updated sso
diff --git a/tasks/create-private-key-and-self-signed-cert.yml b/tasks/create-private-key-and-self-signed-cert.yml
index 93f2005..07a1b06 100644
--- a/tasks/create-private-key-and-self-signed-cert.yml
+++ b/tasks/create-private-key-and-self-signed-cert.yml
@@ -11,24 +11,32 @@
owner: "{{ opdk_user_name }}"
group: "{{ opdk_group_name }}"
+#- name: Generate a passphrase
+# become: true
+# command: openssl rand -base64 48 > passphrase.txt
+# args:
+# chdir: "{{ saml_folder }}"
+
- name: Generate your private key with a passphrase
become: true
- expect:
- echo: yes
- command: "openssl genrsa -{{ saml_encryption_type }} -out {{ saml_server_key }} {{ saml_private_key_size }}"
+ command: "openssl genrsa -{{ saml_encryption_type }} -passout pass:xxxx -out {{ saml_server_key }} {{ saml_private_key_size }}"
+ args:
chdir: "{{ saml_folder }}"
- responses:
- Enter pass phrase for server\.key: "\n"
+
+- name: Prep to remove Passphrase from Key
+ copy:
+ dest: "{{ saml_folder }}/remove-passphrase-{{ saml_server_key }}"
+ src: "{{ saml_folder }}/{{ saml_server_key }}"
- name: Remove the passphrase from the key
become: yes
- shell: "openssl rsa -in {{ saml_server_key }} -out {{ saml_server_key }}"
+ shell: "openssl rsa -in remove-passphrase-{{ saml_server_key }} -passin pass:xxxx -out {{ saml_server_key }}"
args:
chdir: "{{ saml_folder }}"
- name: Generate certificate signing request for CA
become: yes
- shell: "openssl req -x509 -sha256 -new -key {{ saml_server_key }} -out {{ saml_cert_signing_request }}"
+ shell: "openssl req -x509 -sha256 -new -passin file:passphrase.txt -key {{ saml_server_key }} -out {{ saml_cert_signing_request }}"
args:
chdir: "{{ saml_folder }}"
@@ -38,6 +46,7 @@
args:
chdir: "{{ saml_folder }}"
+
#- name: Collect certificate files
# find:
# paths: "{{ saml_folder }}"
