internet/community.crypto
3
0
Fork 0
mirror of https://github.com/ansible-collections/community.crypto.git synced 2026-05-06 13:22:58 +00:00
Code Issues Packages Projects Releases Wiki Activity

Rename openssl_certificate* to x509_certificate* (#7)

Browse Source 
* Rename openssl_certificate* to x509_certificate*.

* Update README.

* Add redirects.

* Also print warnings when using Ansible 2.9.

* Adjust ignore-2.9.txt.

* Update documentation.
This commit is contained in:
Felix Fontein
2020-04-06 14:34:24 +02:00
committed by GitHub
parent 28827db5d9
commit f7dbd61fa7
36 changed files with 3730 additions and 3701 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
tests/integration/targets/acme_certificate/tasks/impl.yml
View File

@@ -372,35 +372,35 @@
register: cert_8_text
# Dump certificate info
- name: Dumping cert 1
openssl_certificate_info:
x509_certificate_info:
path: "{{ output_dir }}/cert-1.pem"
register: cert_1_info
- name: Dumping cert 2
openssl_certificate_info:
x509_certificate_info:
path: "{{ output_dir }}/cert-2.pem"
register: cert_2_info
- name: Dumping cert 3
openssl_certificate_info:
x509_certificate_info:
path: "{{ output_dir }}/cert-3.pem"
register: cert_3_info
- name: Dumping cert 4
openssl_certificate_info:
x509_certificate_info:
path: "{{ output_dir }}/cert-4.pem"
register: cert_4_info
- name: Dumping cert 5
openssl_certificate_info:
x509_certificate_info:
path: "{{ output_dir }}/cert-5.pem"
register: cert_5_info
- name: Dumping cert 6
openssl_certificate_info:
x509_certificate_info:
path: "{{ output_dir }}/cert-6.pem"
register: cert_6_info
- name: Dumping cert 7
openssl_certificate_info:
x509_certificate_info:
path: "{{ output_dir }}/cert-7.pem"
register: cert_7_info
- name: Dumping cert 8
openssl_certificate_info:
x509_certificate_info:
path: "{{ output_dir }}/cert-8.pem"
register: cert_8_info
## GET ACCOUNT ORDERS #########################################################################

4
tests/integration/targets/acme_certificate/tasks/main.yml
View File

@@ -7,13 +7,13 @@
loop: "{{ query('nested', types, root_numbers) }}"
- name: Analyze root certificates
openssl_certificate_info:
x509_certificate_info:
path: "{{ output_dir }}/acme-root-{{ item }}.pem"
loop: "{{ root_numbers }}"
register: acme_roots
- name: Analyze intermediate certificates
openssl_certificate_info:
x509_certificate_info:
path: "{{ output_dir }}/acme-intermediate-{{ item }}.pem"
loop: "{{ root_numbers }}"
register: acme_intermediates

2
tests/integration/targets/openssl_pkcs12/tasks/impl.yml
View File

@@ -24,7 +24,7 @@
privatekey_path: '{{ output_dir }}/ansible_pkey3.pem'
commonName: www3.ansible.com
- name: Generate certificate
openssl_certificate:
x509_certificate:
path: '{{ output_dir }}/{{ item.name }}.crt'
privatekey_path: '{{ output_dir }}/{{ item.pkey }}'
csr_path: '{{ output_dir }}/{{ item.name }}.csr'

0
tests/integration/targets/openssl_certificate/aliases → tests/integration/targets/x509_certificate/aliases
View File

0
tests/integration/targets/openssl_certificate/meta/main.yml → tests/integration/targets/x509_certificate/meta/main.yml
View File

20
tests/integration/targets/openssl_certificate/tasks/assertonly.yml → tests/integration/targets/x509_certificate/tasks/assertonly.yml
View File

