x509: add new role managed-ca

author: Christian Pointner <equinox@spreadspace.org> 2023-12-20 11:53:07 +0100
committer: Christian Pointner <equinox@spreadspace.org> 2023-12-20 11:53:07 +0100
commit: f0718f3ceceec13a03b54b8d6d0abd2dac929fc3 (patch)
tree: f3ce530f07496f6b35ab1f11155ce96a83abbc26 /roles/x509/static-ca
parent: rename: x509/ownca to x509/static-ca (diff)
1 files changed, 2 insertions, 3 deletions
diff --git a/roles/x509/static-ca/cert/prepare/defaults/main.yml b/roles/x509/static-ca/cert/prepare/defaults/main.yml
index 5287cc93..4d74ab1f 100644
--- a/roles/x509/static-ca/cert/prepare/defaults/main.yml
+++ b/roles/x509/static-ca/cert/prepare/defaults/main.yml
@@ -39,8 +39,7 @@ static_ca_cert_config: "{{ x509_certificate_config }}"
 #     organizational_unit_name: "ansible"
 #     state_or_province_name: "Styria"
 #     basic_constraints:
-#     - "CA:TRUE"
-#     - "pathLenConstraint:0"
+#     - "CA:FALSE"
 #     basic_constraints_critical: no
 #     key_usage:
 #     - digitalSignature
@@ -50,7 +49,7 @@ static_ca_cert_config: "{{ x509_certificate_config }}"
 #     - serverAuth
 #     extended_key_usage_critical: yes
 #     create_subject_key_identifier: yes
-#     digest: SHA256
+#     digest: sha256
 #     not_before: +0h
 #     not_after: +520w
 #     renew_margin: +42d
author	Christian Pointner <equinox@spreadspace.org>	2023-12-20 11:53:07 +0100
committer	Christian Pointner <equinox@spreadspace.org>	2023-12-20 11:53:07 +0100
commit	f0718f3ceceec13a03b54b8d6d0abd2dac929fc3 (patch)
tree	f3ce530f07496f6b35ab1f11155ce96a83abbc26 /roles/x509/static-ca
parent	rename: x509/ownca to x509/static-ca (diff)