0a3da471f5
* Begin rewrite of win_iis_webbinding Add integration testing, check mode and idempotency Add support for SNI Fix replacing SSL cert on existing bindings * finished up initial rewrite of win_iis_webbinding * updated test to remove tests as filters * updated win_iis_webbinding docs * fix more doc/formatting issues win_iis_webbinding * Removed string empty defaults for certs. Added a few new helpful comments. * Revert "Removed string empty defaults for certs. Added a few new helpful" This reverts commit 48f35faea8d5294b34e1aa842a95c9352b90257f.
74 lines
1.9 KiB
YAML
74 lines
1.9 KiB
YAML
- name: failure check bind with host header but no wc or sni
|
|
win_iis_webbinding:
|
|
name: "{{ test_iis_site_name }}"
|
|
state: present
|
|
host_header: test.com
|
|
protocol: https
|
|
ip: '*'
|
|
port: 443
|
|
certificate_hash: "{{ thumbprint1.stdout_lines[0] }}"
|
|
ssl_flags: 0
|
|
register: failure
|
|
failed_when:
|
|
- failure.msg != "You cannot specify host headers with SSL unless it is a wildcard certificate."
|
|
- failure.msg != "You cannot specify host headers with SSL unless it is a wildcard certificate or SNI is enabled."
|
|
|
|
- debug:
|
|
var: failure
|
|
verbosity: 1
|
|
|
|
- block:
|
|
- name: get all websites from server
|
|
raw: powershell.exe "(get-website).name"
|
|
register: existing_sites
|
|
|
|
- name: ensure all sites are removed for clean testing
|
|
win_iis_website:
|
|
name: "{{ item }}"
|
|
state: absent
|
|
with_items:
|
|
- "{{ existing_sites.stdout_lines }}"
|
|
|
|
- name: add sites
|
|
win_iis_website:
|
|
name: "{{ item.name }}"
|
|
state: started
|
|
ip: 127.0.0.1
|
|
port: "{{ item.port }}"
|
|
physical_path: c:\inetpub\wwwroot
|
|
with_items:
|
|
- {name: testconflict1, port: 8080}
|
|
- {name: testconflict2, port: 8081}
|
|
|
|
- name: add https binding to testconflict1
|
|
win_iis_webbinding:
|
|
name: testconflict1
|
|
state: present
|
|
protocol: https
|
|
port: 443
|
|
ip: 127.0.0.1
|
|
certificate_hash: "{{ thumbprint1.stdout_lines[0] }}"
|
|
|
|
- name: add https binding to testconflict2 (expect failure)
|
|
win_iis_webbinding:
|
|
name: testconflict2
|
|
state: present
|
|
protocol: https
|
|
ip: 127.0.0.1
|
|
port: 443
|
|
certificate_hash: "{{ thumbprint1.stdout_lines[0] }}"
|
|
register: failure
|
|
failed_when: '"A conflicting binding has been found on the same ip" not in failure.msg'
|
|
|
|
- debug:
|
|
var: failure
|
|
verbosity: 1
|
|
|
|
always:
|
|
- name: remove websites
|
|
win_iis_website:
|
|
name: "{{ item }}"
|
|
state: absent
|
|
with_items:
|
|
- testconflict1
|
|
- testconflict2
|