a-c-m
/
community.crypto
mirror of https://github.com/ansible-collections/community.crypto.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
community.crypto/tests/integration/targets/x509_crl/tasks/impl.yml

698 lines
22 KiB
YAML
Raw Normal View History

Initial commit
2020-03-09 13:11:34 +00:00
---
Move licenses to LICENSES/, use SPDX-License-Identifier, mention all licenses in galaxy.yml (#491) * Add SPDX license identifiers, mention all licenses in galaxy.yml. * Add default copyright headers. * Add headers for documents. * Fix/add more copyright statements. * Add copyright / license info for vendored code. * Add extra sanity test. * Add changelog fragment. * Comment PSF-2.0 license out in galaxy.yml for now. * Remove colon after 'Copyright'. * Avoid colon after 'Copyright' in lint script. * Mention correct filename. * Add BSD-3-Clause. * Improve lint script. * Update README. * Symlinks...
2022-07-21 05:27:26 +00:00
# Copyright (c) Ansible Project
# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
# SPDX-License-Identifier: GPL-3.0-or-later
Avoid crash in check mode (#243) * Do not let AnsibleModule crash when setting permissions on not yet existing files in check mode. * Add tests. * Fix bugs.
2021-06-02 14:44:26 +00:00
- name: Create CRL 1 (check mode)
x509_crl:
Improve CI (#268) * Remove superfluous remote_src. * Use temp dir twice instead of output_dir. * Use remote temp directory instead of output_dir. * Fix syntax error. * Add some fixes. * Copy more files to remote. * More fixes. * Fixing ACME/'cloud' tests. * Forgot when. * Try to fix filters. * Skip unnecessary steps. * Avoid collision.
2021-09-07 20:37:40 +00:00
path: '{{ remote_tmp_dir }}/ca-crl1.crl'
privatekey_path: '{{ remote_tmp_dir }}/ca.key'
Avoid crash in check mode (#243) * Do not let AnsibleModule crash when setting permissions on not yet existing files in check mode. * Add tests. * Fix bugs.
2021-06-02 14:44:26 +00:00
issuer:
CN: Ansible
last_update: 20191013000000Z
next_update: 20191113000000Z
revoked_certificates:
Improve CI (#268) * Remove superfluous remote_src. * Use temp dir twice instead of output_dir. * Use remote temp directory instead of output_dir. * Fix syntax error. * Add some fixes. * Copy more files to remote. * More fixes. * Fixing ACME/'cloud' tests. * Forgot when. * Try to fix filters. * Skip unnecessary steps. * Avoid collision.
2021-09-07 20:37:40 +00:00
- path: '{{ remote_tmp_dir }}/cert-1.pem'
Avoid crash in check mode (#243) * Do not let AnsibleModule crash when setting permissions on not yet existing files in check mode. * Add tests. * Fix bugs.
2021-06-02 14:44:26 +00:00
revocation_date: 20191013000000Z
Improve CI (#268) * Remove superfluous remote_src. * Use temp dir twice instead of output_dir. * Use remote temp directory instead of output_dir. * Fix syntax error. * Add some fixes. * Copy more files to remote. * More fixes. * Fixing ACME/'cloud' tests. * Forgot when. * Try to fix filters. * Skip unnecessary steps. * Avoid collision.
2021-09-07 20:37:40 +00:00
- path: '{{ remote_tmp_dir }}/cert-2.pem'
Avoid crash in check mode (#243) * Do not let AnsibleModule crash when setting permissions on not yet existing files in check mode. * Add tests. * Fix bugs.
2021-06-02 14:44:26 +00:00
revocation_date: 20191013000000Z
reason: key_compromise
Normalize bools in tests. (#577)
2023-02-15 21:23:36 +00:00
reason_critical: true
Avoid crash in check mode (#243) * Do not let AnsibleModule crash when setting permissions on not yet existing files in check mode. * Add tests. * Fix bugs.
2021-06-02 14:44:26 +00:00
invalidity_date: 20191012000000Z
- serial_number: 1234
revocation_date: 20191001000000Z
check_mode: true
register: crl_1_check
Initial commit
2020-03-09 13:11:34 +00:00
- name: Create CRL 1
x509_crl:
Improve CI (#268) * Remove superfluous remote_src. * Use temp dir twice instead of output_dir. * Use remote temp directory instead of output_dir. * Fix syntax error. * Add some fixes. * Copy more files to remote. * More fixes. * Fixing ACME/'cloud' tests. * Forgot when. * Try to fix filters. * Skip unnecessary steps. * Avoid collision.
2021-09-07 20:37:40 +00:00
path: '{{ remote_tmp_dir }}/ca-crl1.crl'
privatekey_path: '{{ remote_tmp_dir }}/ca.key'
Initial commit
2020-03-09 13:11:34 +00:00
issuer:
CN: Ansible
last_update: 20191013000000Z
next_update: 20191113000000Z
revoked_certificates:
Improve CI (#268) * Remove superfluous remote_src. * Use temp dir twice instead of output_dir. * Use remote temp directory instead of output_dir. * Fix syntax error. * Add some fixes. * Copy more files to remote. * More fixes. * Fixing ACME/'cloud' tests. * Forgot when. * Try to fix filters. * Skip unnecessary steps. * Avoid collision.
2021-09-07 20:37:40 +00:00
- path: '{{ remote_tmp_dir }}/cert-1.pem'
Initial commit
2020-03-09 13:11:34 +00:00
revocation_date: 20191013000000Z
Improve CI (#268) * Remove superfluous remote_src. * Use temp dir twice instead of output_dir. * Use remote temp directory instead of output_dir. * Fix syntax error. * Add some fixes. * Copy more files to remote. * More fixes. * Fixing ACME/'cloud' tests. * Forgot when. * Try to fix filters. * Skip unnecessary steps. * Avoid collision.
2021-09-07 20:37:40 +00:00
- path: '{{ remote_tmp_dir }}/cert-2.pem'
Initial commit
2020-03-09 13:11:34 +00:00
revocation_date: 20191013000000Z
reason: key_compromise
Normalize bools in tests. (#577)
2023-02-15 21:23:36 +00:00
reason_critical: true
Initial commit
2020-03-09 13:11:34 +00:00
invalidity_date: 20191012000000Z
- serial_number: 1234
revocation_date: 20191001000000Z
register: crl_1
x509_crl_info: allow to not enumerate revoked certificates (#232) * Allow to not enumerate revoked certificates. * Forgot to remove one instance. * Add example.
2021-05-19 07:32:30 +00:00
Avoid crash in check mode (#243) * Do not let AnsibleModule crash when setting permissions on not yet existing files in check mode. * Add tests. * Fix bugs.
2021-06-02 14:44:26 +00:00
- assert:
that:
- crl_1_check is changed
- crl_1 is changed
Initial commit
2020-03-09 13:11:34 +00:00
- name: Retrieve CRL 1 infos
x509_crl_info:
Improve CI (#268) * Remove superfluous remote_src. * Use temp dir twice instead of output_dir. * Use remote temp directory instead of output_dir. * Fix syntax error. * Add some fixes. * Copy more files to remote. * More fixes. * Fixing ACME/'cloud' tests. * Forgot when. * Try to fix filters. * Skip unnecessary steps. * Avoid collision.
2021-09-07 20:37:40 +00:00
path: '{{ remote_tmp_dir }}/ca-crl1.crl'
Initial commit
2020-03-09 13:11:34 +00:00
register: crl_1_info_1
x509_crl_info: allow to not enumerate revoked certificates (#232) * Allow to not enumerate revoked certificates. * Forgot to remove one instance. * Add example.
2021-05-19 07:32:30 +00:00
Add filter module base, prepare adding filters (#553) * Improve string handling. * Cleanup tests. * Add filter module mock.
2022-12-30 19:44:13 +00:00
- name: Read ca-crl1.crl
Improve CI (#268) * Remove superfluous remote_src. * Use temp dir twice instead of output_dir. * Use remote temp directory instead of output_dir. * Fix syntax error. * Add some fixes. * Copy more files to remote. * More fixes. * Fixing ACME/'cloud' tests. * Forgot when. * Try to fix filters. * Skip unnecessary steps. * Avoid collision.
2021-09-07 20:37:40 +00:00
slurp:
src: '{{ remote_tmp_dir }}/ca-crl1.crl'
register: slurp
Initial commit
2020-03-09 13:11:34 +00:00
- name: Retrieve CRL 1 infos via file content
x509_crl_info:
Improve CI (#268) * Remove superfluous remote_src. * Use temp dir twice instead of output_dir. * Use remote temp directory instead of output_dir. * Fix syntax error. * Add some fixes. * Copy more files to remote. * More fixes. * Fixing ACME/'cloud' tests. * Forgot when. * Try to fix filters. * Skip unnecessary steps. * Avoid collision.
2021-09-07 20:37:40 +00:00
content: '{{ slurp.content | b64decode }}'
Initial commit
2020-03-09 13:11:34 +00:00
register: crl_1_info_2
x509_crl_info: allow to not enumerate revoked certificates (#232) * Allow to not enumerate revoked certificates. * Forgot to remove one instance. * Add example.
2021-05-19 07:32:30 +00:00
Add support for CRLs in DER format. (#29)
2020-05-15 07:57:07 +00:00
- name: Retrieve CRL 1 infos via file content (Base64)
x509_crl_info:
Improve CI (#268) * Remove superfluous remote_src. * Use temp dir twice instead of output_dir. * Use remote temp directory instead of output_dir. * Fix syntax error. * Add some fixes. * Copy more files to remote. * More fixes. * Fixing ACME/'cloud' tests. * Forgot when. * Try to fix filters. * Skip unnecessary steps. * Avoid collision.
2021-09-07 20:37:40 +00:00
content: '{{ slurp.content }}'
Add support for CRLs in DER format. (#29)
2020-05-15 07:57:07 +00:00
register: crl_1_info_3
x509_crl_info: allow to not enumerate revoked certificates (#232) * Allow to not enumerate revoked certificates. * Forgot to remove one instance. * Add example.
2021-05-19 07:32:30 +00:00
Initial commit
2020-03-09 13:11:34 +00:00
- name: Create CRL 1 (idempotent, check mode)
x509_crl:
Improve CI (#268) * Remove superfluous remote_src. * Use temp dir twice instead of output_dir. * Use remote temp directory instead of output_dir. * Fix syntax error. * Add some fixes. * Copy more files to remote. * More fixes. * Fixing ACME/'cloud' tests. * Forgot when. * Try to fix filters. * Skip unnecessary steps. * Avoid collision.
