Commit 01ec9e2b authored by Oyvind.Gjesdal's avatar Oyvind.Gjesdal
Browse files

add chain to templatea and symlink

parent 972c7446
......@@ -118,10 +118,18 @@
loop: "{{ apache_vhosts }}"
file:
state: "link"
src: "{{ apache_digicert_uib_archive }}/{{ item.servername }}/cert.pem"
src: "{{ apache_digicert_uib_archive }}/{{ item.servername }}/cert.cer"
dest: "/etc/pki/tls/certs/{{ item.servername }}.pem"
when: "item.ssl_type | default('certbot')== 'uib' and item.certificate_url is defined"
- name: "Create symlinks for chains to /etc/pki/"
loop: "{{ apache_vhosts }}"
file:
state: "link"
src: "{{ apache_digicert_uib_archive }}/{{ item.servername }}/cert_interm.cer"
dest: "/etc/pki/tls/certs/{{ item.servername }}.chain.pem"
when: "item.ssl_type | default('certbot')== 'uib' and item.certificate_url is defined"
- name: "Add apache vhosts ssl template"
template:
src: "{{ apache_vhosts_template_ssl }}"
......
......@@ -40,6 +40,8 @@ SSLOptions +StrictRequire
SSLCertificateFile {{ vhost.certificate_file | default('/etc/pki/tls/certs/'+ vhost.servername + '.pem') }}
SSLCertificateKeyFile {{ vhost.certificate_key_file | default('/etc/pki/tls/private/' + vhost.servername + '.pem') }}
SSLCertificateChainFile {{vhost.certificate_chain_file | default('/etc/pki/tls/private/' + vhost.servername + '.chain.pem') }}
{% endif %}
{% if vhost.serveradmin is defined %}
ServerAdmin {{ vhost.serveradmin }}
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment