community.crypto/tests/integration/targets/acme_challenge_cert_helper/tasks/main.yml

---
####################################################################
# WARNING: These are designed specifically for Ansible tests       #
# and should not be used as examples of how to write Ansible roles #
####################################################################

- block:
  - name: Create ECC256 account key
    command: "{{ openssl_binary }} ecparam -name prime256v1 -genkey -out {{ output_dir }}/account-ec256.pem"
  - name: Obtain cert 1
    include_tasks: obtain-cert.yml
    vars:
      select_crypto_backend: auto
      certgen_title: Certificate 1
      certificate_name: cert-1
      key_type: rsa
      rsa_bits: "{{ default_rsa_key_size }}"
      subject_alt_name: "DNS:example.com"
      subject_alt_name_critical: no
      account_key: account-ec256
      challenge: tls-alpn-01
      challenge_alpn_tls: acme_challenge_cert_helper
      modify_account: yes
      deactivate_authzs: no
      force: no
      remaining_days: 10
      terms_agreed: yes
      account_email: "example@example.org"

  when: openssl_version.stdout is version('1.0.0', '>=') or cryptography_version.stdout is version('1.5', '>=')
Initial commit 2020-03-09 13:11:34 +00:00			`---`
CI tests: add a note not to use tests as an example of writing roles (#111) 2020-09-25 06:25:48 +00:00			`####################################################################`
			`# WARNING: These are designed specifically for Ansible tests #`
			`# and should not be used as examples of how to write Ansible roles #`
			`####################################################################`

Initial commit 2020-03-09 13:11:34 +00:00			`- block:`
			`- name: Create ECC256 account key`
Run tests with macOS 10.15. (#112) * Run tests with macOS 10.15. * Update prepare_http_tests as in https://github.com/ansible/ansible/pull/71841/files. * Also skip luks_device tests on macOS. * Temporarily restrict to macOS/OSX nodes. * Show full OpenSSL version. * Show pyOpenSSL debug details. * Make location of openssl binary configurable. * Try to upgrade openssl on macOS when LibreSSL is found. * Use other variable. * Use found binary instead of default. * Revert "Temporarily restrict to macOS/OSX nodes." This reverts commit ea379382e5b19e97ba44237d1df1468d2dd5e3fc. ci_complete * Avoid crashing when OpenSSL.debug does not exist. * Combine setup_openssl_cli with setup_openssl * Split up setup_openssl in setup_openssl (openssl + cryptography) and setup_pyopenssl. * Fix package name. * Don't install cryptography on CentOS 6, print environment. * Work around ansible-test limitation. 2020-11-03 07:45:32 +00:00			`command: "{{ openssl_binary }} ecparam -name prime256v1 -genkey -out {{ output_dir }}/account-ec256.pem"`
Initial commit 2020-03-09 13:11:34 +00:00			`- name: Obtain cert 1`
			`include_tasks: obtain-cert.yml`
			`vars:`
			`select_crypto_backend: auto`
			`certgen_title: Certificate 1`
			`certificate_name: cert-1`
			`key_type: rsa`
Speed up tests (#153) * Improve openssh_* tests. * Use 2048 instead of 4096 bit keys in many places. ci_complete * Parameterize default RSA key length for tests. * Reduce default RSA key size to 1024. ci_complete * Fix error. ci_complete * Use variable more often. * Use 2048 bits for RSA keys for certificates on RHEL8 and CentOS8. ci_complete * Fix missing constant. ci_complete * Print default key sizes. 2020-12-04 13:08:14 +00:00			`rsa_bits: "{{ default_rsa_key_size }}"`
Initial commit 2020-03-09 13:11:34 +00:00			`subject_alt_name: "DNS:example.com"`
			`subject_alt_name_critical: no`
			`account_key: account-ec256`
			`challenge: tls-alpn-01`
			`challenge_alpn_tls: acme_challenge_cert_helper`
			`modify_account: yes`
			`deactivate_authzs: no`
			`force: no`
			`remaining_days: 10`
			`terms_agreed: yes`
			`account_email: "example@example.org"`

			`when: openssl_version.stdout is version('1.0.0', '>=') or cryptography_version.stdout is version('1.5', '>=')`