ansible-playbook [core 2.12.6] config file = /etc/ansible/ansible.cfg configured module search path = ['/root/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules'] ansible python module location = /usr/lib/python3.9/site-packages/ansible ansible collection location = /tmp/tmpsp7qopjw executable location = /usr/bin/ansible-playbook python version = 3.9.13 (main, May 18 2022, 00:00:00) [GCC 11.3.1 20220421 (Red Hat 11.3.1-2)] jinja version = 2.11.3 libyaml = True Using /etc/ansible/ansible.cfg as config file Skipping callback 'debug', as we already have a stdout callback. Skipping callback 'default', as we already have a stdout callback. Skipping callback 'minimal', as we already have a stdout callback. Skipping callback 'oneline', as we already have a stdout callback. PLAYBOOK: tests_many_self_signed.yml ******************************************* 2 plays in /tmp/tmpjupnnp9c/tests/tests_many_self_signed.yml PLAY [Issue many self-signed certificates] ************************************* TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpjupnnp9c/tests/tests_many_self_signed.yml:2 Wednesday 06 July 2022 04:24:47 +0000 (0:00:00.015) 0:00:00.015 ******** ok: [/cache/rhel-8-y.qcow2.snap] META: ran handlers TASK [linux-system-roles.certificate : Set version specific variables] ********* task path: /tmp/tmpjupnnp9c/tests/roles/linux-system-roles.certificate/tasks/main.yml:2 Wednesday 06 July 2022 04:24:48 +0000 (0:00:01.137) 0:00:01.152 ******** included: /tmp/tmpjupnnp9c/tests/roles/linux-system-roles.certificate/tasks/set_vars.yml for /cache/rhel-8-y.qcow2.snap TASK [linux-system-roles.certificate : Ensure ansible_facts used by role] ****** task path: /tmp/tmpjupnnp9c/tests/roles/linux-system-roles.certificate/tasks/set_vars.yml:2 Wednesday 06 July 2022 04:24:48 +0000 (0:00:00.027) 0:00:01.179 ******** ok: [/cache/rhel-8-y.qcow2.snap] TASK [linux-system-roles.certificate : Set platform/version specific variables] *** task path: /tmp/tmpjupnnp9c/tests/roles/linux-system-roles.certificate/tasks/set_vars.yml:8 Wednesday 06 July 2022 04:24:48 +0000 (0:00:00.508) 0:00:01.688 ******** skipping: [/cache/rhel-8-y.qcow2.snap] => (item=RedHat.yml) => { "ansible_loop_var": "item", "changed": false, "item": "RedHat.yml", "skip_reason": "Conditional result was False" } skipping: [/cache/rhel-8-y.qcow2.snap] => (item=RedHat.yml) => { "ansible_loop_var": "item", "changed": false, "item": "RedHat.yml", "skip_reason": "Conditional result was False" } skipping: [/cache/rhel-8-y.qcow2.snap] => (item=RedHat_8.yml) => { "ansible_loop_var": "item", "changed": false, "item": "RedHat_8.yml", "skip_reason": "Conditional result was False" } skipping: [/cache/rhel-8-y.qcow2.snap] => (item=RedHat_8.7.yml) => { "ansible_loop_var": "item", "changed": false, "item": "RedHat_8.7.yml", "skip_reason": "Conditional result was False" } TASK [linux-system-roles.certificate : Ensure certificate role dependencies are installed] *** task path: /tmp/tmpjupnnp9c/tests/roles/linux-system-roles.certificate/tasks/main.yml:5 Wednesday 06 July 2022 04:24:49 +0000 (0:00:00.038) 0:00:01.727 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "changed": false, "rc": 0, "results": [] } MSG: Nothing to do TASK [linux-system-roles.certificate : Ensure provider packages are installed] *** task