@@ -31,7 +31,7 @@
useCommonNameForSAN: no
- name: (Assertonly, {{select_crypto_backend}}) - Generate selfsigned certificate (no extensions)
openssl_certificate:
x509_certificate:
path: '{{ output_dir }}/cert_noext.pem'
csr_path: '{{ output_dir }}/csr_noext.csr'
privatekey_path: '{{ output_dir }}/privatekey.pem'
@@ -40,7 +40,7 @@
select_crypto_backend: '{{ select_crypto_backend }}'
- name: (Assertonly, {{select_crypto_backend}}) - Generate selfsigned certificate (with SANs)
openssl_certificate:
x509_certificate:
path: '{{ output_dir }}/cert_sans.pem'
csr_path: '{{ output_dir }}/csr_sans.csr'
privatekey_path: '{{ output_dir }}/privatekey.pem'
@@ -49,7 +49,7 @@
select_crypto_backend: '{{ select_crypto_backend }}'
- name: (Assertonly, {{select_crypto_backend}}) - Assert that subject_alt_name is there (should fail)
openssl_certificate:
x509_certificate:
path: '{{ output_dir }}/cert_noext.pem'
provider: assertonly
subject_alt_name:
@@ -59,7 +59,7 @@
register: extension_missing_san
- name: (Assertonly, {{select_crypto_backend}}) - Assert that subject_alt_name is there
openssl_certificate:
x509_certificate:
path: '{{ output_dir }}/cert_sans.pem'
provider: assertonly
subject_alt_name:
@@ -70,7 +70,7 @@
register: extension_san
- name: (Assertonly, {{select_crypto_backend}}) - Assert that subject_alt_name is there (strict)
openssl_certificate:
x509_certificate:
path: '{{ output_dir }}/cert_sans.pem'
provider: assertonly
subject_alt_name:
@@ -82,7 +82,7 @@
register: extension_san_strict
- name: (Assertonly, {{select_crypto_backend}}) - Assert that key_usage is there (should fail)
openssl_certificate:
x509_certificate:
path: '{{ output_dir }}/cert_noext.pem'
provider: assertonly
key_usage:
@@ -92,7 +92,7 @@
register: extension_missing_ku
- name: (Assertonly, {{select_crypto_backend}}) - Assert that extended_key_usage is there (should fail)
openssl_certificate:
x509_certificate:
path: '{{ output_dir }}/cert_noext.pem'
provider: assertonly
extended_key_usage:
@@ -113,7 +113,7 @@
- "'Found no extendedKeyUsage extension' in extension_missing_eku.msg"
- name: (Assertonly, {{select_crypto_backend}}) - Check private key passphrase fail 1
openssl_certificate:
x509_certificate:
path: '{{ output_dir }}/cert_noext.pem'
privatekey_path: '{{ output_dir }}/privatekey.pem'
privatekey_passphrase: hunter2
@@ -123,7 +123,7 @@
register: passphrase_error_1
- name: (Assertonly, {{select_crypto_backend}}) - Check private key passphrase fail 2
openssl_certificate:
x509_certificate:
path: '{{ output_dir }}/cert_noext.pem'
privatekey_path: '{{ output_dir }}/privatekeypw.pem'
privatekey_passphrase: wrong_password
@@ -133,7 +133,7 @@
register: passphrase_error_2
- name: (Assertonly, {{select_crypto_backend}}) - Check private key passphrase fail 3
openssl_certificate:
x509_certificate:
path: '{{ output_dir }}/cert_noext.pem'
privatekey_path: '{{ output_dir }}/privatekeypw.pem'
provider: assertonly

6
tests/integration/targets/openssl_certificate/tasks/expired.yml → tests/integration/targets/x509_certificate/tasks/expired.yml
View File

@@ -11,7 +11,7 @@
commonName: www.example.com
- name: (Expired, {{select_crypto_backend}}) Generate expired selfsigned certificate
openssl_certificate:
x509_certificate:
path: '{{ output_dir }}/has_expired_cert.pem'
csr_path: '{{ output_dir }}/has_expired_csr.csr'
privatekey_path: '{{ output_dir }}/has_expired_privatekey.pem'
@@ -27,7 +27,7 @@
when: select_crypto_backend == 'cryptography' # So we create it with 'command'
- name: "(Expired) Check task fails because cert is expired (has_expired: false)"
openssl_certificate:
x509_certificate:
provider: assertonly
path: "{{ output_dir }}/has_expired_cert.pem"
has_expired: false
@@ -40,7 +40,7 @@
that: expired_cert_check is failed
- name: "(Expired) Check expired cert check is ignored (has_expired: true)"
openssl_certificate:
x509_certificate:
provider: assertonly
path: "{{ output_dir }}/has_expired_cert.pem"
has_expired: true

0
tests/integration/targets/openssl_certificate/tasks/impl.yml → tests/integration/targets/x509_certificate/tasks/impl.yml
View File

0
tests/integration/targets/openssl_certificate/tasks/main.yml → tests/integration/targets/x509_certificate/tasks/main.yml
View File

74
tests/integration/targets/openssl_certificate/tasks/ownca.yml → tests/integration/targets/x509_certificate/tasks/ownca.yml
View File