2021-09-07 20:37:40 +00:00
path: '{{ remote_tmp_dir }}/ca-crl1.crl'
privatekey_path: '{{ remote_tmp_dir }}/ca.key'
Initial commit
2020-03-09 13:11:34 +00:00
issuer:
CN: Ansible
last_update: 20191013000000Z
next_update: 20191113000000Z
revoked_certificates:
Improve CI (#268) * Remove superfluous remote_src. * Use temp dir twice instead of output_dir. * Use remote temp directory instead of output_dir. * Fix syntax error. * Add some fixes. * Copy more files to remote. * More fixes. * Fixing ACME/'cloud' tests. * Forgot when. * Try to fix filters. * Skip unnecessary steps. * Avoid collision.
2021-09-07 20:37:40 +00:00
- path: '{{ remote_tmp_dir }}/cert-1.pem'
Initial commit
2020-03-09 13:11:34 +00:00
revocation_date: 20191013000000Z
Improve CI (#268) * Remove superfluous remote_src. * Use temp dir twice instead of output_dir. * Use remote temp directory instead of output_dir. * Fix syntax error. * Add some fixes. * Copy more files to remote. * More fixes. * Fixing ACME/'cloud' tests. * Forgot when. * Try to fix filters. * Skip unnecessary steps. * Avoid collision.
2021-09-07 20:37:40 +00:00
- path: '{{ remote_tmp_dir }}/cert-2.pem'
Initial commit
2020-03-09 13:11:34 +00:00
revocation_date: 20191013000000Z
reason: key_compromise
Normalize bools in tests. (#577)
2023-02-15 21:23:36 +00:00
reason_critical: true
Initial commit
2020-03-09 13:11:34 +00:00
invalidity_date: 20191012000000Z
- serial_number: 1234
revocation_date: 20191001000000Z
Normalize bools in tests. (#577)
2023-02-15 21:23:36 +00:00
check_mode: true
Initial commit
2020-03-09 13:11:34 +00:00
register: crl_1_idem_check
x509_crl_info: allow to not enumerate revoked certificates (#232) * Allow to not enumerate revoked certificates. * Forgot to remove one instance. * Add example.
2021-05-19 07:32:30 +00:00
Initial commit
2020-03-09 13:11:34 +00:00
- name: Create CRL 1 (idempotent)
x509_crl:
Improve CI (#268) * Remove superfluous remote_src. * Use temp dir twice instead of output_dir. * Use remote temp directory instead of output_dir. * Fix syntax error. * Add some fixes. * Copy more files to remote. * More fixes. * Fixing ACME/'cloud' tests. * Forgot when. * Try to fix filters. * Skip unnecessary steps. * Avoid collision.
2021-09-07 20:37:40 +00:00
path: '{{ remote_tmp_dir }}/ca-crl1.crl'
privatekey_path: '{{ remote_tmp_dir }}/ca.key'
Initial commit
2020-03-09 13:11:34 +00:00
issuer:
CN: Ansible
last_update: 20191013000000Z
next_update: 20191113000000Z
revoked_certificates:
Improve CI (#268) * Remove superfluous remote_src. * Use temp dir twice instead of output_dir. * Use remote temp directory instead of output_dir. * Fix syntax error. * Add some fixes. * Copy more files to remote. * More fixes. * Fixing ACME/'cloud' tests. * Forgot when. * Try to fix filters. * Skip unnecessary steps. * Avoid collision.
2021-09-07 20:37:40 +00:00
- path: '{{ remote_tmp_dir }}/cert-1.pem'
Initial commit
2020-03-09 13:11:34 +00:00
revocation_date: 20191013000000Z
Improve CI (#268) * Remove superfluous remote_src. * Use temp dir twice instead of output_dir. * Use remote temp directory instead of output_dir. * Fix syntax error. * Add some fixes. * Copy more files to remote. * More fixes. * Fixing ACME/'cloud' tests. * Forgot when. * Try to fix filters. * Skip unnecessary steps. * Avoid collision.
2021-09-07 20:37:40 +00:00
- path: '{{ remote_tmp_dir }}/cert-2.pem'
Initial commit
2020-03-09 13:11:34 +00:00
revocation_date: 20191013000000Z
reason: key_compromise
Normalize bools in tests. (#577)
2023-02-15 21:23:36 +00:00
reason_critical: true
Initial commit
2020-03-09 13:11:34 +00:00
invalidity_date: 20191012000000Z
- serial_number: 1234
revocation_date: 20191001000000Z
register: crl_1_idem
x509_crl_info: allow to not enumerate revoked certificates (#232) * Allow to not enumerate revoked certificates. * Forgot to remove one instance. * Add example.
2021-05-19 07:32:30 +00:00
Add filter module base, prepare adding filters (#553) * Improve string handling. * Cleanup tests. * Add filter module mock.
2022-12-30 19:44:13 +00:00
- name: Read file
Improve CI (#268) * Remove superfluous remote_src. * Use temp dir twice instead of output_dir. * Use remote temp directory instead of output_dir. * Fix syntax error. * Add some fixes. * Copy more files to remote. * More fixes. * Fixing ACME/'cloud' tests. * Forgot when. * Try to fix filters. * Skip unnecessary steps. * Avoid collision.
2021-09-07 20:37:40 +00:00
slurp:
src: '{{ remote_tmp_dir }}/{{ item }}'
loop:
- ca.key
- cert-1.pem
- cert-2.pem
register: slurp
Allow to configure how serial numbers are provided to x509_crl. (#715)
2024-02-19 20:05:13 +00:00
- name: Create CRL 1 (idempotent with content and octet string serial, check mode)
Initial commit
2020-03-09 13:11:34 +00:00
x509_crl:
Improve CI (#268) * Remove superfluous remote_src. * Use temp dir twice instead of output_dir. * Use remote temp directory instead of output_dir. * Fix syntax error. * Add some fixes. * Copy more files to remote. * More fixes. * Fixing ACME/'cloud' tests. * Forgot when. * Try to fix filters. * Skip unnecessary steps. * Avoid collision.
2021-09-07 20:37:40 +00:00
path: '{{ remote_tmp_dir }}/ca-crl1.crl'
privatekey_content: "{{ slurp.results[0].content | b64decode }}"
Initial commit
2020-03-09 13:11:34 +00:00
issuer:
CN: Ansible
last_update: 20191013000000Z
next_update: 20191113000000Z
Allow to configure how serial numbers are provided to x509_crl. (#715)
2024-02-19 20:05:13 +00:00
serial_numbers: hex-octets
Initial commit
2020-03-09 13:11:34 +00:00
revoked_certificates:
Improve CI (#268) * Remove superfluous remote_src. * Use temp dir twice instead of output_dir. * Use remote temp directory instead of output_dir. * Fix syntax error. * Add some fixes. * Copy more files to remote. * More fixes. * Fixing ACME/'cloud' tests. * Forgot when. * Try to fix filters. * Skip unnecessary steps. * Avoid collision.
2021-09-07 20:37:40 +00:00
- content: "{{ slurp.results[1].content | b64decode }}"
Initial commit
2020-03-09 13:11:34 +00:00
revocation_date: 20191013000000Z
Improve CI (#268) * Remove superfluous remote_src. * Use temp dir twice instead of output_dir. * Use remote temp directory instead of output_dir. * Fix syntax error. * Add some fixes. * Copy more files to remote. * More fixes. * Fixing ACME/'cloud' tests. * Forgot when. * Try to fix filters. * Skip unnecessary steps. * Avoid collision.
2021-09-07 20:37:40 +00:00
- content: "{{ slurp.results[2].content | b64decode }}"
Initial commit
2020-03-09 13:11:34 +00:00
revocation_date: 20191013000000Z
reason: key_compromise
Normalize bools in tests. (#577)
2023-02-15 21:23:36 +00:00
reason_critical: true
Initial commit
2020-03-09 13:11:34 +00:00
invalidity_date: 20191012000000Z
Allow to configure how serial numbers are provided to x509_crl. (#715)
2024-02-19 20:05:13 +00:00
- serial_number: 04:D2
Initial commit
2020-03-09 13:11:34 +00:00
revocation_date: 20191001000000Z
Normalize bools in tests. (#577)
2023-02-15 21:23:36 +00:00
check_mode: true
Initial commit
2020-03-09 13:11:34 +00:00
register: crl_1_idem_content_check
x509_crl_info: allow to not enumerate revoked certificates (#232) * Allow to not enumerate revoked certificates. * Forgot to remove one instance. * Add example.
2021-05-19 07:32:30 +00:00
Allow to configure how serial numbers are provided to x509_crl. (#715)
2024-02-19 20:05:13 +00:00
- name: Create CRL 1 (idempotent with content and octet string serial)
Initial commit
2020-03-09 13:11:34 +00:00
x509_crl:
Improve CI (#268) * Remove superfluous remote_src. * Use temp dir twice instead of output_dir. * Use remote temp directory instead of output_dir. * Fix syntax error. * Add some fixes. * Copy more files to remote. * More fixes. * Fixing ACME/'cloud' tests. * Forgot when. * Try to fix filters. * Skip unnecessary steps. * Avoid collision.
2021-09-07 20:37:40 +00:00
path: '{{ remote_tmp_dir }}/ca-crl1.crl'
privatekey_content: "{{ slurp.results[0].content | b64decode }}"
Initial commit
2020-03-09 13:11:34 +00:00
issuer:
CN: Ansible
last_update: 20191013000000Z
next_update: 20191113000000Z
Allow to configure how serial numbers are provided to x509_crl. (#715)
2024-02-19 20:05:13 +00:00
serial_numbers: hex-octets
Initial commit
2020-03-09 13:11:34 +00:00
revoked_certificates:
Improve CI (#268) * Remove superfluous remote_src. * Use temp dir twice instead of output_dir. * Use remote temp directory instead of output_dir. * Fix syntax error. * Add some fixes. * Copy more files to remote. * More fixes. * Fixing ACME/'cloud' tests. * Forgot when. * Try to fix filters. * Skip unnecessary steps. * Avoid collision.
