.6', '>=') and (ansible_distribution != 'CentOS' or ansible_distribution_major_version|int > 6))
|
|
|
|
- block:
|
|
|
|
- include_tasks: ../tests/validate.yml
|
|
vars:
|
|
select_crypto_backend: pyopenssl
|
|
|
|
when: pyopenssl_version.stdout is version('0.15', '>=')
|
|
|
|
- name: Remove output directory
|
|
file:
|
|
path: "{{ output_dir }}"
|
|
state: absent
|
|
|
|
- name: Re-create output directory
|
|
file:
|
|
path: "{{ output_dir }}"
|
|
state: directory
|
|
|
|
- block:
|
|
|
|
- include_tasks: ../tests/validate.yml
|
|
vars:
|
|
select_crypto_backend: cryptography
|
|
|
|
# The module doesn't work with CentOS 6. Since the pyOpenSSL installed there is too old,
|
|
# we never noticed before. This becomes a problem with the new cryptography backend,
|
|
# since there is a new enough cryptography version...
|
|
when: |
|
|
cryptography_version.stdout is version('1.6', '>=') and
|
|
(ansible_distribution != 'CentOS' or ansible_distribution_major_version|int > 6)
|