EasyRSA - Make a certificate and copy to ansible staging dir

calendar Feb 27, 2020 · 1 min read · linux pki  ·
Share on: linkedin copy

I use this script on my CA server to create a certificate for each new server we provision. This allows our internal PKI to function.

This script creates a certificate then copies it to the Ansible server where is can be deployed to the destination host

Obviously you'll need to take the necessary precautions around key security

ISSUE_NAME=$1.domain.local

cd /home/admin/EasyRSA-3.0.5/
/home/admin/EasyRSA-3.0.5/easyrsa build-server-full $ISSUE_NAME nopass
ssh edpk-ansible..local 'mkdir -p /home/admin/ansible/files/'$1'/'
scp /home/admin/EasyRSA-3.0.5/pki/issued/$ISSUE_NAME.crt edpk-ansible..local:/home/admin/ansible/files/$1/$1.crt
scp /home/admin/EasyRSA-3.0.5/pki/private/$ISSUE_NAME.key edpk-ansible..local:/home/admin/ansible/files/$1/$1.key
cd ~