2021-09-07 20:37:40 +00:00
- content: "{{ slurp.results[1].content | b64decode }}"
Initial commit
2020-03-09 13:11:34 +00:00
revocation_date: 20191013000000Z
Improve CI (#268) * Remove superfluous remote_src. * Use temp dir twice instead of output_dir. * Use remote temp directory instead of output_dir. * Fix syntax error. * Add some fixes. * Copy more files to remote. * More fixes. * Fixing ACME/'cloud' tests. * Forgot when. * Try to fix filters. * Skip unnecessary steps. * Avoid collision.
2021-09-07 20:37:40 +00:00
- content: "{{ slurp.results[2].content | b64decode }}"
Initial commit
2020-03-09 13:11:34 +00:00
revocation_date: 20191013000000Z
reason: key_compromise
Normalize bools in tests. (#577)
2023-02-15 21:23:36 +00:00
reason_critical: true
Initial commit
2020-03-09 13:11:34 +00:00
invalidity_date: 20191012000000Z
Allow to configure how serial numbers are provided to x509_crl. (#715)
2024-02-19 20:05:13 +00:00
- serial_number: 04:D2
Initial commit
2020-03-09 13:11:34 +00:00
revocation_date: 20191001000000Z
register: crl_1_idem_content
x509_crl_info: allow to not enumerate revoked certificates (#232) * Allow to not enumerate revoked certificates. * Forgot to remove one instance. * Add example.
2021-05-19 07:32:30 +00:00
Add support for CRLs in DER format. (#29)
2020-05-15 07:57:07 +00:00
- name: Create CRL 1 (format, check mode)
x509_crl:
Improve CI (#268) * Remove superfluous remote_src. * Use temp dir twice instead of output_dir. * Use remote temp directory instead of output_dir. * Fix syntax error. * Add some fixes. * Copy more files to remote. * More fixes. * Fixing ACME/'cloud' tests. * Forgot when. * Try to fix filters. * Skip unnecessary steps. * Avoid collision.
2021-09-07 20:37:40 +00:00
path: '{{ remote_tmp_dir }}/ca-crl1.crl'
privatekey_path: '{{ remote_tmp_dir }}/ca.key'
Add support for CRLs in DER format. (#29)
2020-05-15 07:57:07 +00:00
format: der
issuer:
CN: Ansible
last_update: 20191013000000Z
next_update: 20191113000000Z
revoked_certificates:
Improve CI (#268) * Remove superfluous remote_src. * Use temp dir twice instead of output_dir. * Use remote temp directory instead of output_dir. * Fix syntax error. * Add some fixes. * Copy more files to remote. * More fixes. * Fixing ACME/'cloud' tests. * Forgot when. * Try to fix filters. * Skip unnecessary steps. * Avoid collision.
2021-09-07 20:37:40 +00:00
- path: '{{ remote_tmp_dir }}/cert-1.pem'
Add support for CRLs in DER format. (#29)
2020-05-15 07:57:07 +00:00
revocation_date: 20191013000000Z
Improve CI (#268) * Remove superfluous remote_src. * Use temp dir twice instead of output_dir. * Use remote temp directory instead of output_dir. * Fix syntax error. * Add some fixes. * Copy more files to remote. * More fixes. * Fixing ACME/'cloud' tests. * Forgot when. * Try to fix filters. * Skip unnecessary steps. * Avoid collision.
2021-09-07 20:37:40 +00:00
- path: '{{ remote_tmp_dir }}/cert-2.pem'
Add support for CRLs in DER format. (#29)
2020-05-15 07:57:07 +00:00
revocation_date: 20191013000000Z
reason: key_compromise
Normalize bools in tests. (#577)
2023-02-15 21:23:36 +00:00
reason_critical: true
Add support for CRLs in DER format. (#29)
2020-05-15 07:57:07 +00:00
invalidity_date: 20191012000000Z
- serial_number: 1234
revocation_date: 20191001000000Z
Normalize bools in tests. (#577)
2023-02-15 21:23:36 +00:00
check_mode: true
Add support for CRLs in DER format. (#29)
2020-05-15 07:57:07 +00:00
register: crl_1_format_check
x509_crl_info: allow to not enumerate revoked certificates (#232) * Allow to not enumerate revoked certificates. * Forgot to remove one instance. * Add example.
2021-05-19 07:32:30 +00:00
Add support for CRLs in DER format. (#29)
2020-05-15 07:57:07 +00:00
- name: Create CRL 1 (format)
x509_crl:
Improve CI (#268) * Remove superfluous remote_src. * Use temp dir twice instead of output_dir. * Use remote temp directory instead of output_dir. * Fix syntax error. * Add some fixes. * Copy more files to remote. * More fixes. * Fixing ACME/'cloud' tests. * Forgot when. * Try to fix filters. * Skip unnecessary steps. * Avoid collision.
2021-09-07 20:37:40 +00:00
path: '{{ remote_tmp_dir }}/ca-crl1.crl'
privatekey_path: '{{ remote_tmp_dir }}/ca.key'
Add support for CRLs in DER format. (#29)
2020-05-15 07:57:07 +00:00
format: der
issuer:
CN: Ansible
last_update: 20191013000000Z
next_update: 20191113000000Z
revoked_certificates:
Improve CI (#268) * Remove superfluous remote_src. * Use temp dir twice instead of output_dir. * Use remote temp directory instead of output_dir. * Fix syntax error. * Add some fixes. * Copy more files to remote. * More fixes. * Fixing ACME/'cloud' tests. * Forgot when. * Try to fix filters. * Skip unnecessary steps. * Avoid collision.
2021-09-07 20:37:40 +00:00
- path: '{{ remote_tmp_dir }}/cert-1.pem'
Add support for CRLs in DER format. (#29)
2020-05-15 07:57:07 +00:00
revocation_date: 20191013000000Z
Improve CI (#268) * Remove superfluous remote_src. * Use temp dir twice instead of output_dir. * Use remote temp directory instead of output_dir. * Fix syntax error. * Add some fixes. * Copy more files to remote. * More fixes. * Fixing ACME/'cloud' tests. * Forgot when. * Try to fix filters. * Skip unnecessary steps. * Avoid collision.
2021-09-07 20:37:40 +00:00
- path: '{{ remote_tmp_dir }}/cert-2.pem'
Add support for CRLs in DER format. (#29)
2020-05-15 07:57:07 +00:00
revocation_date: 20191013000000Z
reason: key_compromise
Normalize bools in tests. (#577)
2023-02-15 21:23:36 +00:00
reason_critical: true
Add support for CRLs in DER format. (#29)
2020-05-15 07:57:07 +00:00
invalidity_date: 20191012000000Z
- serial_number: 1234
revocation_date: 20191001000000Z
register: crl_1_format
x509_crl_info: allow to not enumerate revoked certificates (#232) * Allow to not enumerate revoked certificates. * Forgot to remove one instance. * Add example.
2021-05-19 07:32:30 +00:00
Add support for CRLs in DER format. (#29)
2020-05-15 07:57:07 +00:00
- name: Create CRL 1 (format, idempotent, check mode)
x509_crl:
Improve CI (#268) * Remove superfluous remote_src. * Use temp dir twice instead of output_dir. * Use remote temp directory instead of output_dir. * Fix syntax error. * Add some fixes. * Copy more files to remote. * More fixes. * Fixing ACME/'cloud' tests. * Forgot when. * Try to fix filters. * Skip unnecessary steps. * Avoid collision.
2021-09-07 20:37:40 +00:00
path: '{{ remote_tmp_dir }}/ca-crl1.crl'
privatekey_path: '{{ remote_tmp_dir }}/ca.key'
Add support for CRLs in DER format. (#29)
2020-05-15 07:57:07 +00:00
format: der
issuer:
CN: Ansible
last_update: 20191013000000Z
next_update: 20191113000000Z
revoked_certificates:
Improve CI (#268) * Remove superfluous remote_src. * Use temp dir twice instead of output_dir. * Use remote temp directory instead of output_dir. * Fix syntax error. * Add some fixes. * Copy more files to remote. * More fixes. * Fixing ACME/'cloud' tests. * Forgot when. * Try to fix filters. * Skip unnecessary steps. * Avoid collision.
2021-09-07 20:37:40 +00:00
- path: '{{ remote_tmp_dir }}/cert-1.pem'
Add support for CRLs in DER format. (#29)
2020-05-15 07:57:07 +00:00
revocation_date: 20191013000000Z
Improve CI (#268) * Remove superfluous remote_src. * Use temp dir twice instead of output_dir. * Use remote temp directory instead of output_dir. * Fix syntax error. * Add some fixes. * Copy more files to remote. * More fixes. * Fixing ACME/'cloud' tests. * Forgot when. * Try to fix filters. * Skip unnecessary steps. * Avoid collision.
2021-09-07 20:37:40 +00:00
- path: '{{ remote_tmp_dir }}/cert-2.pem'
Add support for CRLs in DER format. (#29)
2020-05-15 07:57:07 +00:00
revocation_date: 20191013000000Z
reason: key_compromise
Normalize bools in tests. (#577)
2023-02-15 21:23:36 +00:00
reason_critical: true
Add support for CRLs in DER format. (#29)
2020-05-15 07:57:07 +00:00
invalidity_date: 20191012000000Z
Allow to configure how serial numbers are provided to x509_crl. (#715)
2024-02-19 20:05:13 +00:00
- serial_number: "1234"
Add support for CRLs in DER format. (#29)
2020-05-15 07:57:07 +00:00
revocation_date: 20191001000000Z
Normalize bools in tests. (#577)
2023-02-15 21:23:36 +00:00
check_mode: true
Add support for CRLs in DER format. (#29)
2020-05-15 07:57:07 +00:00
register: crl_1_format_idem_check
x509_crl_info: allow to not enumerate revoked certificates (#232) * Allow to not enumerate revoked certificates. * Forgot to remove one instance. * Add example.
2021-05-19 07:32:30 +00:00
Add support for CRLs in DER format. (#29)
2020-05-15 07:57:07 +00:00
- name: Create CRL 1 (format, idempotent)
x509_crl:
Improve CI (#268) * Remove superfluous remote_src. * Use temp dir twice instead of output_dir. * Use remote temp directory instead of output_dir. * Fix syntax error. * Add some fixes. * Copy more files to remote. * More fixes. * Fixing ACME/'cloud' tests. * Forgot when. * Try to fix filters. * Skip unnecessary steps. * Avoid collision.