path: /tmp/tmpjupnnp9c/tests/roles/linux-system-roles.certificate/tasks/main.yml:22 Wednesday 06 July 2022 04:24:50 +0000 (0:00:01.470) 0:00:03.197 ******** ok: [/cache/rhel-8-y.qcow2.snap] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": false, "rc": 0, "results": [] } MSG: Nothing to do TASK [linux-system-roles.certificate : Ensure pre-scripts hooks directory exists] *** task path: /tmp/tmpjupnnp9c/tests/roles/linux-system-roles.certificate/tasks/main.yml:33 Wednesday 06 July 2022 04:24:51 +0000 (0:00:01.320) 0:00:04.518 ******** ok: [/cache/rhel-8-y.qcow2.snap] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": false, "gid": 0, "group": "root", "mode": "0700", "owner": "root", "path": "/etc/certmonger//pre-scripts", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 6, "state": "directory", "uid": 0 } TASK [linux-system-roles.certificate : Ensure post-scripts hooks directory exists] *** task path: /tmp/tmpjupnnp9c/tests/roles/linux-system-roles.certificate/tasks/main.yml:59 Wednesday 06 July 2022 04:24:52 +0000 (0:00:00.532) 0:00:05.051 ******** ok: [/cache/rhel-8-y.qcow2.snap] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": false, "gid": 0, "group": "root", "mode": "0700", "owner": "root", "path": "/etc/certmonger//post-scripts", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 6, "state": "directory", "uid": 0 } TASK [linux-system-roles.certificate : Ensure provider service is running] ***** task path: /tmp/tmpjupnnp9c/tests/roles/linux-system-roles.certificate/tasks/main.yml:88 Wednesday 06 July 2022 04:24:52 +0000 (0:00:00.395) 0:00:05.447 ******** ok: [/cache/rhel-8-y.qcow2.snap] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": false, "enabled": true, "name": "certmonger", "state": "started", "status": { "ActiveEnterTimestamp": "Wed 2022-07-06 00:19:07 EDT", "ActiveEnterTimestampMonotonic": "209835307", "ActiveExitTimestampMonotonic": "0", "ActiveState": "active", "After": "dbus.socket dbus.service sysinit.target syslog.target network.target systemd-journald.socket basic.target system.slice", "AllowIsolate": "no", "AllowedCPUs": "", "AllowedMemoryNodes": "", "AmbientCapabilities": "", "AssertResult": "yes", "AssertTimestamp": "Wed 2022-07-06 00:19:07 EDT", "AssertTimestampMonotonic": "209824609", "Before": "multi-user.target shutdown.target", "BlockIOAccounting": "no", "BlockIOWeight": "[not set]", "BusName": "org.fedorahosted.certmonger", "CPUAccounting": "no", "CPUAffinity": "", "CPUAffinityFromNUMA": "no", "CPUQuotaPerSecUSec": "infinity", "CPUQuotaPeriodUSec": "infinity", "CPUSchedulingPolicy": "0", "CPUSchedulingPriority": "0", "CPUSchedulingResetOnFork": "no", "CPUShares": "[not set]", "CPUUsageNSec": "[not set]", "CPUWeight": "[not set]", "CacheDirectoryMode": "0755", "CanFreeze": "yes", "CanIsolate": "no", "CanReload": "no", "CanStart": "yes", "CanStop": "yes", "CapabilityBoundingSet": "cap_chown cap_dac_override cap_dac_read_search cap_fowner cap_fsetid cap_kill cap_setgid cap_setuid cap_setpcap cap_linux_immutable cap_net_bind_service cap_net_broadcast cap_net_admin cap_net_raw cap_ipc_lock cap_ipc_owner cap_sys_module cap_sys_rawio cap_sys_chroot cap_sys_ptrace cap_sys_pacct cap_sys_admin cap_sys_boot cap_sys_nice cap_sys_resource cap_sys_time cap_sys_tty_config cap_mknod cap_lease