Install CAcert.org root certificates.

XXX: this is a workaround the CAcert root CAs not being present in Jessie. In stretch, we would merely install the 'ca-cacert' package.
author: Guilhem Moulin <guilhem@fripost.org> 2015-05-31 04:05:34 +0200
committer: Guilhem Moulin <guilhem@fripost.org> 2015-06-07 02:53:58 +0200
commit: 18fb13fb6bdbf85fddfdaf05bd5fb3ab1db3b9dd (patch)
tree: 6c3d112bfd88cbc9985e571eb6a32256409bcc8b /roles/common/tasks
parent: b1af6a788f24da872d5c33efbd8f572617bc2958 (diff)
1 files changed, 23 insertions, 0 deletions
diff --git a/roles/common/tasks/main.yml b/roles/common/tasks/main.yml
index 4e85d0a..8f28b93 100644
--- a/roles/common/tasks/main.yml
+++ b/roles/common/tasks/main.yml
@@ -43,3 +43,26 @@
     - rsync
     - screen
     - telnet-ssl
+
+# XXX: this is a workaround the CAcert root CAs not being present in
+# Jessie.  In stretch, we would merely install the 'ca-cacert' package.
+- name: Create directory /usr/local/share/ca-certificates/CAcert
+  file: path=/usr/local/share/ca-certificates/CAcert
+        state=directory
+        owner=root group=root
+        mode=0755
+  tags:
+    - certs
+
+- name: Copy CAcert root CAs
+  copy: src=certs/CAcert/{{ item }}
+        dest=/usr/local/share/ca-certificates/CAcert/{{ item }}
+        owner=root group=root
+        mode=0644
+  with_items:
+    - root.crt
+    - class3.crt
+  tags:
+    - certs
+  notify:
+    - Update certificate
author	Guilhem Moulin <guilhem@fripost.org>	2015-05-31 04:05:34 +0200
committer	Guilhem Moulin <guilhem@fripost.org>	2015-06-07 02:53:58 +0200
commit	18fb13fb6bdbf85fddfdaf05bd5fb3ab1db3b9dd (patch)
tree	6c3d112bfd88cbc9985e571eb6a32256409bcc8b /roles/common/tasks
parent	b1af6a788f24da872d5c33efbd8f572617bc2958 (diff)