diff options
author | Guilhem Moulin <guilhem@fripost.org> | 2015-05-31 04:05:34 +0200 |
---|---|---|
committer | Guilhem Moulin <guilhem@fripost.org> | 2015-06-07 02:53:58 +0200 |
commit | 18fb13fb6bdbf85fddfdaf05bd5fb3ab1db3b9dd (patch) | |
tree | 6c3d112bfd88cbc9985e571eb6a32256409bcc8b /roles/common/tasks | |
parent | b1af6a788f24da872d5c33efbd8f572617bc2958 (diff) |
Install CAcert.org root certificates.
XXX: this is a workaround the CAcert root CAs not being present in
Jessie. In stretch, we would merely install the 'ca-cacert' package.
Diffstat (limited to 'roles/common/tasks')
-rw-r--r-- | roles/common/tasks/main.yml | 23 |
1 files changed, 23 insertions, 0 deletions
diff --git a/roles/common/tasks/main.yml b/roles/common/tasks/main.yml index 4e85d0a..8f28b93 100644 --- a/roles/common/tasks/main.yml +++ b/roles/common/tasks/main.yml @@ -43,3 +43,26 @@ - rsync - screen - telnet-ssl + +# XXX: this is a workaround the CAcert root CAs not being present in +# Jessie. In stretch, we would merely install the 'ca-cacert' package. +- name: Create directory /usr/local/share/ca-certificates/CAcert + file: path=/usr/local/share/ca-certificates/CAcert + state=directory + owner=root group=root + mode=0755 + tags: + - certs + +- name: Copy CAcert root CAs + copy: src=certs/CAcert/{{ item }} + dest=/usr/local/share/ca-certificates/CAcert/{{ item }} + owner=root group=root + mode=0644 + with_items: + - root.crt + - class3.crt + tags: + - certs + notify: + - Update certificate |