@@ -34,7 +34,7 @@
basic_constraints_critical: yes
- name: (OwnCA, {{select_crypto_backend}}) Generate selfsigned CA certificate
openssl_certificate:
x509_certificate:
path: '{{ output_dir }}/ca_cert.pem'
csr_path: '{{ output_dir }}/ca_csr.csr'
privatekey_path: '{{ output_dir }}/ca_privatekey.pem'
@@ -43,7 +43,7 @@
select_crypto_backend: '{{ select_crypto_backend }}'
- name: (OwnCA, {{select_crypto_backend}}) Generate selfsigned CA certificate (privatekey passphrase)
openssl_certificate:
x509_certificate:
path: '{{ output_dir }}/ca_cert_pw.pem'
csr_path: '{{ output_dir }}/ca_csr_pw.csr'
privatekey_path: '{{ output_dir }}/ca_privatekey_pw.pem'
@@ -53,7 +53,7 @@
select_crypto_backend: '{{ select_crypto_backend }}'
- name: (OwnCA, {{select_crypto_backend}}) Generate ownca certificate
openssl_certificate:
x509_certificate:
path: '{{ output_dir }}/ownca_cert.pem'
csr_path: '{{ output_dir }}/csr.csr'
privatekey_path: '{{ output_dir }}/privatekey.pem'
@@ -66,7 +66,7 @@
register: ownca_certificate
- name: (OwnCA, {{select_crypto_backend}}) Generate ownca certificate (idempotent)
openssl_certificate:
x509_certificate:
path: '{{ output_dir }}/ownca_cert.pem'
csr_path: '{{ output_dir }}/csr.csr'
privatekey_path: '{{ output_dir }}/privatekey.pem'
@@ -79,7 +79,7 @@
register: ownca_certificate_idempotence
- name: (OwnCA, {{select_crypto_backend}}) Generate ownca certificate (check mode)
openssl_certificate:
x509_certificate:
path: '{{ output_dir }}/ownca_cert.pem'
csr_path: '{{ output_dir }}/csr.csr'
privatekey_path: '{{ output_dir }}/privatekey.pem'
@@ -91,7 +91,7 @@
check_mode: yes
- name: (OwnCA, {{select_crypto_backend}}) Check ownca certificate
openssl_certificate:
x509_certificate:
path: '{{ output_dir }}/ownca_cert.pem'
privatekey_path: '{{ output_dir }}/privatekey.pem'
provider: assertonly
@@ -107,7 +107,7 @@
select_crypto_backend: '{{ select_crypto_backend }}'
- name: (OwnCA, {{select_crypto_backend}}) Generate ownca v2 certificate
openssl_certificate:
x509_certificate:
path: '{{ output_dir }}/ownca_cert_v2.pem'
csr_path: '{{ output_dir }}/csr.csr'
privatekey_path: '{{ output_dir }}/privatekey.pem'
@@ -121,7 +121,7 @@
ignore_errors: true
- name: (OwnCA, {{select_crypto_backend}}) Generate ownca certificate2
openssl_certificate:
x509_certificate:
path: '{{ output_dir }}/ownca_cert2.pem'
csr_path: '{{ output_dir }}/csr2.csr'
privatekey_path: '{{ output_dir }}/privatekey2.pem'
@@ -132,7 +132,7 @@
select_crypto_backend: '{{ select_crypto_backend }}'
- name: (OwnCA, {{select_crypto_backend}}) Check ownca certificate2
openssl_certificate:
x509_certificate:
path: '{{ output_dir }}/ownca_cert2.pem'
privatekey_path: '{{ output_dir }}/privatekey2.pem'
provider: assertonly
@@ -160,7 +160,7 @@
select_crypto_backend: '{{ select_crypto_backend }}'
- name: (OwnCA, {{select_crypto_backend}}) Create ownca certificate with notBefore and notAfter
openssl_certificate:
x509_certificate:
provider: ownca
ownca_not_before: 20181023133742Z
ownca_not_after: 20191023133742Z
@@ -172,7 +172,7 @@
select_crypto_backend: '{{ select_crypto_backend }}'
- name: (OwnCA, {{select_crypto_backend}}) Create ownca certificate with relative notBefore and notAfter
openssl_certificate:
x509_certificate:
provider: ownca
ownca_not_before: +1s
ownca_not_after: +52w
@@ -184,7 +184,7 @@
select_crypto_backend: '{{ select_crypto_backend }}'
- name: (OwnCA, {{select_crypto_backend}}) Generate ownca ECC certificate
openssl_certificate:
x509_certificate:
path: '{{ output_dir }}/ownca_cert_ecc.pem'
csr_path: '{{ output_dir }}/csr_ecc.csr'
privatekey_path: '{{ output_dir }}/privatekey_ecc.pem'
@@ -196,7 +196,7 @@
register: ownca_certificate_ecc
- name: (OwnCA, {{select_crypto_backend}}) Generate selfsigned certificate (privatekey passphrase)
openssl_certificate:
x509_certificate:
path: '{{ output_dir }}/ownca_cert_ecc_2.pem'
csr_path: '{{ output_dir }}/csr_ecc.csr'
ownca_path: '{{ output_dir }}/ca_cert_pw.pem'
@@ -208,7 +208,7 @@
register: selfsigned_certificate_passphrase
- name: (OwnCA, {{select_crypto_backend}}) Generate ownca certificate (failed passphrase 1)
openssl_certificate:
x509_certificate:
path: '{{ output_dir }}/ownca_cert_pw1.pem'
csr_path: '{{ output_dir }}/csr_ecc.csr'
ownca_path: '{{ output_dir }}/ca_cert.pem'
@@ -221,7 +221,7 @@
register: passphrase_error_1
- name: (OwnCA, {{select_crypto_backend}}) Generate ownca certificate (failed passphrase 2)
openssl_certificate:
x509_certificate:
path: '{{ output_dir }}/ownca_cert_pw2.pem'
csr_path: '{{ output_dir }}/csr_ecc.csr'
ownca_path: '{{ output_dir }}/ca_cert.pem'
@@ -234,7 +234,7 @@
register: passphrase_error_2
- name: (OwnCA, {{select_crypto_backend}}) Generate ownca certificate (failed passphrase 3)
openssl_certificate:
x509_certificate:
path: '{{ output_dir }}/ownca_cert_pw3.pem'
csr_path: '{{ output_dir }}/csr_ecc.csr'
ownca_path: '{{ output_dir }}/ca_cert.pem'
@@ -250,7 +250,7 @@
dest: "{{ output_dir }}/ownca_broken.pem"
content: "broken"
- name: Regenerate broken cert
openssl_certificate:
x509_certificate:
path: '{{ output_dir }}/ownca_broken.pem'
csr_path: '{{ output_dir }}/csr_ecc.csr'
privatekey_path: '{{ output_dir }}/privatekey_ecc.pem'
@@ -261,7 +261,7 @@
register: ownca_broken
- name: (OwnCA, {{select_crypto_backend}}) Backup test
openssl_certificate:
x509_certificate:
path: '{{ output_dir }}/ownca_cert_backup.pem'
csr_path: '{{ output_dir }}/csr_ecc.csr'
ownca_path: '{{ output_dir }}/ca_cert.pem'
@@ -272,7 +272,7 @@
select_crypto_backend: '{{ select_crypto_backend }}'
register: ownca_backup_1
- name: (OwnCA, {{select_crypto_backend}}) Backup test (idempotent)
openssl_certificate:
x509_certificate:
