2 files changed, 5 insertions, 2 deletions

diff --git a/roles/common/tasks/ipsec.yml b/roles/common/tasks/ipsec.yml
index 5e0115e..d773c1c 100644
--- a/roles/common/tasks/ipsec.yml
+++ b/roles/common/tasks/ipsec.yml
@@ -1,8 +1,9 @@
 - name: Install strongSwan
   apt: pkg=strongswan-ikev2
 
-- name: Generate a key pair for IPSec
-  command: genkeypair.sh --pubkey=/etc/ipsec.d/certs/{{ inventory_hostname }}.pem
+- name: Generate a private key and a X.509 certificate for IPSec
+  command: genkeypair.sh x509
+                         --pubkey=/etc/ipsec.d/certs/{{ inventory_hostname }}.pem
                          --privkey=/etc/ipsec.d/private/{{ inventory_hostname }}.key
                          --dns {{ inventory_hostname }}
                          -t ecdsa -b secp521r1 -h sha512
diff --git a/roles/common/tasks/main.yml b/roles/common/tasks/main.yml
index f24a2c9..0048443 100644
--- a/roles/common/tasks/main.yml
+++ b/roles/common/tasks/main.yml
@@ -14,6 +14,8 @@
         dest=/usr/local/bin/genkeypair.sh
         owner=root group=root
         mode=0755
+  tags:
+    - genkeypair
 - include: ipsec.yml    tags=strongswan,ipsec
 - include: logging.yml  tags=logging
 - include: ntp.yml      tags=ntp