英文:
How to generate a Self Signed OpenSSL certificate? FAILED! => {"msg": "Wrong or empty passphrase provided for private key"}
问题
我的证书YAML配置
- 名称: 确保为本地自签名TLS证书存在目录。
文件:
路径: "{{ certificate_dir }}/{{ server_hostname }}"
状态: 目录
- 名称: 生成一个OpenSSL私钥。
社区.crypto.openssl_privatekey:
路径: "{{ certificate_dir }}/{{ server_hostname }}/privkey.pem"
大小: 2048
类型: DSA
备份: 是
密码: ansible
- 名称: 生成一个OpenSSL CSR。
社区.crypto.openssl_csr:
路径: "{{ certificate_dir }}/{{ server_hostname }}.csr"
私钥路径: "{{ certificate_dir }}/{{ server_hostname }}/privkey.pem"
私钥密码: ansible
通用名称: "{{ server_hostname }}"
- 名称: 生成一个自签名的OpenSSL证书。
社区.crypto.x509_certificate:
路径: "{{ certificate_dir }}/{{ server_hostname }}/fullchain.pem"
私钥路径: "{{ certificate_dir }}/{{ server_hostname }}/privkey.pem"
csr路径: "{{ certificate_dir }}/{{ server_hostname }}.csr"
提供者: selfsigned
当我运行ansible playbook时,我收到错误
任务 [生成一个自签名的OpenSSL证书。] *****************************。
致命错误: [default]: 失败! => {"changed": false, "msg": "为私钥提供了错误或空的密码"}
我看了[x509示例][1]
社区.crypto.x509_certificate:
路径: /etc/ssl/crt/ansible.com.crt
私钥路径: /etc/ssl/private/ansible.com.pem
csr路径: /etc/ssl/csr/ansible.com.csr
提供者: selfsigned
没有任何密码。
为什么我会得到上述错误?
英文:
My yaml for certificates
- name: Ensure directory exists for local self-signed TLS certs.
file:
path: "{{ certificate_dir }}/{{ server_hostname }}"
state: directory
- name: Generate an OpenSSL private key.
community.crypto.openssl_privatekey:
path: "{{ certificate_dir }}/{{ server_hostname }}/privkey.pem"
size: 2048
type: DSA
backup: yes
cipher: auto
passphrase: ansible
- name: Generate an OpenSSL CSR.
community.crypto.openssl_csr:
path: "{{ certificate_dir }}/{{ server_hostname }}.csr"
privatekey_path: "{{ certificate_dir }}/{{ server_hostname }}/privkey.pem"
privatekey_passphrase: ansible
common_name: "{{ server_hostname }}"
- name: Generate a Self Signed OpenSSL certificate.
community.crypto.x509_certificate:
path: "{{ certificate_dir }}/{{ server_hostname }}/fullchain.pem"
privatekey_path: "{{ certificate_dir }}/{{ server_hostname }}/privkey.pem"
csr_path: "{{ certificate_dir }}/{{ server_hostname }}.csr"
provider: selfsigned
When I run ansible playbook I got error
TASK [Generate a Self Signed OpenSSL certificate.] *****************************
fatal: [default]: FAILED! => {"changed": false, "msg": "Wrong or empty passphrase provided for private key"}
I looked at x509 exmaples
community.crypto.x509_certificate:
path: /etc/ssl/crt/ansible.com.crt
privatekey_path: /etc/ssl/private/ansible.com.pem
csr_path: /etc/ssl/csr/ansible.com.csr
provider: selfsigned
No password at all.
Why I am getting error like the above posted?
答案1
得分: 1
如我在评论中所述,您忘记在第二步中使用的密码短语:
community.crypto.x509_certificate:
path: /etc/ssl/crt/ansible.com.crt
privatekey_path: /etc/ssl/private/ansible.com.pem
csr_path: /etc/ssl/csr/ansible.com.csr
provider: selfsigned
privatekey_passphrase: ansible
更多信息请参考:关于x509的文档
英文:
As i stated on the comments you forgot to put the passphrase that you used on the second step:
community.crypto.x509_certificate:
path: /etc/ssl/crt/ansible.com.crt
privatekey_path: /etc/ssl/private/ansible.com.pem
csr_path: /etc/ssl/csr/ansible.com.csr
provider: selfsigned
privatekey_passphrase: ansible
More on: Doc about x509
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论