2021-09-07 20:37:40 +00:00
path: '{{ remote_tmp_dir }}/ca-crl1.crl'
privatekey_path: '{{ remote_tmp_dir }}/ca.key'
Add support for CRLs in DER format. (#29)
2020-05-15 07:57:07 +00:00
format: der
issuer:
CN: Ansible
last_update: 20191013000000Z
next_update: 20191113000000Z
revoked_certificates:
Improve CI (#268) * Remove superfluous remote_src. * Use temp dir twice instead of output_dir. * Use remote temp directory instead of output_dir. * Fix syntax error. * Add some fixes. * Copy more files to remote. * More fixes. * Fixing ACME/'cloud' tests. * Forgot when. * Try to fix filters. * Skip unnecessary steps. * Avoid collision.
2021-09-07 20:37:40 +00:00
- path: '{{ remote_tmp_dir }}/cert-1.pem'
Add support for CRLs in DER format. (#29)
2020-05-15 07:57:07 +00:00
revocation_date: 20191013000000Z
Improve CI (#268) * Remove superfluous remote_src. * Use temp dir twice instead of output_dir. * Use remote temp directory instead of output_dir. * Fix syntax error. * Add some fixes. * Copy more files to remote. * More fixes. * Fixing ACME/'cloud' tests. * Forgot when. * Try to fix filters. * Skip unnecessary steps. * Avoid collision.
2021-09-07 20:37:40 +00:00
- path: '{{ remote_tmp_dir }}/cert-2.pem'
Add support for CRLs in DER format. (#29)
2020-05-15 07:57:07 +00:00
revocation_date: 20191013000000Z
reason: key_compromise
Normalize bools in tests. (#577)
2023-02-15 21:23:36 +00:00
reason_critical: true
Add support for CRLs in DER format. (#29)
2020-05-15 07:57:07 +00:00
invalidity_date: 20191012000000Z
Allow to configure how serial numbers are provided to x509_crl. (#715)
2024-02-19 20:05:13 +00:00
- serial_number: "1234"
Add support for CRLs in DER format. (#29)
2020-05-15 07:57:07 +00:00
revocation_date: 20191001000000Z
Normalize bools in tests. (#577)
2023-02-15 21:23:36 +00:00
return_content: true
Add support for CRLs in DER format. (#29)
2020-05-15 07:57:07 +00:00
register: crl_1_format_idem
x509_crl_info: allow to not enumerate revoked certificates (#232) * Allow to not enumerate revoked certificates. * Forgot to remove one instance. * Add example.
2021-05-19 07:32:30 +00:00
Add support for CRLs in DER format. (#29)
2020-05-15 07:57:07 +00:00
- name: Retrieve CRL 1 infos via file
x509_crl_info:
Improve CI (#268) * Remove superfluous remote_src. * Use temp dir twice instead of output_dir. * Use remote temp directory instead of output_dir. * Fix syntax error. * Add some fixes. * Copy more files to remote. * More fixes. * Fixing ACME/'cloud' tests. * Forgot when. * Try to fix filters. * Skip unnecessary steps. * Avoid collision.
2021-09-07 20:37:40 +00:00
path: '{{ remote_tmp_dir }}/ca-crl1.crl'
Add support for CRLs in DER format. (#29)
2020-05-15 07:57:07 +00:00
register: crl_1_info_4
x509_crl_info: allow to not enumerate revoked certificates (#232) * Allow to not enumerate revoked certificates. * Forgot to remove one instance. * Add example.
2021-05-19 07:32:30 +00:00
Add support for CRLs in DER format. (#29)
2020-05-15 07:57:07 +00:00
- name: Read ca-crl1.crl
slurp:
Improve CI (#268) * Remove superfluous remote_src. * Use temp dir twice instead of output_dir. * Use remote temp directory instead of output_dir. * Fix syntax error. * Add some fixes. * Copy more files to remote. * More fixes. * Fixing ACME/'cloud' tests. * Forgot when. * Try to fix filters. * Skip unnecessary steps. * Avoid collision.
2021-09-07 20:37:40 +00:00
src: "{{ remote_tmp_dir }}/ca-crl1.crl"
Add support for CRLs in DER format. (#29)
2020-05-15 07:57:07 +00:00
register: content
x509_crl_info: allow to not enumerate revoked certificates (#232) * Allow to not enumerate revoked certificates. * Forgot to remove one instance. * Add example.
2021-05-19 07:32:30 +00:00
Add support for CRLs in DER format. (#29)
2020-05-15 07:57:07 +00:00
- name: Retrieve CRL 1 infos via file content (Base64)
x509_crl_info:
content: '{{ content.content }}'
register: crl_1_info_5
Initial commit
2020-03-09 13:11:34 +00:00
- name: Create CRL 2 (check mode)
x509_crl:
Improve CI (#268) * Remove superfluous remote_src. * Use temp dir twice instead of output_dir. * Use remote temp directory instead of output_dir. * Fix syntax error. * Add some fixes. * Copy more files to remote. * More fixes. * Fixing ACME/'cloud' tests. * Forgot when. * Try to fix filters. * Skip unnecessary steps. * Avoid collision.
2021-09-07 20:37:40 +00:00
path: '{{ remote_tmp_dir }}/ca-crl2.crl'
privatekey_path: '{{ remote_tmp_dir }}/ca.key'
Allow to specify subject (for CSRs) and issuer (for CRLs) ordered (#316) * Allow to specify subject (for CSRs) and issuer (for CRLs) ordered. * Forgot import. * Apply suggestions from code review Co-authored-by: Ajpantuso <ajpantuso@gmail.com> * Apply suggestions from code review Co-authored-by: Ajpantuso <ajpantuso@gmail.com> * Fix typo. * Simplify error handling, reject empty values outright. * Document d497231e1cd2777ee7fe6bea856975d7b905101e. Co-authored-by: Ajpantuso <ajpantuso@gmail.com>
2021-10-31 14:05:04 +00:00
issuer_ordered:
- CN: Ansible
- CN: CRL
- countryName: US
- CN: Test
Initial commit
2020-03-09 13:11:34 +00:00
last_update: +0d
next_update: +0d
revoked_certificates:
Improve CI (#268) * Remove superfluous remote_src. * Use temp dir twice instead of output_dir. * Use remote temp directory instead of output_dir. * Fix syntax error. * Add some fixes. * Copy more files to remote. * More fixes. * Fixing ACME/'cloud' tests. * Forgot when. * Try to fix filters. * Skip unnecessary steps. * Avoid collision.
2021-09-07 20:37:40 +00:00
- path: '{{ remote_tmp_dir }}/cert-1.pem'
- path: '{{ remote_tmp_dir }}/cert-2.pem'
Initial commit
2020-03-09 13:11:34 +00:00
reason: key_compromise
Normalize bools in tests. (#577)
2023-02-15 21:23:36 +00:00
reason_critical: true
Initial commit
2020-03-09 13:11:34 +00:00
invalidity_date: 20191012000000Z
- serial_number: 1234
Normalize bools in tests. (#577)
2023-02-15 21:23:36 +00:00
check_mode: true
Initial commit
2020-03-09 13:11:34 +00:00
register: crl_2_check
x509_crl_info: allow to not enumerate revoked certificates (#232) * Allow to not enumerate revoked certificates. * Forgot to remove one instance. * Add example.
2021-05-19 07:32:30 +00:00
Initial commit
2020-03-09 13:11:34 +00:00
- name: Create CRL 2
x509_crl:
Improve CI (#268) * Remove superfluous remote_src. * Use temp dir twice instead of output_dir. * Use remote temp directory instead of output_dir. * Fix syntax error. * Add some fixes. * Copy more files to remote. * More fixes. * Fixing ACME/'cloud' tests. * Forgot when. * Try to fix filters. * Skip unnecessary steps. * Avoid collision.
2021-09-07 20:37:40 +00:00
path: '{{ remote_tmp_dir }}/ca-crl2.crl'
privatekey_path: '{{ remote_tmp_dir }}/ca.key'
Allow to specify subject (for CSRs) and issuer (for CRLs) ordered (#316) * Allow to specify subject (for CSRs) and issuer (for CRLs) ordered. * Forgot import. * Apply suggestions from code review Co-authored-by: Ajpantuso <ajpantuso@gmail.com> * Apply suggestions from code review Co-authored-by: Ajpantuso <ajpantuso@gmail.com> * Fix typo. * Simplify error handling, reject empty values outright. * Document d497231e1cd2777ee7fe6bea856975d7b905101e. Co-authored-by: Ajpantuso <ajpantuso@gmail.com>
2021-10-31 14:05:04 +00:00
issuer_ordered:
- CN: Ansible
- CN: CRL
- countryName: US
- CN: Test
Initial commit
2020-03-09 13:11:34 +00:00
last_update: +0d
next_update: +0d
revoked_certificates:
Improve CI (#268) * Remove superfluous remote_src. * Use temp dir twice instead of output_dir. * Use remote temp directory instead of output_dir. * Fix syntax error. * Add some fixes. * Copy more files to remote. * More fixes. * Fixing ACME/'cloud' tests. * Forgot when. * Try to fix filters. * Skip unnecessary steps. * Avoid collision.
2021-09-07 20:37:40 +00:00
- path: '{{ remote_tmp_dir }}/cert-1.pem'
- path: '{{ remote_tmp_dir }}/cert-2.pem'
Initial commit
2020-03-09 13:11:34 +00:00
reason: key_compromise
Normalize bools in tests. (#577)
2023-02-15 21:23:36 +00:00
reason_critical: true
Initial commit
2020-03-09 13:11:34 +00:00
invalidity_date: 20191012000000Z
- serial_number: 1234
register: crl_2
x509_crl_info: allow to not enumerate revoked certificates (#232) * Allow to not enumerate revoked certificates. * Forgot to remove one instance. * Add example.
2021-05-19 07:32:30 +00:00
Initial commit
2020-03-09 13:11:34 +00:00
- name: Create CRL 2 (idempotent, check mode)
x509_crl:
Improve CI (#268) * Remove superfluous remote_src. * Use temp dir twice instead of output_dir. * Use remote temp directory instead of output_dir. * Fix syntax error. * Add some fixes. * Copy more files to remote. * More fixes. * Fixing ACME/'cloud' tests. * Forgot when. * Try to fix filters. * Skip unnecessary steps. * Avoid collision.