path: '{{ output_dir }}/ownca_cert_backup.pem'
csr_path: '{{ output_dir }}/csr_ecc.csr'
ownca_path: '{{ output_dir }}/ca_cert.pem'
@@ -283,7 +283,7 @@
select_crypto_backend: '{{ select_crypto_backend }}'
register: ownca_backup_2
- name: (OwnCA, {{select_crypto_backend}}) Backup test (change)
openssl_certificate:
x509_certificate:
path: '{{ output_dir }}/ownca_cert_backup.pem'
csr_path: '{{ output_dir }}/csr.csr'
ownca_path: '{{ output_dir }}/ca_cert.pem'
@@ -294,7 +294,7 @@
select_crypto_backend: '{{ select_crypto_backend }}'
register: ownca_backup_3
- name: (OwnCA, {{select_crypto_backend}}) Backup test (remove)
openssl_certificate:
x509_certificate:
path: '{{ output_dir }}/ownca_cert_backup.pem'
state: absent
provider: ownca
@@ -302,7 +302,7 @@
select_crypto_backend: '{{ select_crypto_backend }}'
register: ownca_backup_4
- name: (OwnCA, {{select_crypto_backend}}) Backup test (remove, idempotent)
openssl_certificate:
x509_certificate:
path: '{{ output_dir }}/ownca_cert_backup.pem'
state: absent
provider: ownca
@@ -311,7 +311,7 @@
register: ownca_backup_5
- name: (OwnCA, {{select_crypto_backend}}) Create subject key identifier
openssl_certificate:
x509_certificate:
path: '{{ output_dir }}/ownca_cert_ski.pem'
csr_path: '{{ output_dir }}/csr_ecc.csr'
ownca_path: '{{ output_dir }}/ca_cert.pem'
@@ -324,7 +324,7 @@
register: ownca_subject_key_identifier_1
- name: (OwnCA, {{select_crypto_backend}}) Create subject key identifier (idempotency)
openssl_certificate:
x509_certificate:
path: '{{ output_dir }}/ownca_cert_ski.pem'
csr_path: '{{ output_dir }}/csr_ecc.csr'
ownca_path: '{{ output_dir }}/ca_cert.pem'
@@ -337,7 +337,7 @@
register: ownca_subject_key_identifier_2
- name: (OwnCA, {{select_crypto_backend}}) Create subject key identifier (remove)
openssl_certificate:
x509_certificate:
path: '{{ output_dir }}/ownca_cert_ski.pem'
csr_path: '{{ output_dir }}/csr_ecc.csr'
ownca_path: '{{ output_dir }}/ca_cert.pem'
@@ -350,7 +350,7 @@
register: ownca_subject_key_identifier_3
- name: (OwnCA, {{select_crypto_backend}}) Create subject key identifier (remove idempotency)
openssl_certificate:
x509_certificate:
path: '{{ output_dir }}/ownca_cert_ski.pem'
csr_path: '{{ output_dir }}/csr_ecc.csr'
ownca_path: '{{ output_dir }}/ca_cert.pem'
@@ -363,7 +363,7 @@
register: ownca_subject_key_identifier_4
- name: (OwnCA, {{select_crypto_backend}}) Create subject key identifier (re-enable)
openssl_certificate:
x509_certificate:
path: '{{ output_dir }}/ownca_cert_ski.pem'
csr_path: '{{ output_dir }}/csr_ecc.csr'
ownca_path: '{{ output_dir }}/ca_cert.pem'
@@ -376,7 +376,7 @@
register: ownca_subject_key_identifier_5
- name: (OwnCA, {{select_crypto_backend}}) Create authority key identifier
openssl_certificate:
x509_certificate:
path: '{{ output_dir }}/ownca_cert_aki.pem'
csr_path: '{{ output_dir }}/csr_ecc.csr'
ownca_path: '{{ output_dir }}/ca_cert.pem'
@@ -389,7 +389,7 @@
register: ownca_authority_key_identifier_1
- name: (OwnCA, {{select_crypto_backend}}) Create authority key identifier (idempotency)
openssl_certificate:
x509_certificate:
path: '{{ output_dir }}/ownca_cert_aki.pem'
csr_path: '{{ output_dir }}/csr_ecc.csr'
ownca_path: '{{ output_dir }}/ca_cert.pem'
@@ -402,7 +402,7 @@
register: ownca_authority_key_identifier_2
- name: (OwnCA, {{select_crypto_backend}}) Create authority key identifier (remove)
openssl_certificate:
x509_certificate:
path: '{{ output_dir }}/ownca_cert_aki.pem'
csr_path: '{{ output_dir }}/csr_ecc.csr'
ownca_path: '{{ output_dir }}/ca_cert.pem'
@@ -415,7 +415,7 @@
register: ownca_authority_key_identifier_3
- name: (OwnCA, {{select_crypto_backend}}) Create authority key identifier (remove idempotency)
openssl_certificate:
x509_certificate:
path: '{{ output_dir }}/ownca_cert_aki.pem'
csr_path: '{{ output_dir }}/csr_ecc.csr'
ownca_path: '{{ output_dir }}/ca_cert.pem'
@@ -428,7 +428,7 @@
register: ownca_authority_key_identifier_4
- name: (OwnCA, {{select_crypto_backend}}) Create authority key identifier (re-add)
openssl_certificate:
x509_certificate:
path: '{{ output_dir }}/ownca_cert_aki.pem'
csr_path: '{{ output_dir }}/csr_ecc.csr'
ownca_path: '{{ output_dir }}/ca_cert.pem'
@@ -469,7 +469,7 @@
ignore_errors: yes
- name: (OwnCA, {{select_crypto_backend}}) Generate ownca certificate
openssl_certificate:
x509_certificate:
path: '{{ output_dir }}/ownca_cert_{{ item }}.pem'
csr_path: '{{ output_dir }}/csr_{{ item }}.csr'
ownca_path: '{{ output_dir }}/ca_cert.pem'
@@ -484,7 +484,7 @@
ignore_errors: yes
- name: (OwnCA, {{select_crypto_backend}}) Generate ownca certificate (idempotent)
openssl_certificate:
x509_certificate:
path: '{{ output_dir }}/ownca_cert_{{ item }}.pem'
csr_path: '{{ output_dir }}/csr_{{ item }}.csr'
ownca_path: '{{ output_dir }}/ca_cert.pem'
@@ -529,7 +529,7 @@
ignore_errors: yes
- name: (OwnCA, {{select_crypto_backend}}) Generate selfsigned CA certificate
openssl_certificate:
x509_certificate:
path: '{{ output_dir }}/ca_cert_{{ item }}.pem'
csr_path: '{{ output_dir }}/ca_csr_{{ item }}.csr'
privatekey_path: '{{ output_dir }}/ca_privatekey_{{ item }}.pem'
@@ -542,7 +542,7 @@
ignore_errors: yes
- name: (OwnCA, {{select_crypto_backend}}) Generate ownca certificate
openssl_certificate:
x509_certificate:
path: '{{ output_dir }}/ownca_cert_{{ item }}_2.pem'
csr_path: '{{ output_dir }}/csr.csr'
ownca_path: '{{ output_dir }}/ca_cert_{{ item }}.pem'
@@ -558,7 +558,7 @@
ignore_errors: yes
- name: (OwnCA, {{select_crypto_backend}}) Generate ownca certificate (idempotent)
openssl_certificate:
x509_certificate:
path: '{{ output_dir }}/ownca_cert_{{ item }}_2.pem'
csr_path: '{{ output_dir }}/csr.csr'
ownca_path: '{{ output_dir }}/ca_cert_{{ item }}.pem'

