2017-07-25 11:18:18 +00:00
|
|
|
- name: Validate CSR (test - privatekey modulus)
|
|
|
|
shell: 'openssl rsa -noout -modulus -in {{ output_dir }}/privatekey.pem | openssl md5'
|
|
|
|
register: privatekey_modulus
|
|
|
|
|
|
|
|
- name: Validate CSR (test - Common Name)
|
|
|
|
shell: "openssl req -noout -subject -in {{ output_dir }}/csr.csr -nameopt oneline,-space_eq"
|
|
|
|
register: csr_cn
|
|
|
|
|
|
|
|
- name: Validate CSR (test - csr modulus)
|
|
|
|
shell: 'openssl req -noout -modulus -in {{ output_dir }}/csr.csr | openssl md5'
|
|
|
|
register: csr_modulus
|
|
|
|
|
|
|
|
- name: Validate CSR (assert)
|
|
|
|
assert:
|
|
|
|
that:
|
|
|
|
- csr_cn.stdout.split('=')[-1] == 'www.ansible.com'
|
|
|
|
- csr_modulus.stdout == privatekey_modulus.stdout
|
2017-09-14 16:03:00 +00:00
|
|
|
|
|
|
|
- name: Validate CSR_KU_XKU (assert idempotency)
|
|
|
|
assert:
|
|
|
|
that:
|
|
|
|
- csr_ku_xku.changed == False
|