Christoph Haas
10 年之前
共有 1 個文件被更改,包括 4 次插入 和 5 次删除
統一視圖
Diff Options
+ 4
- 5
roles/ispmail-certificate/tasks/main.yml
查看文件
| @@ -1,14 +1,13 @@ | |||||
| --- | --- | ||||
| - name: Create a self-signed certificate | - name: Create a self-signed certificate | ||||
| command: > | command: > | ||||
| openssl req -new | |||||
| -x509 | |||||
| -nodes | |||||
| -extensions v3_ca | |||||
| openssl req -newkey rsa:4096 | |||||
| -nodes -sha512 -x509 | |||||
| -days {{ ispmail_certificate_days_valid }} | -days {{ ispmail_certificate_days_valid }} | ||||
| -nodes | |||||
| -subj "/C={{ ispmail_certificate_country }}/ST={{ ispmail_certificate_state }}/L={{ ispmail_certificate_location }}/O={{ ispmail_certificate_organisation }}/OU={{ ispmail_certificate_orgunit }}{% for domain in ispmail_certificate_domains %}/CN={{ domain }}{% endfor %}/emailAddress={{ ispmail_certificate_email }}" | -subj "/C={{ ispmail_certificate_country }}/ST={{ ispmail_certificate_state }}/L={{ ispmail_certificate_location }}/O={{ ispmail_certificate_organisation }}/OU={{ ispmail_certificate_orgunit }}{% for domain in ispmail_certificate_domains %}/CN={{ domain }}{% endfor %}/emailAddress={{ ispmail_certificate_email }}" | ||||
| -keyout /etc/ssl/private/mailserver.pem | |||||
| -out /etc/ssl/certs/mailserver.pem | -out /etc/ssl/certs/mailserver.pem | ||||
| -keyout /etc/ssl/private/mailserver.pem | |||||
| args: | args: | ||||
| creates: /etc/ssl/certs/mailserver.pem | creates: /etc/ssl/certs/mailserver.pem | ||||
| - name: Restrict access permissions of the private key | - name: Restrict access permissions of the private key | ||||