6
tests/integration/targets/openssl_certificate/tasks/removal.yml → tests/integration/targets/x509_certificate/tasks/removal.yml
View File

@@ -9,7 +9,7 @@
privatekey_path: '{{ output_dir }}/removal_privatekey.pem'
- name: (Removal, {{select_crypto_backend}}) Generate selfsigned certificate
openssl_certificate:
x509_certificate:
path: '{{ output_dir }}/removal_cert.pem'
csr_path: '{{ output_dir }}/removal_csr.csr'
privatekey_path: '{{ output_dir }}/removal_privatekey.pem'
@@ -23,7 +23,7 @@
register: removal_1_prestat
- name: "(Removal, {{select_crypto_backend}}) Remove certificate"
openssl_certificate:
x509_certificate:
path: "{{ output_dir }}/removal_cert.pem"
state: absent
select_crypto_backend: '{{ select_crypto_backend }}'
@@ -36,7 +36,7 @@
register: removal_1_poststat
- name: "(Removal, {{select_crypto_backend}}) Remove certificate (idempotent)"
openssl_certificate:
x509_certificate:
path: "{{ output_dir }}/removal_cert.pem"
state: absent
select_crypto_backend: '{{ select_crypto_backend }}'

54
tests/integration/targets/openssl_certificate/tasks/selfsigned.yml → tests/integration/targets/x509_certificate/tasks/selfsigned.yml
View File

