| --- |
| - name: Set jwt-keys path |
| set_fact: |
| jwt_key_folder: "{{ apigee_home }}/customer/application/apigee-sso/jwt-keys" |
| |
| - name: Create folder for jwt-keys |
| become: yes |
| file: |
| path: "{{ jwt_key_folder }}" |
| state: directory |
| owner: "{{ opdk_user_name }}" |
| group: "{{ opdk_group_name }}" |
| |
| - name: Create Signing Key |
| become: yes |
| shell: "openssl genrsa -out {{ verification_private_key }} {{ saml_self_key_size }}" |
| args: |
| chdir: "{{ jwt_key_folder }}" |
| |
| - name: Generate Verification Key |
| become: yes |
| shell: "openssl rsa -pubout -in {{ verification_private_key }} -out {{ signing_public_key }}" |
| args: |
| chdir: "{{ jwt_key_folder }}" |
| |
| #- name: Collect .pem files |
| # find: |
| # paths: "{{ jwt_key_folder }}" |
| # patterns: '*.pem' |
| # register: pems |
| |
| #- name: Set ownship of certs |
| # become: yes |
| # file: |
| # path: "{{ item.1.path }}" |
| # state: touch |
| # owner: "{{ opdk_user_name }}" |
| # group: "{{ opdk_group_name }}" |
| # with_subelements: |
| # - "{{ pems.results }}" |
| # - files |
