summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorGuilhem Moulin <guilhem@fripost.org>2015-05-31 04:05:34 +0200
committerGuilhem Moulin <guilhem@fripost.org>2015-06-07 02:53:58 +0200
commit18fb13fb6bdbf85fddfdaf05bd5fb3ab1db3b9dd (patch)
tree6c3d112bfd88cbc9985e571eb6a32256409bcc8b
parentb1af6a788f24da872d5c33efbd8f572617bc2958 (diff)
Install CAcert.org root certificates.
XXX: this is a workaround the CAcert root CAs not being present in Jessie. In stretch, we would merely install the 'ca-cacert' package.
-rw-r--r--roles/common/tasks/main.yml23
1 files changed, 23 insertions, 0 deletions
diff --git a/roles/common/tasks/main.yml b/roles/common/tasks/main.yml
index 4e85d0a..8f28b93 100644
--- a/roles/common/tasks/main.yml
+++ b/roles/common/tasks/main.yml
@@ -43,3 +43,26 @@
- rsync
- screen
- telnet-ssl
+
+# XXX: this is a workaround the CAcert root CAs not being present in
+# Jessie. In stretch, we would merely install the 'ca-cacert' package.
+- name: Create directory /usr/local/share/ca-certificates/CAcert
+ file: path=/usr/local/share/ca-certificates/CAcert
+ state=directory
+ owner=root group=root
+ mode=0755
+ tags:
+ - certs
+
+- name: Copy CAcert root CAs
+ copy: src=certs/CAcert/{{ item }}
+ dest=/usr/local/share/ca-certificates/CAcert/{{ item }}
+ owner=root group=root
+ mode=0644
+ with_items:
+ - root.crt
+ - class3.crt
+ tags:
+ - certs
+ notify:
+ - Update certificate