@@ -25,7 +25,7 @@
commonName: www.example.org
- name: (Selfsigned, {{select_crypto_backend}}) Generate selfsigned certificate
openssl_certificate:
x509_certificate:
path: '{{ output_dir }}/cert.pem'
csr_path: '{{ output_dir }}/csr.csr'
privatekey_path: '{{ output_dir }}/privatekey.pem'
@@ -36,7 +36,7 @@
register: selfsigned_certificate
- name: (Selfsigned, {{select_crypto_backend}}) Generate selfsigned certificate - idempotency
openssl_certificate:
x509_certificate:
path: '{{ output_dir }}/cert.pem'
csr_path: '{{ output_dir }}/csr.csr'
privatekey_path: '{{ output_dir }}/privatekey.pem'
@@ -47,7 +47,7 @@
register: selfsigned_certificate_idempotence
- name: (Selfsigned, {{select_crypto_backend}}) Generate selfsigned certificate (check mode)
openssl_certificate:
x509_certificate:
path: '{{ output_dir }}/cert.pem'
csr_path: '{{ output_dir }}/csr.csr'
privatekey_path: '{{ output_dir }}/privatekey.pem'
@@ -57,7 +57,7 @@
check_mode: yes
- name: (Selfsigned, {{select_crypto_backend}}) Generate selfsigned certificate (check mode, other CSR)
openssl_certificate:
x509_certificate:
path: '{{ output_dir }}/cert.pem'
csr_path: '{{ output_dir }}/csr_minimal_change.csr'
privatekey_path: '{{ output_dir }}/privatekey.pem'
@@ -68,7 +68,7 @@
register: selfsigned_certificate_csr_minimal_change
- name: (Selfsigned, {{select_crypto_backend}}) Check selfsigned certificate
openssl_certificate:
x509_certificate:
path: '{{ output_dir }}/cert.pem'
privatekey_path: '{{ output_dir }}/privatekey.pem'
provider: assertonly
@@ -82,7 +82,7 @@
select_crypto_backend: '{{ select_crypto_backend }}'
- name: (Selfsigned, {{select_crypto_backend}}) Generate selfsigned v2 certificate
openssl_certificate:
x509_certificate:
path: '{{ output_dir }}/cert_v2.pem'
csr_path: '{{ output_dir }}/csr.csr'
privatekey_path: '{{ output_dir }}/privatekey.pem'
@@ -117,7 +117,7 @@
- biometricInfo
- name: (Selfsigned, {{select_crypto_backend}}) Generate selfsigned certificate2
openssl_certificate:
x509_certificate:
path: '{{ output_dir }}/cert2.pem'
csr_path: '{{ output_dir }}/csr2.csr'
privatekey_path: '{{ output_dir }}/privatekey2.pem'
@@ -126,7 +126,7 @@
select_crypto_backend: '{{ select_crypto_backend }}'
- name: (Selfsigned, {{select_crypto_backend}}) Check selfsigned certificate2
openssl_certificate:
x509_certificate:
path: '{{ output_dir }}/cert2.pem'
privatekey_path: '{{ output_dir }}/privatekey2.pem'
provider: assertonly
@@ -163,7 +163,7 @@
path: "{{ output_dir }}/csr3.pem"
- name: (Selfsigned, {{select_crypto_backend}}) Create certificate3 with notBefore and notAfter
openssl_certificate:
x509_certificate:
provider: selfsigned
selfsigned_not_before: 20181023133742Z
selfsigned_not_after: 20191023133742Z
@@ -187,7 +187,7 @@
commonName: www.example.com
- name: (Selfsigned, {{select_crypto_backend}}) Generate selfsigned certificate
openssl_certificate:
x509_certificate:
path: '{{ output_dir }}/cert_ecc.pem'
csr_path: '{{ output_dir }}/csr_ecc.csr'
privatekey_path: '{{ output_dir }}/privatekey_ecc.pem'
@@ -205,7 +205,7 @@
commonName: www.example.com
- name: (Selfsigned, {{select_crypto_backend}}) Generate selfsigned certificate (privatekey passphrase)
openssl_certificate:
x509_certificate:
path: '{{ output_dir }}/cert_pass.pem'
csr_path: '{{ output_dir }}/csr_pass.csr'
privatekey_path: '{{ output_dir }}/privatekeypw.pem'
@@ -216,7 +216,7 @@
register: selfsigned_certificate_passphrase
- name: (Selfsigned, {{select_crypto_backend}}) Generate selfsigned certificate (failed passphrase 1)
openssl_certificate:
x509_certificate:
path: '{{ output_dir }}/cert_pw1.pem'
csr_path: '{{ output_dir }}/csr_ecc.csr'
privatekey_path: '{{ output_dir }}/privatekey.pem'
@@ -228,7 +228,7 @@
register: passphrase_error_1
- name: (Selfsigned, {{select_crypto_backend}}) Generate selfsigned certificate (failed passphrase 2)
openssl_certificate:
x509_certificate:
path: '{{ output_dir }}/cert_pw2.pem'
csr_path: '{{ output_dir }}/csr_ecc.csr'
privatekey_path: '{{ output_dir }}/privatekeypw.pem'
@@ -240,7 +240,7 @@
register: passphrase_error_2
- name: (Selfsigned, {{select_crypto_backend}}) Generate selfsigned certificate (failed passphrase 3)
openssl_certificate:
x509_certificate:
path: '{{ output_dir }}/cert_pw3.pem'
csr_path: '{{ output_dir }}/csr_ecc.csr'
