[CORD-1909]
Set cert_size when generating server/client leaf certs
Change-Id: I5aeb02411b2fbf5792237b77ffdc62fd6d1b76e3
(cherry picked from commit 79ddf4b5f2a4273edce5f1adb7decfec9d919e72)
diff --git a/roles/pki-cert/tasks/main.yml b/roles/pki-cert/tasks/main.yml
index eff9183..80a9d65 100644
--- a/roles/pki-cert/tasks/main.yml
+++ b/roles/pki-cert/tasks/main.yml
@@ -21,6 +21,7 @@
command: >
openssl genrsa
-out {{ pki_dir }}/{{ site_name }}_im_ca/private/{{ item.cn }}_key.pem
+ {{ cert_size }}
args:
creates: "{{ pki_dir }}/{{ site_name }}_im_ca/private/{{ item.cn }}_key.pem"
with_items: "{{ server_certs }}"
@@ -91,6 +92,7 @@
command: >
openssl genrsa
-out {{ pki_dir }}/{{ site_name }}_im_ca/private/{{ item.cn }}_key.pem
+ {{ cert_size }}
args:
creates: "{{ pki_dir }}/{{ site_name }}_im_ca/private/{{ item.cn }}_key.pem"
with_items: "{{ client_certs }}"