majic-ansible-roles Files · testsite/tls/gnutls_server

Files @ a52f9fdabd0f

Branch filter:

Location: majic-ansible-roles/testsite/tls/gnutls_server_certificate.cfg.j2

a52f9fdabd0f 926 B text/plain Show Annotation Show as Raw Download as Raw

branko

MAR-132: Added support for Debian 9 (Stretch) to web_server role:

- Introduced internal parameters for controlling differing package
names, service names, and paths for PHP FPM package.
- Added Debian 9 machines to Molecule configuration, including the
client machine.
- Restructured slightly preparaiton playbook to support both Jessie
and Stretch.
- Added custom pytest fixture for having a better way to determine
expected package names etc related to PHP.
- Created copy of private key/certificate pair used for testing of
mandatory parameters (to be used with Stretch machine).
- Fixed invalid specification for hosts on top of which the
connectivity test should be run.
- Updated a couple of task names (avoiding to reference PHP 5).
- Updated documentation.

# X.509 Certificate options
#
# DN options

# The organization of the subject.
organization = "Example Inc."

# The country of the subject. Two letter code.
country = SE

# The common name of the certificate owner.
cn = "Exampe Inc. {{ item.name }} Server"

# In how many days, counting from today, this certificate will expire.
expiration_days = 365

# X.509 v3 extensions

# A dnsname in case of a WWW server.
dns_name = "{{ item.hostname }}.{{ testsite_domain }}"
{% for dns_name in item.extra_dns_names | default([]) %}
dns_name = "{{ dns_name }}"
{% endfor %}

# Whether this certificate will be used for a TLS server
tls_www_server

# Whether this certificate will be used to sign data (needed
# in TLS DHE ciphersuites).
signing_key

# Whether this certificate will be used to encrypt data (needed
# in TLS RSA ciphersuites). Note that it is preferred to use different
# keys for encryption and signing.
encryption_key