From 02d4a5892bb3019d448c453ad279788fcd3f1531 Mon Sep 17 00:00:00 2001 From: Guilhem Moulin Date: Wed, 15 Jun 2016 18:08:48 +0200 Subject: certs/public: fetch each cert's pubkey (SPKI), not the cert itself. To avoid new commits upon cert renewal. --- roles/webmail/tasks/roundcube.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'roles/webmail/tasks') diff --git a/roles/webmail/tasks/roundcube.yml b/roles/webmail/tasks/roundcube.yml index 998026c..24f8fa7 100644 --- a/roles/webmail/tasks/roundcube.yml +++ b/roles/webmail/tasks/roundcube.yml @@ -139,7 +139,7 @@ - name: Fetch Nginx's X.509 certificate # Ensure we don't fetch private data become: False - fetch_cmd: cmd="openssl x509" + fetch_cmd: cmd="openssl x509 -noout -pubkey" stdin=/etc/nginx/ssl/mail.fripost.org.pem dest=certs/public/mail.fripost.org.pem tags: -- cgit v1.2.3