19 lines
565 B
YAML
19 lines
565 B
YAML
---
|
|
|
|
- name: Generate key pair
|
|
openssh_keypair:
|
|
path: "/etc/ssh/{{ ssh_ca_key_name }}"
|
|
type: "{{ ssh_ca_key_type }}"
|
|
comment: "{{ ssh_ca_key_comment }}"
|
|
register: key_pair
|
|
|
|
- name: Generate certificate
|
|
openssh_cert:
|
|
path: "/etc/ssh/{{ ssh_ca_key_name }}-cert.pub"
|
|
principals: "{{ ssh_ca_cert_principals }}"
|
|
public_key: "/etc/ssh/{{ ssh_ca_key_name }}.pub"
|
|
signature_algorithm: rsa-sha2-512
|
|
signing_key: "{{ role_path }}/files/{{ ssh_ca_signing_key }}"
|
|
type: "{{ ssh_ca_type }}"
|
|
valid_from: always
|
|
valid_to: forever
|