cap_audit_write cap_audit_control cap_setfcap cap_mac_override cap_mac_admin cap_syslog cap_wake_alarm cap_block_suspend cap_audit_read cap_perfmon cap_bpf", "CollectMode": "inactive", "ConditionResult": "yes", "ConditionTimestamp": "Wed 2022-07-06 00:19:07 EDT", "ConditionTimestampMonotonic": "209824609", "ConfigurationDirectoryMode": "0755", "Conflicts": "shutdown.target", "ControlGroup": "/system.slice/certmonger.service", "ControlPID": "0", "DefaultDependencies": "yes", "DefaultMemoryLow": "0", "DefaultMemoryMin": "0", "Delegate": "no", "Description": "Certificate monitoring and PKI enrollment", "DevicePolicy": "auto", "DynamicUser": "no", "EffectiveCPUs": "", "EffectiveMemoryNodes": "", "EnvironmentFiles": "/etc/sysconfig/certmonger (ignore_errors=yes)", "ExecMainCode": "0", "ExecMainExitTimestampMonotonic": "0", "ExecMainPID": "20356", "ExecMainStartTimestamp": "Wed 2022-07-06 00:19:07 EDT", "ExecMainStartTimestampMonotonic": "209825682", "ExecMainStatus": "0", "ExecStart": "{ path=/usr/sbin/certmonger ; argv[]=/usr/sbin/certmonger -S -p /run/certmonger.pid -n $OPTS ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }", "FailureAction": "none", "FileDescriptorStoreMax": "0", "FragmentPath": "/usr/lib/systemd/system/certmonger.service", "FreezerState": "running", "GID": "[not set]", "GuessMainPID": "yes", "IOAccounting": "no", "IOSchedulingClass": "0", "IOSchedulingPriority": "0", "IOWeight": "[not set]", "IPAccounting": "no", "IPEgressBytes": "18446744073709551615", "IPEgressPackets": "18446744073709551615", "IPIngressBytes": "18446744073709551615", "IPIngressPackets": "18446744073709551615", "Id": "certmonger.service", "IgnoreOnIsolate": "no", "IgnoreSIGPIPE": "yes", "InactiveEnterTimestampMonotonic": "0", "InactiveExitTimestamp": "Wed 2022-07-06 00:19:07 EDT", "InactiveExitTimestampMonotonic": "209825779", "InvocationID": "9b7f2c992b884db7b09cb5a377a5b7df", "JobRunningTimeoutUSec": "infinity", "JobTimeoutAction": "none", "JobTimeoutUSec": "infinity", "KeyringMode": "private", "KillMode": "control-group", "KillSignal": "15", "LimitAS": "infinity", "LimitASSoft": "infinity", "LimitCORE": "infinity", "LimitCORESoft": "0", "LimitCPU": "infinity", "LimitCPUSoft": "infinity", "LimitDATA": "infinity", "LimitDATASoft": "infinity", "LimitFSIZE": "infinity", "LimitFSIZESoft": "infinity", "LimitLOCKS": "infinity", "LimitLOCKSSoft": "infinity", "LimitMEMLOCK": "65536", "LimitMEMLOCKSoft": "65536", "LimitMSGQUEUE": "819200", "LimitMSGQUEUESoft": "819200", "LimitNICE": "0", "LimitNICESoft": "0", "LimitNOFILE": "262144", "LimitNOFILESoft": "1024", "LimitNPROC": "14640", "LimitNPROCSoft": "14640", "LimitRSS": "infinity", "LimitRSSSoft": "infinity", "LimitRTPRIO": "0", "LimitRTPRIOSoft": "0", "LimitRTTIME": "infinity", "LimitRTTIMESoft": "infinity", "LimitSIGPENDING": "14640", "LimitSIGPENDINGSoft": "14640", "LimitSTACK": "infinity", "LimitSTACKSoft": "8388608", "LoadState": "loaded", "LockPersonality": "no", "LogLevelMax": "-1", "LogRateLimitBurst": "0", "LogRateLimitIntervalUSec": "0", "LogsDirectoryMode": "0755", "MainPID": "20356", "MemoryAccounting": "yes", "MemoryCurrent": "3997696", "MemoryDenyWriteExecute": "no", "MemoryHigh": "infinity", "MemoryLimit": "infinity", "MemoryLow": "0", "MemoryMax": "infinity", "MemoryMin": "0", "MemorySwapMax": "infinity", "MountAPIVFS": "no", "MountFlags": "", "NFileDescriptorStore": "0", "NRestarts": "0", "NUMAMask": "", "NUMAPolicy": "n/a", "Names": "certmonger.service", "NeedDaemonReload": "no", "Nice": "0", "NoNewPrivileges": "no", "NonBlocking": "no", "NotifyAccess": "none", "OOMScoreAdjust": "0", "OnFailureJobMode": "replace", "PIDFile": "/run/certmonger.pid", "PartOf": "dbus.service", "PermissionsStartOnly": "no", "Perpetual": "no", "PrivateDevices": "no", "PrivateMounts": "no", "PrivateNetwork": "no", "PrivateTmp": "no", "PrivateUsers": "no", "ProtectControlGroups": "no", "ProtectHome": "no", "ProtectKernelModules": "no", "ProtectKernelTunables": "no", "ProtectSystem": "no", "RefuseManualStart": "no", "RefuseManualStop": "no", "RemainAfterExit": "no", "RemoveIPC": "no", "Requires": "sysinit.target dbus.socket system.slice", "Restart": "no", "RestartUSec": "100ms", "RestrictNamespaces": "no", "RestrictRealtime": "no", "RestrictSUIDSGID": "no", "Result": "success", "RootDirectoryStartOnly": "no", "RuntimeDirectoryMode": "0755", "RuntimeDirectoryPreserve": "no", "RuntimeMaxUSec": "infinity", "SameProcessGroup": "no", "SecureBits": "0", "SendSIGHUP": "no", "SendSIGKILL": "yes", "Slice": "system.slice", "StandardError": "inherit", "StandardInput": "null", "StandardInputData": "", "StandardOutput": "journal", "StartLimitAction": "none", "StartLimitBurst": "5", "StartLimitIntervalUSec": "10s", "StartupBlockIOWeight": "[not set]", "StartupCPUShares": "[not set]", "StartupCPUWeight": "[not set]", "StartupIOWeight": "[not set]", "StateChangeTimestamp": "Wed 2022-07-06 00:19:07 EDT", "StateChangeTimestampMonotonic": "209835307", "StateDirectoryMode": "0755", "StatusErrno": "0", "StopWhenUnneeded": "no", "SubState": "running", "SuccessAction": "none", "SyslogFacility": "3", "SyslogLevel": "6", "SyslogLevelPrefix": "yes", "SyslogPriority": "30", "SystemCallErrorNumber": "0", "TTYReset": "no", "TTYVHangup": "no", "TTYVTDisallocate": "no", "TasksAccounting": "yes", "TasksCurrent": "1", "TasksMax": "23424", "TimeoutStartUSec": "1min 30s", "TimeoutStopUSec": "1min 30s", "TimerSlackNSec": "50000", "Transient": "no", "Type": "dbus", "UID": "[not set]", "UMask": "0022", "UnitFilePreset": "disabled", "UnitFileState": "enabled", "UtmpMode": "init", "WantedBy": "multi-user.target", "WatchdogTimestamp": "Wed 2022-07-06 00:19:07 EDT", "WatchdogTimestampMonotonic": "209835306", "WatchdogUSec": "0" } } TASK [linux-system-roles.certificate : Ensure certificate requests] ************ task path: /tmp/tmpjupnnp9c/tests/roles/linux-system-roles.certificate/tasks/main.yml:100 Wednesday 06 July 2022 04:24:53 +0000 (0:00:00.790) 0:00:06.237 ******** changed: [/cache/rhel-8-y.qcow2.snap] => (item={'name': 'mycert_many_self_signed', 'dns': 'www.example.com', 'ca': 'self-sign'}) => { "ansible_loop_var": "item", "changed": true, "item": { "ca": "self-sign", "dns": "www.example.com", "name": "mycert_many_self_signed" } } MSG: Certificate requested (new). changed: [/cache/rhel-8-y.qcow2.snap] => (item={'name': 'other-cert', 'dns': 'www.example.org', 'ca': 'self-sign'}) => { "ansible_loop_var": "item", "changed": true, "item": { "ca": "self-sign", "dns": "www.example.org", "name": "other-cert" } } MSG: Certificate requested (new). changed: [/cache/rhel-8-y.qcow2.snap] => (item={'name': 