.. highlight:: yaml ssh_server ========= SSH Certificate --------------- During the execution of this role the vm host key will be used to create a certificate signin request. This requests will be "posted" to the service known as ca manager and ansible will then wait for a certificate from the same service. This is accomplished using ssh as a mean of transport, the specific task for a signin requests is alwasys like this .. code-block:: yaml - name: generate host request set_fact: cert_request: type: 'sign_request' request: keyType: 'ssh_host' hostName: '{{ vm_name }}' keyData: '{{ vm_public_key.text}}' - name: start sign request raw: "{{ cert_request | to_json }}" delegate_to: ca_request register: request_result failed_when: "( request_result.stdout | from_json ).failed" To sign this certificate an admin must log onto the ca manager machine with the user *sign* and follow the procedure to sign a request with an appropriate certification authority.