How to Generate SSL Certificate using Ansible | Generation CSR using Ansible

Linuxtopic
Linuxtopic
August 21, 2019
4





In this tutorial we will install openssl package and use following listed modules



Openssl_privatekey - To generate private key

Openssl_csr - To generate csr file

Openssl_certificate - To Generate certificate



Before we start this tutorial we read example and doc of all module


ansible-doc openssl_privatekeyansible-doc openssl_csransible-doc openssl_certificate





Step 1:



Go to ansible main directory and create yml file with suitable name


cd /etc/ansiblevi ssl-certs.yml


#We define name and hosts entry for execution of this playbook, you can replace 127.0.0.1 with your targeted hosts or group





---


- name: generate ssl certificate


  hosts: 127.0.0.1


  gather_facts: false




# For generation of SSL certs we required a openssl package so our first task is to install package on remote/localhost, 




  tasks:





  - name: Install openssl package


    yum: name=openssl state=latest





# This is optional steps to keep ssl certificate, create a directory





  - name: Create ssl directory


    file: path=/etc/ssl/linuxtopic state=directory mode=0775





# Now we will generate a private key by using a "openssl_privatekey" module 





  - name: Generate Private key


    openssl_privatekey: path=/etc/ssl/linuxtopic/server-master.key





# After generation of key we will generate csr with the help of "openssl_csr" module 





  - name: Generate CSR


    openssl_csr: 


     path: /etc/ssl/linuxtopic/linuxtopic-client.csr


     privatekey_path: /etc/ssl/linuxtopic/server-master.key 


     common_name: linuxtopic.com 


     country_name: IN


     email_address: lokesh@linuxtopic.com


     organization_name: linuxtopic





# at the end of the tasks we will generate certificate using  "openssl_certificate" module





  - name: Generate a self signed certificate


    openssl_certificate:


     csr_path: /etc/ssl/linuxtopic/linuxtopic-client.csr


     path: /etc/ssl/linuxtopic/linuxtopic-self-signed.crt


     privatekey_path: /etc/ssl/linuxtopic/server-master.key


     provider: selfsigned










Step 2:





To execute ansible playbook


ansible-playbook ssl-certs.yml






Step 3: 





To Verify 


ls -lah /etc/ssl/linuxtopic/









Your support is must so Please Like, share and comment on this ansible  artical.

Thanks,
www.linuxtopic.com





Tags:

You may like these posts

Show more

Post a Comment

4Comments

  1. Unknown30 March 2020 at 16:55

    I am incessantly thought about this, thanks for putting up. webflow experts

    ReplyDelete
  2. Olexandr25 May 2020 at 23:15

    Thank you! It helped greatly

    ReplyDelete
  3. seoperson4 November 2021 at 19:49

    Maybe you want a career change or are just starting out with a career. Maybe you also need or want a boost in your career. Maybe you need help to enhance your income as well. Getting a certification in a hot field can help. https://certificateholder.shutterfly.com/

    ReplyDelete
  4. MH_Services9 March 2022 at 20:49

    Secure Socket Layer (Protect your Website with SafeSSL ) is a safety protocol that ensures the safety of information between web browser and server. It is mandatory in today's competitive world to achieve customer's satisfaction and trust in business.

    ReplyDelete
Post a Comment

#buttons=(Ok, Go it!) #days=(20)

Our website uses cookies to enhance your experience. Check Now
Ok, Go it!
Share to other apps
Copy Post Link