'another-cert', 'dns': 'www.example.net', 'ca': 'self-sign'}) => { "ansible_loop_var": "item", "changed": true, "item": { "ca": "self-sign", "dns": "www.example.net", "name": "another-cert" } } MSG: Certificate requested (new). META: role_complete for /cache/rhel-8-y.qcow2.snap META: ran handlers META: ran handlers PLAY [Verify certificate] ****************************************************** TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpjupnnp9c/tests/tests_many_self_signed.yml:18 Wednesday 06 July 2022 04:24:57 +0000 (0:00:03.973) 0:00:10.211 ******** ok: [/cache/rhel-8-y.qcow2.snap] META: ran handlers TASK [Verify each certificate] ************************************************* task path: /tmp/tmpjupnnp9c/tests/tests_many_self_signed.yml:50 Wednesday 06 July 2022 04:24:58 +0000 (0:00:00.795) 0:00:11.006 ******** included: /tmp/tmpjupnnp9c/tests/tasks/assert_certificate_parameters.yml for /cache/rhel-8-y.qcow2.snap => (item={'path': '/etc/pki/tls/certs/mycert_many_self_signed.crt', 'key_path': '/etc/pki/tls/private/mycert_many_self_signed.key', 'subject': [{'name': 'commonName', 'oid': '2.5.4.3', 'value': 'www.example.com'}], 'subject_alt_name': [{'name': 'DNS', 'value': 'www.example.com'}]}) included: /tmp/tmpjupnnp9c/tests/tasks/assert_certificate_parameters.yml for /cache/rhel-8-y.qcow2.snap => (item={'path': '/etc/pki/tls/certs/other-cert.crt', 'key_path': '/etc/pki/tls/private/other-cert.key', 'subject': [{'name': 'commonName', 'oid': '2.5.4.3', 'value': 'www.example.org'}], 'subject_alt_name': [{'name': 'DNS', 'value': 'www.example.org'}]}) included: /tmp/tmpjupnnp9c/tests/tasks/assert_certificate_parameters.yml for /cache/rhel-8-y.qcow2.snap => (item={'path': '/etc/pki/tls/certs/another-cert.crt', 'key_path': '/etc/pki/tls/private/another-cert.key', 'subject': [{'name': 'commonName', 'oid': '2.5.4.3', 'value': 'www.example.net'}], 'subject_alt_name': [{'name': 'DNS', 'value': 'www.example.net'}]}) TASK [Set virtualenv_path] ***************************************************** task path: /tmp/tmpjupnnp9c/tests/tasks/assert_certificate_parameters.yml:2 Wednesday 06 July 2022 04:24:58 +0000 (0:00:00.053) 0:00:11.060 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "ansible_facts": { "__virtualenv_path": "/tmp/certificate-tests-venv" }, "changed": false } TASK [Ensure python3 is installed] ********************************************* task path: /tmp/tmpjupnnp9c/tests/tasks/assert_certificate_parameters.yml:6 Wednesday 06 July 2022 04:24:58 +0000 (0:00:00.028) 0:00:11.088 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "changed": false, "rc": 0, "results": [] } MSG: Nothing to do TASK [Install the package, force upgrade] ************************************** task path: /tmp/tmpjupnnp9c/tests/tasks/assert_certificate_parameters.yml:11 Wednesday 06 July 2022 04:24:59 +0000 (0:00:01.413) 0:00:12.501 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "changed": false, "cmd": [ "/tmp/certificate-tests-venv/bin/pip3", "install", "-U", "pip" ], "name": [ "pip" ], "requirements": null, "state": "latest", "version": null, "virtualenv": "/tmp/certificate-tests-venv" } STDOUT: Requirement already satisfied: pip in ./certificate-tests-venv/lib/python3.6/site-packages (21.3.1) TASK [Install