+- name: Remove old dir
+ command: rm -rf /tmp/.mep_tmp_cer
+ args:
+ chdir: /tmp/
+
+- name: Make dir
+ command: mkdir -p /tmp/.mep_tmp_cer
+ args:
+ chdir: /tmp/
+
+- name: Openssl genrsa
+ command: openssl genrsa -out ca.key 2048
+ args:
+ chdir: /tmp/.mep_tmp_cer/
+
+- name: Opnessl req
+ # yamllint disable rule:line-length
+ command: openssl req -new -key ca.key -subj /C=CN/ST=Peking/L=Beijing/O=edgegallery/CN=edgegallery -out ca.csr
+ # yamllint disable rule:line-length
+ args:
+ chdir: /tmp/.mep_tmp_cer/
+
+- name: Sing key with ca key and ca crt
+ # yamllint disable rule:line-length
+ command: openssl x509 -req -days 365 -in ca.csr -extensions v3_ca -signkey ca.key -out ca.crt
+ # yamllint disable rule:line-length
+ args:
+ chdir: /tmp/.mep_tmp_cer/
+
+- name: Openssl genrsa
+ command: openssl genrsa -out mepserver_tls.key 2048
+ args:
+ chdir: /tmp/.mep_tmp_cer/
+
+- name: Openssl rsa mep tls
+ # yamllint disable rule:line-length
+ command: openssl rsa -in mepserver_tls.key -aes256 -passout pass:{{ vardata.secret_pwd.name}} -out mepserver_encryptedtls.key
+ # yamllint disable rule:line-length
+ args:
+ chdir: /tmp/.mep_tmp_cer/
+
+- name: Openssl req new key mepserver tls key
+ # yamllint disable rule:line-length
+ command: openssl req -new -key mepserver_tls.key -subj /C=CN/ST=Beijing/L=Beijing/O=edgegallery/CN=edgegallery -out mepserver_tls.csr
+ # yamllint disable rule:line-length
+ args:
+ chdir: /tmp/.mep_tmp_cer/
+
+- name: Openssl mepserver tls csr
+ # yamllint disable rule:line-length
+ command: openssl x509 -req -in mepserver_tls.csr -extensions v3_req -CA ca.crt -CAkey ca.key -CAcreateserial -out mepserver_tls.crt
+ # yamllint disable rule:line-length
+ args:
+ chdir: /tmp/.mep_tmp_cer/
+
+- name: Openssl genrsa out
+ command: openssl genrsa -out jwt_privatekey 2048
+ args:
+ chdir: /tmp/.mep_tmp_cer/
+
+- name: Openssl rsa jwt privatekey
+ command: openssl rsa -in jwt_privatekey -pubout -out jwt_publickey
+ args:
+ chdir: /tmp/.mep_tmp_cer/
+
+- name: Openssl rsa in jwt
+ # yamllint disable rule:line-length
+ command: openssl rsa -in jwt_privatekey -aes256 -passout pass:{{ vardata.secret_pwd.name}} -out jwt_encrypted_privatekey
+ # yamllint disable rule:line-length
+ args:
+ chdir: /tmp/.mep_tmp_cer/
+