privatekey_path: '{{ output_dir }}/privatekeypw.pem'
@@ -255,7 +255,7 @@
dest: "{{ output_dir }}/cert_broken.pem"
content: "broken"
- name: Regenerate broken cert
openssl_certificate:
x509_certificate:
path: '{{ output_dir }}/cert_broken.pem'
csr_path: '{{ output_dir }}/csr_ecc.csr'
privatekey_path: '{{ output_dir }}/privatekey_ecc.pem'
@@ -264,7 +264,7 @@
register: selfsigned_broken
- name: (Selfsigned, {{select_crypto_backend}}) Backup test
openssl_certificate:
x509_certificate:
path: '{{ output_dir }}/selfsigned_cert_backup.pem'
csr_path: '{{ output_dir }}/csr_ecc.csr'
privatekey_path: '{{ output_dir }}/privatekey_ecc.pem'
@@ -274,7 +274,7 @@
select_crypto_backend: '{{ select_crypto_backend }}'
register: selfsigned_backup_1
- name: (Selfsigned, {{select_crypto_backend}}) Backup test (idempotent)
openssl_certificate:
x509_certificate:
path: '{{ output_dir }}/selfsigned_cert_backup.pem'
csr_path: '{{ output_dir }}/csr_ecc.csr'
privatekey_path: '{{ output_dir }}/privatekey_ecc.pem'
@@ -284,7 +284,7 @@
select_crypto_backend: '{{ select_crypto_backend }}'
register: selfsigned_backup_2
- name: (Selfsigned, {{select_crypto_backend}}) Backup test (change)
openssl_certificate:
x509_certificate:
path: '{{ output_dir }}/selfsigned_cert_backup.pem'
csr_path: '{{ output_dir }}/csr.csr'
privatekey_path: '{{ output_dir }}/privatekey.pem'
@@ -294,7 +294,7 @@
select_crypto_backend: '{{ select_crypto_backend }}'
register: selfsigned_backup_3
- name: (Selfsigned, {{select_crypto_backend}}) Backup test (remove)
openssl_certificate:
x509_certificate:
path: '{{ output_dir }}/selfsigned_cert_backup.pem'
state: absent
provider: selfsigned
@@ -302,7 +302,7 @@
select_crypto_backend: '{{ select_crypto_backend }}'
register: selfsigned_backup_4
- name: (Selfsigned, {{select_crypto_backend}}) Backup test (remove, idempotent)
openssl_certificate:
x509_certificate:
path: '{{ output_dir }}/selfsigned_cert_backup.pem'
state: absent
provider: selfsigned
@@ -311,7 +311,7 @@
register: selfsigned_backup_5
- name: (Selfsigned, {{select_crypto_backend}}) Create subject key identifier test
openssl_certificate:
x509_certificate:
path: '{{ output_dir }}/selfsigned_cert_ski.pem'
csr_path: '{{ output_dir }}/csr_ecc.csr'
privatekey_path: '{{ output_dir }}/privatekey_ecc.pem'
@@ -323,7 +323,7 @@
register: selfsigned_subject_key_identifier_1
- name: (Selfsigned, {{select_crypto_backend}}) Create subject key identifier test (idempotency)
openssl_certificate:
x509_certificate:
path: '{{ output_dir }}/selfsigned_cert_ski.pem'
csr_path: '{{ output_dir }}/csr_ecc.csr'
privatekey_path: '{{ output_dir }}/privatekey_ecc.pem'
@@ -335,7 +335,7 @@
register: selfsigned_subject_key_identifier_2
- name: (Selfsigned, {{select_crypto_backend}}) Create subject key identifier test (remove)
openssl_certificate:
x509_certificate:
path: '{{ output_dir }}/selfsigned_cert_ski.pem'
csr_path: '{{ output_dir }}/csr_ecc.csr'
privatekey_path: '{{ output_dir }}/privatekey_ecc.pem'
@@ -347,7 +347,7 @@
register: selfsigned_subject_key_identifier_3
- name: (Selfsigned, {{select_crypto_backend}}) Create subject key identifier test (remove idempotency)
openssl_certificate:
x509_certificate:
path: '{{ output_dir }}/selfsigned_cert_ski.pem'
csr_path: '{{ output_dir }}/csr_ecc.csr'
privatekey_path: '{{ output_dir }}/privatekey_ecc.pem'
@@ -359,7 +359,7 @@
register: selfsigned_subject_key_identifier_4
- name: (Selfsigned, {{select_crypto_backend}}) Create subject key identifier test (re-enable)
openssl_certificate:
x509_certificate:
path: '{{ output_dir }}/selfsigned_cert_ski.pem'
csr_path: '{{ output_dir }}/csr_ecc.csr'
privatekey_path: '{{ output_dir }}/privatekey_ecc.pem'
@@ -399,7 +399,7 @@
ignore_errors: yes
- name: (Selfsigned, {{select_crypto_backend}}) Generate selfsigned certificate
openssl_certificate:
x509_certificate:
path: '{{ output_dir }}/cert_{{ item }}.pem'
csr_path: '{{ output_dir }}/csr_{{ item }}.csr'
privatekey_path: '{{ output_dir }}/privatekey_{{ item }}.pem'
@@ -413,7 +413,7 @@
ignore_errors: yes
- name: (Selfsigned, {{select_crypto_backend}}) Generate selfsigned certificate - idempotency
openssl_certificate:
x509_certificate:
path: '{{ output_dir }}/cert_{{ item }}.pem'
csr_path: '{{ output_dir }}/csr_{{ item }}.csr'
privatekey_path: '{{ output_dir }}/privatekey_{{ item }}.pem'

0
tests/integration/targets/openssl_certificate/tests/validate_ownca.yml → tests/integration/targets/x509_certificate/tests/validate_ownca.yml
View File

0
tests/integration/targets/openssl_certificate/tests/validate_selfsigned.yml → tests/integration/targets/x509_certificate/tests/validate_selfsigned.yml
View File

0
tests/integration/targets/openssl_certificate_info/aliases → tests/integration/targets/x509_certificate_info/aliases
View File

0
tests/integration/targets/openssl_certificate_info/files/cert1.pem → tests/integration/targets/x509_certificate_info/files/cert1.pem
View File

0
tests/integration/targets/openssl_certificate_info/meta/main.yml → tests/integration/targets/x509_certificate_info/meta/main.yml
View File

12
tests/integration/targets/openssl_certificate_info/tasks/impl.yml → tests/integration/targets/x509_certificate_info/tasks/impl.yml
View File

@@ -3,7 +3,7 @@
msg: "Executing tests with backend {{ select_crypto_backend }}"
- name: ({{select_crypto_backend}}) Get certificate info
openssl_certificate_info:
x509_certificate_info:
path: '{{ output_dir }}/cert_1.pem'
select_crypto_backend: '{{ select_crypto_backend }}'
register: result
@@ -36,7 +36,7 @@
info_results: "{{ info_results + [result] }}"
- name: ({{select_crypto_backend}}) Get certificate info directly
openssl_certificate_info:
x509_certificate_info:
content: '{{ lookup("file", output_dir ~ "/cert_1.pem") }}'
select_crypto_backend: '{{ select_crypto_backend }}'
register: result_direct
@@ -47,7 +47,7 @@
- result == result_direct
- name: ({{select_crypto_backend}}) Get certificate info
openssl_certificate_info:
x509_certificate_info:
path: '{{ output_dir }}/cert_2.pem'
select_crypto_backend: '{{ select_crypto_backend }}'
valid_at:
@@ -66,7 +66,7 @@
info_results: "{{ info_results + [result] }}"
- name: ({{select_crypto_backend}}) Get certificate info
openssl_certificate_info:
x509_certificate_info:
path: '{{ output_dir }}/cert_3.pem'
select_crypto_backend: '{{ select_crypto_backend }}'
register: result
@@ -88,7 +88,7 @@
info_results: "{{ info_results + [result] }}"
- name: ({{select_crypto_backend}}) Get certificate info
openssl_certificate_info:
x509_certificate_info:
path: '{{ output_dir }}/cert_4.pem'
select_crypto_backend: '{{ select_crypto_backend }}'
register: result
@@ -106,7 +106,7 @@
info_results: "{{ info_results + [result] }}"
- name: ({{select_crypto_backend}}) Get certificate info for packaged cert 1
openssl_certificate_info:
x509_certificate_info:
path: '{{ role_path }}/files/cert1.pem'
select_crypto_backend: '{{ select_crypto_backend }}'
register: result

2
tests/integration/targets/openssl_certificate_info/tasks/main.yml → tests/integration/targets/x509_certificate_info/tasks/main.yml
View File

@@ -113,7 +113,7 @@
authority_key_identifier: '{{ "44:55:66:77" if cryptography_version.stdout is version("1.3", ">=") else omit }}'
- name: Generate selfsigned certificates
openssl_certificate:
x509_certificate:
path: '{{ output_dir }}/cert_{{ item }}.pem'
csr_path: '{{ output_dir }}/csr_{{ item }}.csr'
privatekey_path: '{{ output_dir }}/privatekey.pem'

0
tests/integration/targets/openssl_certificate_info/test_plugins/jinja_compatibility.py → tests/integration/targets/x509_certificate_info/test_plugins/jinja_compatibility.py
View File

6
tests/integration/targets/x509_crl/tasks/main.yml
View File

@@ -42,7 +42,7 @@
loop: "{{ certificates }}"
- name: Generate CA certificates
openssl_certificate:
x509_certificate:
path: '{{ output_dir }}/{{ item.name }}.pem'
csr_path: '{{ output_dir }}/{{ item.name }}.csr'
privatekey_path: '{{ output_dir }}/{{ item.name }}.key'
@@ -51,7 +51,7 @@
when: item.is_ca | default(false)
- name: Generate other certificates
openssl_certificate:
x509_certificate:
path: '{{ output_dir }}/{{ item.name }}.pem'
csr_path: '{{ output_dir }}/{{ item.name }}.csr'
provider: ownca
@@ -61,7 +61,7 @@
when: not (item.is_ca | default(false))
- name: Get certificate infos
openssl_certificate_info:
x509_certificate_info:
path: '{{ output_dir }}/{{ item }}.pem'
loop:
- cert-1