certreader] ****************************************************** task path: /tmp/tmpjupnnp9c/tests/tasks/assert_certificate_parameters.yml:18 Wednesday 06 July 2022 04:25:00 +0000 (0:00:01.143) 0:00:13.645 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "changed": false, "cmd": [ "/tmp/certificate-tests-venv/bin/pip3", "install", "cryptography<35", "certreader>=0.1.1" ], "name": [ "cryptography<35", "certreader>=0.1.1" ], "requirements": null, "state": "present", "version": null, "virtualenv": "/tmp/certificate-tests-venv" } STDOUT: Requirement already satisfied: cryptography<35 in ./certificate-tests-venv/lib/python3.6/site-packages (3.4.8) Requirement already satisfied: certreader>=0.1.1 in ./certificate-tests-venv/lib/python3.6/site-packages (0.1.1) Requirement already satisfied: cffi>=1.12 in ./certificate-tests-venv/lib/python3.6/site-packages (from cryptography<35) (1.15.1) Requirement already satisfied: pyasn1 in ./certificate-tests-venv/lib/python3.6/site-packages (from certreader>=0.1.1) (0.4.8) Requirement already satisfied: pyyaml in ./certificate-tests-venv/lib/python3.6/site-packages (from certreader>=0.1.1) (6.0) Requirement already satisfied: pycparser in ./certificate-tests-venv/lib/python3.6/site-packages (from cffi>=1.12->cryptography<35) (2.21) TASK [Retrieve certificate file stats] ***************************************** task path: /tmp/tmpjupnnp9c/tests/tasks/assert_certificate_parameters.yml:26 Wednesday 06 July 2022 04:25:01 +0000 (0:00:00.858) 0:00:14.503 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "changed": false, "stat": { "atime": 1657081495.187274, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "64135bfd99739735d149b80f99689a456c0640ef", "ctime": 1657081495.185274, "dev": 64515, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 16980478, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1657081495.185274, "nlink": 1, "path": "/etc/pki/tls/certs/mycert_many_self_signed.crt", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1294, "uid": 0, "version": "266447357", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify if certificate file exists] *************************************** task path: /tmp/tmpjupnnp9c/tests/tasks/assert_certificate_parameters.yml:31 Wednesday 06 July 2022 04:25:02 +0000 (0:00:00.518) 0:00:15.022 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "changed": false } MSG: All assertions passed TASK [Verify certificate file owner and group] ********************************* task path: /tmp/tmpjupnnp9c/tests/tasks/assert_certificate_parameters.yml:37 Wednesday 06 July 2022 04:25:02 +0000 (0:00:00.060) 0:00:15.082 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "changed": false } MSG: All assertions passed TASK [Verify certificate permissions] ****************************************** task path: /tmp/tmpjupnnp9c/tests/tasks/assert_certificate_parameters.yml:49 Wednesday 06 July 2022 04:25:02 +0000 (0:00:00.091) 0:00:15.174 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "changed": false } MSG: All assertions passed TASK [Retrieve key file stats] ************************************************* task path: /tmp/tmpjupnnp9c/tests/tasks/assert_certificate_parameters.yml:55 Wednesday 06 July 2022 04:25:02 +0000 (0:00:00.079) 0:00:15.253 