other_certificates is not pulling all certs in file #149
Comments
|
I did manage a workaround by breaking the chain cert into 3 different certs and was able to load them all with "other_certificates". Would like for the module to pull all 3 certs from the original file if possible. |
|
If someone is interested in implementing this, here's some code which could be used: https://github.com/ansible-collections/community.crypto/blob/main/plugins/modules/certificate_complete_chain.py#L192-L218 It probably makes sense to refactor this to have a function which splits a string into a list of strings, each containing one certificate. |
|
resolved_by_pr #166 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Here is my ansible cfg
become: yes
become_user: "{{ app_user }}"
community.crypto.openssl_pkcs12:
action: export
path: "{{ sslpath }}/{{ fqdn_v }}/{{ fqdn_v }}.pfx"
friendly_name: "{{ fqdn_v }}"
privatekey_path: "{{ sslpath }}/{{ fqdn_v }}/{{ fqdn_v }}.key"
certificate_path: "{{ sslpath }}/{{ fqdn_v }}/{{ fqdn_v }}.crt"
other_certificates: "{{ sslpath }}/{{ fqdn_v}}/{{ InCommon_crt }}"
passphrase: "{{ pfx_pass }}"
state: present
mode: "0644"
the "InCommon_crt" contains the whole chain, but when it goes and reads the .crt it only pulls the first certificate entry it finds:
There are 3 sets of certs in the InCommon.crt file.
All being and end with:
-----BEGIN CERTIFICATE-----
-----END CERTIFICATE-----
The text was updated successfully, but these errors were encountered: