caf7fd2245
* Raise OpenSSLBadPassphraseError if passphrase is wrong. * Improve handling of passphrase errors. Current behavior for modules is: if passphrase is wrong (or wrongly specified), fail. Current behavior for openssl_privatekey is: if passphrase is worng (or wrongly specified), regenerate. * Add changelog. * Add tests. * Adjustments for some versions of PyOpenSSL. * Update lib/ansible/modules/crypto/openssl_certificate.py Improve text. Co-Authored-By: felixfontein <felix@fontein.de>
26 lines
869 B
YAML
26 lines
869 B
YAML
- name: 'Install pexpect'
|
|
pip:
|
|
name: 'pexpect'
|
|
state: 'present'
|
|
|
|
- name: 'Validate PKCS#12'
|
|
command: "openssl pkcs12 -info -in {{ output_dir }}/ansible.p12 -nodes -passin pass:''"
|
|
register: p12
|
|
|
|
- name: 'Validate PKCS#12 (assert)'
|
|
assert:
|
|
that:
|
|
- p12.stdout_lines[2].split(':')[-1].strip() == 'abracadabra'
|
|
- p12_standard.mode == '0400'
|
|
- p12_force.changed
|
|
- p12_force_and_mode.mode == '0644' and p12_force_and_mode.changed
|
|
|
|
- name:
|
|
assert:
|
|
that:
|
|
- passphrase_error_1 is failed
|
|
- "'assphrase' in passphrase_error_1.msg or 'assword' in passphrase_error_1.msg"
|
|
- passphrase_error_2 is failed
|
|
- "'assphrase' in passphrase_error_1.msg or 'assword' in passphrase_error_2.msg"
|
|
- passphrase_error_3 is failed
|
|
- "'assphrase' in passphrase_error_1.msg or 'assword' in passphrase_error_3.msg"
|