---
ca_cert_ca_manager_host: 'authorities_request'
ca_cert_common_name: '{{ host_fqdn }}'
ca_cert_proto: 'tls'
ca_cert_client: false
ca_cert_min_days_validity: 30
ca_cert_renew_private_key: true
ca_cert_tls_subj: '{{ openssl_x509_prefix}}/OU=Server/CN={{ ca_cert_common_name }}'
ca_cert_tls_ca_path: '/etc/ssl/root_ca.crt'
ca_cert_tls_key_path: '/etc/ssl/{{ ca_cert_common_name }}.key'
ca_cert_tls_key_algorithm: 'ed25519'
ca_cert_tls_csr_path: '/etc/ssl/{{ ca_cert_common_name }}.csr'
ca_cert_tls_cert_path: '/etc/ssl/{{ ca_cert_common_name }}.crt'
ca_cert_ssh_ca_path: '/etc/ssh/user_ca.pub'
ca_cert_ssh_key_path: '/etc/ssh/ssh_host_ed25519_key'
...