--- /dev/null
+#
+# Copyright 2020 Huawei Technologies Co., Ltd.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+---
+
+- name: Remove old dir
+ command: rm -rf /tmp/.mep_tmp_cer
+ args:
+ chdir: /tmp/
+
+- name: Make dir
+ command: mkdir -p /tmp/.mep_tmp_cer
+ args:
+ chdir: /tmp/
+
+- name: Openssl genrsa
+ command: openssl genrsa -out ca.key 2048
+ args:
+ chdir: /tmp/.mep_tmp_cer/
+
+- name: Opnessl req
+ # yamllint disable rule:line-length
+ command: openssl req -new -key ca.key -subj /C=CN/ST=Peking/L=Beijing/O=edgegallery/CN=edgegallery -out ca.csr
+ # yamllint disable rule:line-length
+ args:
+ chdir: /tmp/.mep_tmp_cer/
+
+- name: Sing key with ca key and ca crt
+ command: openssl x509 -req -days 365 -in ca.csr -extensions v3_ca -signkey ca.key -out ca.crt
+ args:
+ chdir: /tmp/.mep_tmp_cer/
+
+- name: Openssl genrsa
+ command: openssl genrsa -out server_tls.key 2048
+ args:
+ chdir: /tmp/.mep_tmp_cer/
+
+- name: Openssl rsa mep tls
+ command: openssl rsa -in server_tls.key -aes256 -passout pass:{{ vardata.certspass.name}} -out server_encryptedtls.key
+ args:
+ chdir: /tmp/.mep_tmp_cer/
+
+- name: Openssl req new key mepserver tls key
+ # yamllint disable rule:line-length
+ command: openssl req -new -key server_tls.key -subj /C=CN/ST=Beijing/L=Beijing/O=edgegallery/CN=edgegallery -out server_tls.csr
+ # yamllint disable rule:line-length
+ args:
+ chdir: /tmp/.mep_tmp_cer/
+
+- name: Openssl mepserver tls csr
+ # yamllint disable rule:line-length
+ command: openssl x509 -req -in server_tls.csr -extensions v3_req -CA ca.crt -CAkey ca.key -CAcreateserial -out server_tls.crt
+ # yamllint disable rule:line-length
+ args:
+ chdir: /tmp/.mep_tmp_cer/
+
+- name: Openssl genrsa out
+ command: openssl genrsa -out jwt_privatekey 2048
+ args:
+ chdir: /tmp/.mep_tmp_cer/
+
+- name: Openssl rsa jwt privatekey
+ command: openssl rsa -in jwt_privatekey -pubout -out jwt_publickey
+ args:
+ chdir: /tmp/.mep_tmp_cer/
+
+- name: Openssl rsa jwt privatekey
+ command: openssl rsa -in jwt_privatekey -pubout -out jwt_publickey
+ args:
+ chdir: /tmp/.mep_tmp_cer/
+
+- name: Openssl rsa in jwt
+ command: openssl rsa -in jwt_privatekey -aes256 -passout pass:{{ vardata.certspass.name}} -out jwt_encrypted_privatekey
+ args:
+ chdir: /tmp/.mep_tmp_cer/
--- /dev/null
+#
+# Copyright 2020 Huawei Technologies Co., Ltd.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+---
+
+# tasks file for eg_certs
+- include: "install.yml"
+ static: false
+ when: operation == 'install'
Code Review / ealt-edge.git / commitdiff