From 18fb13fb6bdbf85fddfdaf05bd5fb3ab1db3b9dd Mon Sep 17 00:00:00 2001 From: Guilhem Moulin Date: Sun, 31 May 2015 04:05:34 +0200 Subject: Install CAcert.org root certificates. XXX: this is a workaround the CAcert root CAs not being present in Jessie. In stretch, we would merely install the 'ca-cacert' package. --- roles/common/tasks/main.yml | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) diff --git a/roles/common/tasks/main.yml b/roles/common/tasks/main.yml index 4e85d0a..8f28b93 100644 --- a/roles/common/tasks/main.yml +++ b/roles/common/tasks/main.yml @@ -43,3 +43,26 @@ - rsync - screen - telnet-ssl + +# XXX: this is a workaround the CAcert root CAs not being present in +# Jessie. In stretch, we would merely install the 'ca-cacert' package. +- name: Create directory /usr/local/share/ca-certificates/CAcert + file: path=/usr/local/share/ca-certificates/CAcert + state=directory + owner=root group=root + mode=0755 + tags: + - certs + +- name: Copy CAcert root CAs + copy: src=certs/CAcert/{{ item }} + dest=/usr/local/share/ca-certificates/CAcert/{{ item }} + owner=root group=root + mode=0644 + with_items: + - root.crt + - class3.crt + tags: + - certs + notify: + - Update certificate -- cgit v1.2.3