Playbooks to a new Lilik
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 

32 lines
1.1 KiB

.. highlight:: yaml
ssh_server
=========
SSH Certificate
---------------
During the execution of this role the vm host key will be used to create a certificate signin request.
This requests will be "posted" to the service known as ca manager and ansible will then wait for a certificate from the same service.
This is accomplished using ssh as a mean of transport, the specific task for a signin requests is alwasys like this
.. code-block:: yaml
- name: generate host request
set_fact:
cert_request:
type: 'sign_request'
request:
keyType: 'ssh_host'
hostName: '{{ vm_name }}'
keyData: '{{ vm_public_key.text}}'
- name: start sign request
raw: "{{ cert_request | to_json }}"
delegate_to: ca_request
register: request_result
failed_when: "( request_result.stdout | from_json ).failed"
To sign this certificate an admin must log onto the ca manager machine with the user *sign* and follow the procedure to sign a request with an appropriate certification authority.