From f0718f3ceceec13a03b54b8d6d0abd2dac929fc3 Mon Sep 17 00:00:00 2001
From: Christian Pointner <equinox@spreadspace.org>
Date: Wed, 20 Dec 2023 11:53:07 +0100
Subject: x509: add new role managed-ca

---
 roles/x509/static-ca/cert/prepare/defaults/main.yml | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

(limited to 'roles/x509/static-ca/cert/prepare/defaults/main.yml')

diff --git a/roles/x509/static-ca/cert/prepare/defaults/main.yml b/roles/x509/static-ca/cert/prepare/defaults/main.yml
index 5287cc93..4d74ab1f 100644
--- a/roles/x509/static-ca/cert/prepare/defaults/main.yml
+++ b/roles/x509/static-ca/cert/prepare/defaults/main.yml
@@ -39,8 +39,7 @@ static_ca_cert_config: "{{ x509_certificate_config }}"
 #     organizational_unit_name: "ansible"
 #     state_or_province_name: "Styria"
 #     basic_constraints:
-#     - "CA:TRUE"
-#     - "pathLenConstraint:0"
+#     - "CA:FALSE"
 #     basic_constraints_critical: no
 #     key_usage:
 #     - digitalSignature
@@ -50,7 +49,7 @@ static_ca_cert_config: "{{ x509_certificate_config }}"
 #     - serverAuth
 #     extended_key_usage_critical: yes
 #     create_subject_key_identifier: yes
-#     digest: SHA256
+#     digest: sha256
 #     not_before: +0h
 #     not_after: +520w
 #     renew_margin: +42d
-- 
cgit v1.2.3