2021-09-07 20:37:40 +00:00
path: '{{ remote_tmp_dir }}/ca-crl2.crl'
privatekey_path: '{{ remote_tmp_dir }}/ca.key'
Allow to specify subject (for CSRs) and issuer (for CRLs) ordered (#316) * Allow to specify subject (for CSRs) and issuer (for CRLs) ordered. * Forgot import. * Apply suggestions from code review Co-authored-by: Ajpantuso <ajpantuso@gmail.com> * Apply suggestions from code review Co-authored-by: Ajpantuso <ajpantuso@gmail.com> * Fix typo. * Simplify error handling, reject empty values outright. * Document d497231e1cd2777ee7fe6bea856975d7b905101e. Co-authored-by: Ajpantuso <ajpantuso@gmail.com>
2021-10-31 14:05:04 +00:00
issuer_ordered:
- CN: Ansible
- CN: CRL
- C: US
- CN: Test
Initial commit
2020-03-09 13:11:34 +00:00
last_update: +0d
next_update: +0d
revoked_certificates:
Improve CI (#268) * Remove superfluous remote_src. * Use temp dir twice instead of output_dir. * Use remote temp directory instead of output_dir. * Fix syntax error. * Add some fixes. * Copy more files to remote. * More fixes. * Fixing ACME/'cloud' tests. * Forgot when. * Try to fix filters. * Skip unnecessary steps. * Avoid collision.
2021-09-07 20:37:40 +00:00
- path: '{{ remote_tmp_dir }}/cert-1.pem'
- path: '{{ remote_tmp_dir }}/cert-2.pem'
Initial commit
2020-03-09 13:11:34 +00:00
reason: key_compromise
Normalize bools in tests. (#577)
2023-02-15 21:23:36 +00:00
reason_critical: true
Initial commit
2020-03-09 13:11:34 +00:00
invalidity_date: 20191012000000Z
- serial_number: 1234
Normalize bools in tests. (#577)
2023-02-15 21:23:36 +00:00
ignore_timestamps: true
check_mode: true
Initial commit
2020-03-09 13:11:34 +00:00
register: crl_2_idem_check
x509_crl_info: allow to not enumerate revoked certificates (#232) * Allow to not enumerate revoked certificates. * Forgot to remove one instance. * Add example.
2021-05-19 07:32:30 +00:00
Initial commit
2020-03-09 13:11:34 +00:00
- name: Create CRL 2 (idempotent)
x509_crl:
Improve CI (#268) * Remove superfluous remote_src. * Use temp dir twice instead of output_dir. * Use remote temp directory instead of output_dir. * Fix syntax error. * Add some fixes. * Copy more files to remote. * More fixes. * Fixing ACME/'cloud' tests. * Forgot when. * Try to fix filters. * Skip unnecessary steps. * Avoid collision.
2021-09-07 20:37:40 +00:00
path: '{{ remote_tmp_dir }}/ca-crl2.crl'
privatekey_path: '{{ remote_tmp_dir }}/ca.key'
Allow to specify subject (for CSRs) and issuer (for CRLs) ordered (#316) * Allow to specify subject (for CSRs) and issuer (for CRLs) ordered. * Forgot import. * Apply suggestions from code review Co-authored-by: Ajpantuso <ajpantuso@gmail.com> * Apply suggestions from code review Co-authored-by: Ajpantuso <ajpantuso@gmail.com> * Fix typo. * Simplify error handling, reject empty values outright. * Document d497231e1cd2777ee7fe6bea856975d7b905101e. Co-authored-by: Ajpantuso <ajpantuso@gmail.com>
2021-10-31 14:05:04 +00:00
issuer_ordered:
- CN: Ansible
- CN: CRL
- countryName: US
- CN: Test
Initial commit
2020-03-09 13:11:34 +00:00
last_update: +0d
next_update: +0d
revoked_certificates:
Improve CI (#268) * Remove superfluous remote_src. * Use temp dir twice instead of output_dir. * Use remote temp directory instead of output_dir. * Fix syntax error. * Add some fixes. * Copy more files to remote. * More fixes. * Fixing ACME/'cloud' tests. * Forgot when. * Try to fix filters. * Skip unnecessary steps. * Avoid collision.
2021-09-07 20:37:40 +00:00
- path: '{{ remote_tmp_dir }}/cert-1.pem'
- path: '{{ remote_tmp_dir }}/cert-2.pem'
Initial commit
2020-03-09 13:11:34 +00:00
reason: key_compromise
Normalize bools in tests. (#577)
2023-02-15 21:23:36 +00:00
reason_critical: true
Initial commit
2020-03-09 13:11:34 +00:00
invalidity_date: 20191012000000Z
- serial_number: 1234
Normalize bools in tests. (#577)
2023-02-15 21:23:36 +00:00
ignore_timestamps: true
Initial commit
2020-03-09 13:11:34 +00:00
register: crl_2_idem
x509_crl_info: allow to not enumerate revoked certificates (#232) * Allow to not enumerate revoked certificates. * Forgot to remove one instance. * Add example.
2021-05-19 07:32:30 +00:00
Initial commit
2020-03-09 13:11:34 +00:00
- name: Create CRL 2 (idempotent update, check mode)
x509_crl:
Improve CI (#268) * Remove superfluous remote_src. * Use temp dir twice instead of output_dir. * Use remote temp directory instead of output_dir. * Fix syntax error. * Add some fixes. * Copy more files to remote. * More fixes. * Fixing ACME/'cloud' tests. * Forgot when. * Try to fix filters. * Skip unnecessary steps. * Avoid collision.
2021-09-07 20:37:40 +00:00
path: '{{ remote_tmp_dir }}/ca-crl2.crl'
privatekey_path: '{{ remote_tmp_dir }}/ca.key'
Allow to specify subject (for CSRs) and issuer (for CRLs) ordered (#316) * Allow to specify subject (for CSRs) and issuer (for CRLs) ordered. * Forgot import. * Apply suggestions from code review Co-authored-by: Ajpantuso <ajpantuso@gmail.com> * Apply suggestions from code review Co-authored-by: Ajpantuso <ajpantuso@gmail.com> * Fix typo. * Simplify error handling, reject empty values outright. * Document d497231e1cd2777ee7fe6bea856975d7b905101e. Co-authored-by: Ajpantuso <ajpantuso@gmail.com>
2021-10-31 14:05:04 +00:00
issuer_ordered:
- CN: Ansible
- CN: CRL
- countryName: US
- CN: Test
Initial commit
2020-03-09 13:11:34 +00:00
last_update: +0d
next_update: +0d
revoked_certificates:
- serial_number: 1235
Normalize bools in tests. (#577)
2023-02-15 21:23:36 +00:00
ignore_timestamps: true
x509_crl: prepare releasing the mode option for AnsibleModule's use (#596) * Prepare releasing the mode option for AnsibleModule's use. * Update docs.
2023-04-29 18:54:24 +00:00
crl_mode: update
Normalize bools in tests. (#577)
2023-02-15 21:23:36 +00:00
check_mode: true
Initial commit
2020-03-09 13:11:34 +00:00
register: crl_2_idem_update_change_check
x509_crl_info: allow to not enumerate revoked certificates (#232) * Allow to not enumerate revoked certificates. * Forgot to remove one instance. * Add example.
2021-05-19 07:32:30 +00:00
Initial commit
2020-03-09 13:11:34 +00:00
- name: Create CRL 2 (idempotent update)
x509_crl:
Improve CI (#268) * Remove superfluous remote_src. * Use temp dir twice instead of output_dir. * Use remote temp directory instead of output_dir. * Fix syntax error. * Add some fixes. * Copy more files to remote. * More fixes. * Fixing ACME/'cloud' tests. * Forgot when. * Try to fix filters. * Skip unnecessary steps. * Avoid collision.
2021-09-07 20:37:40 +00:00
path: '{{ remote_tmp_dir }}/ca-crl2.crl'
privatekey_path: '{{ remote_tmp_dir }}/ca.key'
Allow to specify subject (for CSRs) and issuer (for CRLs) ordered (#316) * Allow to specify subject (for CSRs) and issuer (for CRLs) ordered. * Forgot import. * Apply suggestions from code review Co-authored-by: Ajpantuso <ajpantuso@gmail.com> * Apply suggestions from code review Co-authored-by: Ajpantuso <ajpantuso@gmail.com> * Fix typo. * Simplify error handling, reject empty values outright. * Document d497231e1cd2777ee7fe6bea856975d7b905101e. Co-authored-by: Ajpantuso <ajpantuso@gmail.com>
2021-10-31 14:05:04 +00:00
issuer_ordered:
- CN: Ansible
- CN: CRL
- countryName: US
- CN: Test
Initial commit
2020-03-09 13:11:34 +00:00
last_update: +0d
next_update: +0d
revoked_certificates:
- serial_number: 1235
Normalize bools in tests. (#577)
2023-02-15 21:23:36 +00:00
ignore_timestamps: true
x509_crl: prepare releasing the mode option for AnsibleModule's use (#596) * Prepare releasing the mode option for AnsibleModule's use. * Update docs.
2023-04-29 18:54:24 +00:00
crl_mode: update
Initial commit
2020-03-09 13:11:34 +00:00
register: crl_2_idem_update_change
x509_crl_info: allow to not enumerate revoked certificates (#232) * Allow to not enumerate revoked certificates. * Forgot to remove one instance. * Add example.
2021-05-19 07:32:30 +00:00
Initial commit
2020-03-09 13:11:34 +00:00
- name: Create CRL 2 (idempotent update, check mode)
x509_crl:
Improve CI (#268) * Remove superfluous remote_src. * Use temp dir twice instead of output_dir. * Use remote temp directory instead of output_dir. * Fix syntax error. * Add some fixes. * Copy more files to remote. * More fixes. * Fixing ACME/'cloud' tests. * Forgot when. * Try to fix filters. * Skip unnecessary steps. * Avoid collision.
