[#INSTRM-210] Add role to build production private CA for virt

[INSTRM-210] Add role to build production private CA for virt Created: 26/Sep/17 Updated: 23/Oct/17 Resolved: 23/Oct/17
Status:	Done
Project:	Instrument control development
Component/s:	ics_ansible
Affects Version/s:	None
Fix Version/s:	None

Type:

Task

Priority:

Normal

Reporter:

shimono

Assignee:

shimono

Resolution:

Done

Votes:

Labels:

None

Remaining Estimate:

Not Specified

Time Spent:

Not Specified

Original Estimate:

Not Specified

Issue Links:

Relates
relates to	~~INSTRM-235~~	Add SAN to libvirt certs	Done

Sprint:

2017-10A

Description

Build production (at summit) private CA for virt.
also add scripts to make certs for vm hosts to repository.

current setup procedure is:

openssl req -new -newkey rsa:2048 -nodes -days 1825 -sha256 -out newcerts/(IPaddr).csr -keyout private/(IPaddr).key -subj "/C=JP/ST=Chiba/L=Kashiwa/O=PFS/CN=(IPaddr)"
openssl ca -config virt-pki.cnf -days 1825 -policy policy_anything -out certs/(IPaddr).pem -infiles newcerts/(IPaddr).csr

Comments

Comment by shimono [ 20/Oct/17 ]

Instead of just adding scripts, add a role to ansible for configuration and scripts to build items.

add a role to install packages, configure, but not build CA
add scripts to build CA and certs via ansible (j2)

Comment by shimono [ 20/Oct/17 ]

pushed and PR made. r? from the wind.

Comment by shimono [ 23/Oct/17 ]

working fine. merged.

Generated at Sat Feb 10 16:22:39 JST 2024 using Jira 8.3.4#803005-sha1:1f96e09b3c60279a408a2ae47be3c745f571388b.

[INSTRM-210] Add role to build production private CA for virt Created: 26/Sep/17 Updated: 23/Oct/17 Resolved: 23/Oct/17