2021-09-07 20:37:40 +00:00
path: '{{ remote_tmp_dir }}/ca-crl2.crl'
privatekey_path: '{{ remote_tmp_dir }}/ca.key'
Allow to specify subject (for CSRs) and issuer (for CRLs) ordered (#316) * Allow to specify subject (for CSRs) and issuer (for CRLs) ordered. * Forgot import. * Apply suggestions from code review Co-authored-by: Ajpantuso <ajpantuso@gmail.com> * Apply suggestions from code review Co-authored-by: Ajpantuso <ajpantuso@gmail.com> * Fix typo. * Simplify error handling, reject empty values outright. * Document d497231e1cd2777ee7fe6bea856975d7b905101e. Co-authored-by: Ajpantuso <ajpantuso@gmail.com>
2021-10-31 14:05:04 +00:00
issuer_ordered:
- CN: Ansible
- CN: CRL
- countryName: US
- CN: Test
Initial commit
2020-03-09 13:11:34 +00:00
last_update: +0d
next_update: +0d
revoked_certificates:
Improve CI (#268) * Remove superfluous remote_src. * Use temp dir twice instead of output_dir. * Use remote temp directory instead of output_dir. * Fix syntax error. * Add some fixes. * Copy more files to remote. * More fixes. * Fixing ACME/'cloud' tests. * Forgot when. * Try to fix filters. * Skip unnecessary steps. * Avoid collision.
2021-09-07 20:37:40 +00:00
- path: '{{ remote_tmp_dir }}/cert-2.pem'
Initial commit
2020-03-09 13:11:34 +00:00
reason: key_compromise
Normalize bools in tests. (#577)
2023-02-15 21:23:36 +00:00
reason_critical: true
Initial commit
2020-03-09 13:11:34 +00:00
invalidity_date: 20191012000000Z
Normalize bools in tests. (#577)
2023-02-15 21:23:36 +00:00
ignore_timestamps: true
x509_crl: prepare releasing the mode option for AnsibleModule's use (#596) * Prepare releasing the mode option for AnsibleModule's use. * Update docs.
2023-04-29 18:54:24 +00:00
crl_mode: update
Normalize bools in tests. (#577)
2023-02-15 21:23:36 +00:00
check_mode: true
Initial commit
2020-03-09 13:11:34 +00:00
register: crl_2_idem_update_check
x509_crl_info: allow to not enumerate revoked certificates (#232) * Allow to not enumerate revoked certificates. * Forgot to remove one instance. * Add example.
2021-05-19 07:32:30 +00:00
Initial commit
2020-03-09 13:11:34 +00:00
- name: Create CRL 2 (idempotent update)
x509_crl:
Improve CI (#268) * Remove superfluous remote_src. * Use temp dir twice instead of output_dir. * Use remote temp directory instead of output_dir. * Fix syntax error. * Add some fixes. * Copy more files to remote. * More fixes. * Fixing ACME/'cloud' tests. * Forgot when. * Try to fix filters. * Skip unnecessary steps. * Avoid collision.
2021-09-07 20:37:40 +00:00
path: '{{ remote_tmp_dir }}/ca-crl2.crl'
privatekey_path: '{{ remote_tmp_dir }}/ca.key'
Allow to specify subject (for CSRs) and issuer (for CRLs) ordered (#316) * Allow to specify subject (for CSRs) and issuer (for CRLs) ordered. * Forgot import. * Apply suggestions from code review Co-authored-by: Ajpantuso <ajpantuso@gmail.com> * Apply suggestions from code review Co-authored-by: Ajpantuso <ajpantuso@gmail.com> * Fix typo. * Simplify error handling, reject empty values outright. * Document d497231e1cd2777ee7fe6bea856975d7b905101e. Co-authored-by: Ajpantuso <ajpantuso@gmail.com>
2021-10-31 14:05:04 +00:00
issuer_ordered:
- CN: Ansible
- CN: CRL
- countryName: US
- CN: Test
Initial commit
2020-03-09 13:11:34 +00:00
last_update: +0d
next_update: +0d
revoked_certificates:
Improve CI (#268) * Remove superfluous remote_src. * Use temp dir twice instead of output_dir. * Use remote temp directory instead of output_dir. * Fix syntax error. * Add some fixes. * Copy more files to remote. * More fixes. * Fixing ACME/'cloud' tests. * Forgot when. * Try to fix filters. * Skip unnecessary steps. * Avoid collision.
2021-09-07 20:37:40 +00:00
- path: '{{ remote_tmp_dir }}/cert-2.pem'
Initial commit
2020-03-09 13:11:34 +00:00
reason: key_compromise
Normalize bools in tests. (#577)
2023-02-15 21:23:36 +00:00
reason_critical: true
Initial commit
2020-03-09 13:11:34 +00:00
invalidity_date: 20191012000000Z
Normalize bools in tests. (#577)
2023-02-15 21:23:36 +00:00
ignore_timestamps: true
x509_crl: prepare releasing the mode option for AnsibleModule's use (#596) * Prepare releasing the mode option for AnsibleModule's use. * Update docs.
2023-04-29 18:54:24 +00:00
crl_mode: update
Initial commit
2020-03-09 13:11:34 +00:00
register: crl_2_idem_update
x509_crl_info: allow to not enumerate revoked certificates (#232) * Allow to not enumerate revoked certificates. * Forgot to remove one instance. * Add example.
2021-05-19 07:32:30 +00:00
Initial commit
2020-03-09 13:11:34 +00:00
- name: Create CRL 2 (changed timestamps, check mode)
x509_crl:
Improve CI (#268) * Remove superfluous remote_src. * Use temp dir twice instead of output_dir. * Use remote temp directory instead of output_dir. * Fix syntax error. * Add some fixes. * Copy more files to remote. * More fixes. * Fixing ACME/'cloud' tests. * Forgot when. * Try to fix filters. * Skip unnecessary steps. * Avoid collision.
2021-09-07 20:37:40 +00:00
path: '{{ remote_tmp_dir }}/ca-crl2.crl'
privatekey_path: '{{ remote_tmp_dir }}/ca.key'
Allow to specify subject (for CSRs) and issuer (for CRLs) ordered (#316) * Allow to specify subject (for CSRs) and issuer (for CRLs) ordered. * Forgot import. * Apply suggestions from code review Co-authored-by: Ajpantuso <ajpantuso@gmail.com> * Apply suggestions from code review Co-authored-by: Ajpantuso <ajpantuso@gmail.com> * Fix typo. * Simplify error handling, reject empty values outright. * Document d497231e1cd2777ee7fe6bea856975d7b905101e. Co-authored-by: Ajpantuso <ajpantuso@gmail.com>
2021-10-31 14:05:04 +00:00
issuer_ordered:
- CN: Ansible
- CN: CRL
- countryName: US
- CN: Test
Initial commit
2020-03-09 13:11:34 +00:00
last_update: +0d
next_update: +0d
revoked_certificates:
Improve CI (#268) * Remove superfluous remote_src. * Use temp dir twice instead of output_dir. * Use remote temp directory instead of output_dir. * Fix syntax error. * Add some fixes. * Copy more files to remote. * More fixes. * Fixing ACME/'cloud' tests. * Forgot when. * Try to fix filters. * Skip unnecessary steps. * Avoid collision.
2021-09-07 20:37:40 +00:00
- path: '{{ remote_tmp_dir }}/cert-2.pem'
Initial commit
2020-03-09 13:11:34 +00:00
reason: key_compromise
Normalize bools in tests. (#577)
2023-02-15 21:23:36 +00:00
reason_critical: true
Initial commit
2020-03-09 13:11:34 +00:00
invalidity_date: 20191012000000Z
Normalize bools in tests. (#577)
2023-02-15 21:23:36 +00:00
ignore_timestamps: false
x509_crl: prepare releasing the mode option for AnsibleModule's use (#596) * Prepare releasing the mode option for AnsibleModule's use. * Update docs.
2023-04-29 18:54:24 +00:00
crl_mode: update
Normalize bools in tests. (#577)
2023-02-15 21:23:36 +00:00
check_mode: true
Initial commit
2020-03-09 13:11:34 +00:00
register: crl_2_change_check
x509_crl_info: allow to not enumerate revoked certificates (#232) * Allow to not enumerate revoked certificates. * Forgot to remove one instance. * Add example.
2021-05-19 07:32:30 +00:00
Initial commit
2020-03-09 13:11:34 +00:00
- name: Create CRL 2 (changed timestamps)
x509_crl:
Improve CI (#268) * Remove superfluous remote_src. * Use temp dir twice instead of output_dir. * Use remote temp directory instead of output_dir. * Fix syntax error. * Add some fixes. * Copy more files to remote. * More fixes. * Fixing ACME/'cloud' tests. * Forgot when. * Try to fix filters. * Skip unnecessary steps. * Avoid collision.
2021-09-07 20:37:40 +00:00
path: '{{ remote_tmp_dir }}/ca-crl2.crl'
privatekey_path: '{{ remote_tmp_dir }}/ca.key'
Allow to specify subject (for CSRs) and issuer (for CRLs) ordered (#316) * Allow to specify subject (for CSRs) and issuer (for CRLs) ordered. * Forgot import. * Apply suggestions from code review Co-authored-by: Ajpantuso <ajpantuso@gmail.com> * Apply suggestions from code review Co-authored-by: Ajpantuso <ajpantuso@gmail.com> * Fix typo. * Simplify error handling, reject empty values outright. * Document d497231e1cd2777ee7fe6bea856975d7b905101e. Co-authored-by: Ajpantuso <ajpantuso@gmail.com>
2021-10-31 14:05:04 +00:00
issuer_ordered:
- CN: Ansible
- CN: CRL
- countryName: US
- CN: Test
Initial commit
2020-03-09 13:11:34 +00:00
last_update: +0d
next_update: +0d
revoked_certificates:
Improve CI (#268) * Remove superfluous remote_src. * Use temp dir twice instead of output_dir. * Use remote temp directory instead of output_dir. * Fix syntax error. * Add some fixes. * Copy more files to remote. * More fixes. * Fixing ACME/'cloud' tests. * Forgot when. * Try to fix filters. * Skip unnecessary steps. * Avoid collision.
2021-09-07 20:37:40 +00:00
- path: '{{ remote_tmp_dir }}/cert-2.pem'
Initial commit
2020-03-09 13:11:34 +00:00
reason: key_compromise
Normalize bools in tests. (#577)
2023-02-15 21:23:36 +00:00
reason_critical: true
Initial commit
2020-03-09 13:11:34 +00:00
invalidity_date: 20191012000000Z
Normalize bools in tests. (#577)
2023-02-15 21:23:36 +00:00
ignore_timestamps: false
x509_crl: prepare releasing the mode option for AnsibleModule's use (#596) * Prepare releasing the mode option for AnsibleModule's use. * Update docs.
2023-04-29 18:54:24 +00:00
crl_mode: update
Normalize bools in tests. (#577)
2023-02-15 21:23:36 +00:00
return_content: true
Initial commit
2020-03-09 13:11:34 +00:00
register: crl_2_change
x509_crl_info: allow to not enumerate revoked certificates (#232) * Allow to not enumerate revoked certificates. * Forgot to remove one instance. * Add example.
2021-05-19 07:32:30 +00:00
Allow to specify subject (for CSRs) and issuer (for CRLs) ordered (#316) * Allow to specify subject (for CSRs) and issuer (for CRLs) ordered. * Forgot import. * Apply suggestions from code review Co-authored-by: Ajpantuso <ajpantuso@gmail.com> * Apply suggestions from code review Co-authored-by: Ajpantuso <ajpantuso@gmail.com> * Fix typo. * Simplify error handling, reject empty values outright. * Document d497231e1cd2777ee7fe6bea856975d7b905101e. Co-authored-by: Ajpantuso <ajpantuso@gmail.com>
2021-10-31 14:05:04 +00:00
- name: Read ca-crl2.crl
slurp:
src: '{{ remote_tmp_dir }}/ca-crl2.crl'
register: slurp_crl2_1
x509_crl_info: allow to not enumerate revoked certificates (#232) * Allow to not enumerate revoked certificates. * Forgot to remove one instance. * Add example.
2021-05-19 07:32:30 +00:00
- name: Retrieve CRL 2 infos
x509_crl_info:
Improve CI (#268) * Remove superfluous remote_src. * Use temp dir twice instead of output_dir. * Use remote temp directory instead of output_dir. * Fix syntax error. * Add some fixes. * Copy more files to remote. * More fixes. * Fixing ACME/'cloud' tests. * Forgot when. * Try to fix filters. * Skip unnecessary steps. * Avoid collision.
2021-09-07 20:37:40 +00:00
path: '{{ remote_tmp_dir }}/ca-crl2.crl'
x509_crl_info: allow to not enumerate revoked certificates (#232) * Allow to not enumerate revoked certificates. * Forgot to remove one instance. * Add example.
2021-05-19 07:32:30 +00:00
list_revoked_certificates: false
register: crl_2_info_1
Allow to specify subject (for CSRs) and issuer (for CRLs) ordered (#316) * Allow to specify subject (for CSRs) and issuer (for CRLs) ordered. * Forgot import. * Apply suggestions from code review Co-authored-by: Ajpantuso <ajpantuso@gmail.com> * Apply suggestions from code review Co-authored-by: Ajpantuso <ajpantuso@gmail.com> * Fix typo. * Simplify error handling, reject empty values outright. * Document d497231e1cd2777ee7fe6bea856975d7b905101e. Co-authored-by: Ajpantuso <ajpantuso@gmail.com>
2021-10-31 14:05:04 +00:00
- name: Create CRL 2 (changed order, should be ignored)
x509_crl:
path: '{{ remote_tmp_dir }}/ca-crl2.crl'
privatekey_path: '{{ remote_tmp_dir }}/ca.key'
issuer:
countryName: US
CN:
- Ansible
- CRL
- Test
last_update: +0d
next_update: +0d
revoked_certificates:
- path: '{{ remote_tmp_dir }}/cert-2.pem'
reason: key_compromise
Normalize bools in tests. (#577)
2023-02-15 21:23:36 +00:00
reason_critical: true
Allow to specify subject (for CSRs) and issuer (for CRLs) ordered (#316) * Allow to specify subject (for CSRs) and issuer (for CRLs) ordered. * Forgot import. * Apply suggestions from code review Co-authored-by: Ajpantuso <ajpantuso@gmail.com> * Apply suggestions from code review Co-authored-by: Ajpantuso <ajpantuso@gmail.com> * Fix typo. * Simplify error handling, reject empty values outright. * Document d497231e1cd2777ee7fe6bea856975d7b905101e. Co-authored-by: Ajpantuso <ajpantuso@gmail.com>
2021-10-31 14:05:04 +00:00
invalidity_date: 20191012000000Z
ignore_timestamps: true
x509_crl: prepare releasing the mode option for AnsibleModule's use (#596) * Prepare releasing the mode option for AnsibleModule's use. * Update docs.
2023-04-29 18:54:24 +00:00
crl_mode: update
Normalize bools in tests. (#577)
2023-02-15 21:23:36 +00:00
return_content: true
Allow to specify subject (for CSRs) and issuer (for CRLs) ordered (#316) * Allow to specify subject (for CSRs) and issuer (for CRLs) ordered. * Forgot import. * Apply suggestions from code review Co-authored-by: Ajpantuso <ajpantuso@gmail.com> * Apply suggestions from code review Co-authored-by: Ajpantuso <ajpantuso@gmail.com> * Fix typo. * Simplify error handling, reject empty values outright. * Document d497231e1cd2777ee7fe6bea856975d7b905101e. Co-authored-by: Ajpantuso <ajpantuso@gmail.com>
2021-10-31 14:05:04 +00:00
register: crl_2_change_order_ignore
- name: Create CRL 2 (changed order)
x509_crl:
path: '{{ remote_tmp_dir }}/ca-crl2.crl'
privatekey_path: '{{ remote_tmp_dir }}/ca.key'
issuer_ordered:
- CN: Ansible
- countryName: US
- CN: CRL
- CN: Test
last_update: +0d
next_update: +0d
revoked_certificates:
- path: '{{ remote_tmp_dir }}/cert-2.pem'
reason: key_compromise
Normalize bools in tests. (#577)
2023-02-15 21:23:36 +00:00
reason_critical: true
Allow to specify subject (for CSRs) and issuer (for CRLs) ordered (#316) * Allow to specify subject (for CSRs) and issuer (for CRLs) ordered. * Forgot import. * Apply suggestions from code review Co-authored-by: Ajpantuso <ajpantuso@gmail.com> * Apply suggestions from code review Co-authored-by: Ajpantuso <ajpantuso@gmail.com> * Fix typo. * Simplify error handling, reject empty values outright. * Document d497231e1cd2777ee7fe6bea856975d7b905101e. Co-authored-by: Ajpantuso <ajpantuso@gmail.com>
2021-10-31 14:05:04 +00:00
invalidity_date: 20191012000000Z
ignore_timestamps: true
x509_crl: prepare releasing the mode option for AnsibleModule's use (#596) * Prepare releasing the mode option for AnsibleModule's use. * Update docs.
2023-04-29 18:54:24 +00:00
crl_mode: update
Normalize bools in tests. (#577)
2023-02-15 21:23:36 +00:00
return_content: true
Allow to specify subject (for CSRs) and issuer (for CRLs) ordered (#316) * Allow to specify subject (for CSRs) and issuer (for CRLs) ordered. * Forgot import. * Apply suggestions from code review Co-authored-by: Ajpantuso <ajpantuso@gmail.com> * Apply suggestions from code review Co-authored-by: Ajpantuso <ajpantuso@gmail.com> * Fix typo. * Simplify error handling, reject empty values outright. * Document d497231e1cd2777ee7fe6bea856975d7b905101e. Co-authored-by: Ajpantuso <ajpantuso@gmail.com>
2021-10-31 14:05:04 +00:00
register: crl_2_change_order
- name: Read ca-crl2.crl
slurp:
src: '{{ remote_tmp_dir }}/ca-crl2.crl'
register: slurp_crl2_2
- name: Retrieve CRL 2 infos again
x509_crl_info:
path: '{{ remote_tmp_dir }}/ca-crl2.crl'
list_revoked_certificates: false
register: crl_2_info_2
Fix crash in x509_crl when certificate issuer is specified (#441) * Fix x509_crl certificate issuer issue. * Add tests. * Add changelog fragment.
2022-04-18 06:17:27 +00:00
- name: Create CRL 3
x509_crl:
path: '{{ remote_tmp_dir }}/ca-crl3.crl'
privatekey_path: '{{ remote_tmp_dir }}/ca.key'
issuer:
CN: Ansible
last_update: +0d
next_update: +0d
revoked_certificates:
- serial_number: 1234
revocation_date: 20191001000000Z
Improve handling of IDNA/Unicode domains (#436) * Prepare IDNA/Unicode conversion code. Use to normalize input. * Use IDNA library first (IDNA2008) and Python's IDNA2003 implementation as a fallback. * Make sure idna is installed. * Add changelog fragment. * 'punycode' → 'idna'. * Add name_encoding options and tests. * Avoid invalid character for IDNA2008. * Linting. * Forgot to upate value. * Work around cryptography bug. Fix port handling for URIs. * Forgot other place sensitive to cryptography bug. * Forgot one. (Will likely still fail.) * Decode IDNA in _compress_entry() to avoid comparison screw-ups. * Work around Python 3.5 problem in Ansible 2.9's default test container. * Update changelog fragment. * Fix error, add tests. * Python 2 compatibility. * Update requirements.
2022-05-09 17:57:14 +00:00
# * cryptography < 2.1 strips username and password from URIs. To avoid problems, we do
# not pass usernames and passwords for URIs when the cryptography version is < 2.1.
# * Python 3.5 before 3.5.8 rc 1 has a bug in urllib.parse.urlparse() that results in an
# error if a Unicode netloc has a username or password included.
# (https://github.com/ansible-collections/community.crypto/pull/436#issuecomment-1101737134)
# This affects the Python 3.5 included in Ansible 2.9's default test container; to avoid
# this, we also do not pass usernames and passwords for Python 3.5.
Fix crash in x509_crl when certificate issuer is specified (#441) * Fix x509_crl certificate issuer issue. * Add tests. * Add changelog fragment.
2022-04-18 06:17:27 +00:00
issuer:
- "DNS:ca.example.org"
Improve handling of IDNA/Unicode domains (#436) * Prepare IDNA/Unicode conversion code. Use to normalize input. * Use IDNA library first (IDNA2008) and Python's IDNA2003 implementation as a fallback. * Make sure idna is installed. * Add changelog fragment. * 'punycode' → 'idna'. * Add name_encoding options and tests. * Avoid invalid character for IDNA2008. * Linting. * Forgot to upate value. * Work around cryptography bug. Fix port handling for URIs. * Forgot other place sensitive to cryptography bug. * Forgot one. (Will likely still fail.) * Decode IDNA in _compress_entry() to avoid comparison screw-ups. * Work around Python 3.5 problem in Ansible 2.9's default test container. * Update changelog fragment. * Fix error, add tests. * Python 2 compatibility. * Update requirements.
2022-05-09 17:57:14 +00:00
- "DNS:ffóò.ḃâŗ.çøṁ"
- "email:foo@ḃâŗ.çøṁ"
- "URI:https://{{ '' if cryptography_version.stdout is version('2.1', '<') or ansible_facts.python.version.minor == 5 else 'admin:hunter2@' }}ffóò.ḃâŗ.çøṁ/baz?foo=bar"
- "URI:https://{{ '' if cryptography_version.stdout is version('2.1', '<') or ansible_facts.python.version.minor == 5 else 'goo@' }}www.straße.de"
- "URI:https://straße.de:8080"
- "URI:http://gefäß.org"
- "URI:http://{{ '' if cryptography_version.stdout is version('2.1', '<') or ansible_facts.python.version.minor == 5 else 'a:b@' }}ä:1"
Fix crash in x509_crl when certificate issuer is specified (#441) * Fix x509_crl certificate issuer issue. * Add tests. * Add changelog fragment.
2022-04-18 06:17:27 +00:00
issuer_critical: true
register: crl_3
Improve handling of IDNA/Unicode domains (#436) * Prepare IDNA/Unicode conversion code. Use to normalize input. * Use IDNA library first (IDNA2008) and Python's IDNA2003 implementation as a fallback. * Make sure idna is installed. * Add changelog fragment. * 'punycode' → 'idna'. * Add name_encoding options and tests. * Avoid invalid character for IDNA2008. * Linting. * Forgot to upate value. * Work around cryptography bug. Fix port handling for URIs. * Forgot other place sensitive to cryptography bug. * Forgot one. (Will likely still fail.) * Decode IDNA in _compress_entry() to avoid comparison screw-ups. * Work around Python 3.5 problem in Ansible 2.9's default test container. * Update changelog fragment. * Fix error, add tests. * Python 2 compatibility. * Update requirements.
2022-05-09 17:57:14 +00:00
- name: Create CRL 3 (IDNA encoding)
x509_crl:
path: '{{ remote_tmp_dir }}/ca-crl3.crl'
privatekey_path: '{{ remote_tmp_dir }}/ca.key'
issuer:
CN: Ansible
last_update: +0d
next_update: +0d
revoked_certificates:
- serial_number: 1234
revocation_date: 20191001000000Z
issuer:
- "DNS:ca.example.org"
- "DNS:xn--ff-3jad.xn--2ca8uh37e.xn--7ca8a981n"
- "email:foo@xn--2ca8uh37e.xn--7ca8a981n"
- "URI:https://{{ '' if cryptography_version.stdout is version('2.1', '<') or ansible_facts.python.version.minor == 5 else 'admin:hunter2@' }}xn--ff-3jad.xn--2ca8uh37e.xn--7ca8a981n/baz?foo=bar"
- "URI:https://{{ '' if cryptography_version.stdout is version('2.1', '<') or ansible_facts.python.version.minor == 5 else 'goo@' }}www.xn--strae-oqa.de"
- "URI:https://xn--strae-oqa.de:8080"
- "URI:http://xn--gef-7kay.org"
- "URI:http://{{ '' if cryptography_version.stdout is version('2.1', '<') or ansible_facts.python.version.minor == 5 else 'a:b@' }}xn--4ca:1"
issuer_critical: true
ignore_timestamps: true
name_encoding: idna
register: crl_3_idna
- name: Create CRL 3 (Unicode encoding)
x509_crl:
path: '{{ remote_tmp_dir }}/ca-crl3.crl'
privatekey_path: '{{ remote_tmp_dir }}/ca.key'
issuer:
CN: Ansible
last_update: +0d
next_update: +0d
revoked_certificates:
- serial_number: 1234
revocation_date: 20191001000000Z
issuer:
- "DNS:ca.example.org"
- "DNS:ffóò.ḃâŗ.çøṁ"
- "email:foo@ḃâŗ.çøṁ"
- "URI:https://{{ '' if cryptography_version.stdout is version('2.1', '<') or ansible_facts.python.version.minor == 5 else 'admin:hunter2@' }}ffóò.ḃâŗ.çøṁ/baz?foo=bar"
- "URI:https://{{ '' if cryptography_version.stdout is version('2.1', '<') or ansible_facts.python.version.minor == 5 else 'goo@' }}www.straße.de"
- "URI:https://straße.de:8080"
- "URI:http://gefäß.org"
- "URI:http://{{ '' if cryptography_version.stdout is version('2.1', '<') or ansible_facts.python.version.minor == 5 else 'a:b@' }}ä:1"
issuer_critical: true
ignore_timestamps: true
name_encoding: unicode
register: crl_3_unicode
Fix crash in x509_crl when certificate issuer is specified (#441) * Fix x509_crl certificate issuer issue. * Add tests. * Add changelog fragment.
2022-04-18 06:17:27 +00:00
- name: Retrieve CRL 3 infos
x509_crl_info:
path: '{{ remote_tmp_dir }}/ca-crl3.crl'
list_revoked_certificates: true
register: crl_3_info
Improve handling of IDNA/Unicode domains (#436) * Prepare IDNA/Unicode conversion code. Use to normalize input. * Use IDNA library first (IDNA2008) and Python's IDNA2003 implementation as a fallback. * Make sure idna is installed. * Add changelog fragment. * 'punycode' → 'idna'. * Add name_encoding options and tests. * Avoid invalid character for IDNA2008. * Linting. * Forgot to upate value. * Work around cryptography bug. Fix port handling for URIs. * Forgot other place sensitive to cryptography bug. * Forgot one. (Will likely still fail.) * Decode IDNA in _compress_entry() to avoid comparison screw-ups. * Work around Python 3.5 problem in Ansible 2.9's default test container. * Update changelog fragment. * Fix error, add tests. * Python 2 compatibility. * Update requirements.
2022-05-09 17:57:14 +00:00
- name: Retrieve CRL 3 infos (IDNA encoding)
x509_crl_info:
path: '{{ remote_tmp_dir }}/ca-crl3.crl'
name_encoding: idna
list_revoked_certificates: true
register: crl_3_info_idna
- name: Retrieve CRL 3 infos (Unicode encoding)
x509_crl_info:
path: '{{ remote_tmp_dir }}/ca-crl3.crl'
name_encoding: unicode
list_revoked_certificates: true
register: crl_3_info_unicode
x509_crl: do not crash when signing with Ed25519 or Ed448 (#475) * Do not crash when signing with Ed25519 or Ed448. * Forgot replace.
2022-06-15 20:06:40 +00:00
- name: Ed25519 and Ed448 tests (for cryptography >= 2.6)
block:
- name: Generate private keys
openssl_privatekey:
path: '{{ remote_tmp_dir }}/ca-{{ item }}.key'
type: '{{ item }}'
loop:
- Ed25519
- Ed448
register: ed25519_ed448_privatekey
Normalize bools in tests. (#577)
2023-02-15 21:23:36 +00:00
ignore_errors: true
x509_crl: do not crash when signing with Ed25519 or Ed448 (#475) * Do not crash when signing with Ed25519 or Ed448. * Forgot replace.
2022-06-15 20:06:40 +00:00
- when: ed25519_ed448_privatekey is not failed
block:
- name: Create CRL
x509_crl:
path: '{{ remote_tmp_dir }}/ca-crl-{{ item }}.crl'
privatekey_path: '{{ remote_tmp_dir }}/ca-{{ item }}.key'
issuer:
CN: Ansible
last_update: 20191013000000Z
next_update: 20191113000000Z
revoked_certificates:
- path: '{{ remote_tmp_dir }}/cert-1.pem'
revocation_date: 20191013000000Z
- path: '{{ remote_tmp_dir }}/cert-2.pem'
revocation_date: 20191013000000Z
reason: key_compromise
Normalize bools in tests. (#577)
2023-02-15 21:23:36 +00:00
reason_critical: true
x509_crl: do not crash when signing with Ed25519 or Ed448 (#475) * Do not crash when signing with Ed25519 or Ed448. * Forgot replace.
2022-06-15 20:06:40 +00:00
invalidity_date: 20191012000000Z
- serial_number: 1234
revocation_date: 20191001000000Z
register: ed25519_ed448_crl
loop:
- Ed25519
- Ed448
Normalize bools in tests. (#577)
2023-02-15 21:23:36 +00:00
ignore_errors: true
x509_crl: do not crash when signing with Ed25519 or Ed448 (#475) * Do not crash when signing with Ed25519 or Ed448. * Forgot replace.
2022-06-15 20:06:40 +00:00
- name: Create CRL (idempotence)
x509_crl:
path: '{{ remote_tmp_dir }}/ca-crl-{{ item }}.crl'
privatekey_path: '{{ remote_tmp_dir }}/ca-{{ item }}.key'
issuer:
CN: Ansible
last_update: 20191013000000Z
next_update: 20191113000000Z
revoked_certificates:
- path: '{{ remote_tmp_dir }}/cert-1.pem'
revocation_date: 20191013000000Z
- path: '{{ remote_tmp_dir }}/cert-2.pem'
revocation_date: 20191013000000Z
reason: key_compromise
Normalize bools in tests. (#577)
2023-02-15 21:23:36 +00:00
reason_critical: true
x509_crl: do not crash when signing with Ed25519 or Ed448 (#475) * Do not crash when signing with Ed25519 or Ed448. * Forgot replace.
2022-06-15 20:06:40 +00:00
invalidity_date: 20191012000000Z
- serial_number: 1234
revocation_date: 20191001000000Z
register: ed25519_ed448_crl_idempotence
loop:
- Ed25519
- Ed448
Normalize bools in tests. (#577)
2023-02-15 21:23:36 +00:00
ignore_errors: true
x509_crl: do not crash when signing with Ed25519 or Ed448 (#475) * Do not crash when signing with Ed25519 or Ed448. * Forgot replace.
2022-06-15 20:06:40 +00:00
Add filter module base, prepare adding filters (#553) * Improve string handling. * Cleanup tests. * Add filter module mock.
2022-12-30 19:44:13 +00:00
when: cryptography_version.stdout is version('2.6', '>=')