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "changed": false, "stat": { "atime": 1657081495.140274, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "f3166ac663213391a533e2089dd8d33c9972a94c", "ctime": 1657081495.185274, "dev": 64515, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 26548745, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1657081495.185274, "nlink": 1, "path": "/etc/pki/tls/private/mycert_many_self_signed.key", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1708, "uid": 0, "version": "2007121634", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify if key file exists] *********************************************** task path: /tmp/tmpjupnnp9c/tests/tasks/assert_certificate_parameters.yml:60 Wednesday 06 July 2022 04:25:02 +0000 (0:00:00.377) 0:00:15.630 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "changed": false } MSG: All assertions passed TASK [Verify key file owner and group] ***************************************** task path: /tmp/tmpjupnnp9c/tests/tasks/assert_certificate_parameters.yml:66 Wednesday 06 July 2022 04:25:02 +0000 (0:00:00.067) 0:00:15.698 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "changed": false } MSG: All assertions passed TASK [Parse certificate] ******************************************************* task path: /tmp/tmpjupnnp9c/tests/tasks/assert_certificate_parameters.yml:78 Wednesday 06 July 2022 04:25:03 +0000 (0:00:00.076) 0:00:15.775 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "changed": false, "cmd": [ "/tmp/certificate-tests-venv/bin/certreader2json", "/etc/pki/tls/certs/mycert_many_self_signed.crt" ], "delta": "0:00:00.244549", "end": "2022-07-06 00:25:03.691720", "rc": 0, "start": "2022-07-06 00:25:03.447171" } STDOUT: { "subject": [ { "name": "commonName", "oid": "2.5.4.3", "value": "www.example.com" } ], "extensions": { "keyUsage": { "value": [ "digital_signature", "key_encipherment" ], "critical": false }, "subjectAltName": { "value": [ { "name": "DNS", "value": "www.example.com" } ], "critical": false }, "extendedKeyUsage": { "value": [ { "name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1" }, { "name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2" } ], "critical": false }, "basicConstraints": { "value": { "ca": false }, "critical": true }, "subjectKeyIdentifier": { "value": "9C:5C:4C:D3:CD:08:E7:D6:FE:1E:4E:7B:00:2A:1F:8F:CC:D0:A8:8D", "critical": false }, "authorityKeyIdentifier": { "value": "EA:13:1C:D9:76:B4:03:87:EC:1C:CA:DF:E8:85:E1:98:02:AB:53:26", "critical": false } }, "signature_algorithm": { "algorithm": "sha256WithRSAEncryption", "signature": "36:9F:06:28:72:15:87:87:E4:35:4C:2A:D3:C7:2A:4E:CF:5D:25:2E:A6:7A:98:DC:F3:5A:C1:38:60:94:FC:9B:2F:89:DA:41:FD:5E:58:69:B5:63:C1:66:22:2F:0B:9C:23:B4:F5:DA:14:B5:A7:D5:97:93:1C:BB:76:6A:CB:68:44:81:3E:5B:59:51:04:21:D1:38:02:90:32:BE:52:2C:11:7D:D4:77:51:C5:C8:FE:D0:19:ED:A0:7A:63:FE:18:48:76:A7:71:2B:59:37:84:B4:61:02:83:0E:3C:27:D8:22:A8:90:95:80:CD:DD:C5:34:8C:0E:21:AE:F5:60:E4:CF:9D:F4:7B:29:98:CD:4A:96:E2:56:77:B1:53:F2:DE:3B:7C:6C:E1:99:59:5F:3F:8D:BE:C9:18:6F:FF:7E:80:CB:05:47:C1:C6:5A:D7:ED:08:1B:9E:78:59:DF:18:CA:DF:0A:7E:C7:9A:FE:3C:0C:F3:FC:B8:89:34:D1:D1:1E:22:F7:EE:49:AE:4E:88:44:C2:C3:F9:27:C4:3D:63:6F:40:BA:A1:6D:4E:1D:1E:B2:BD:E8:7D:57:DC:71:46:02:11:AA:4A:AA:D1:C6:58:05:08:C2:C8:3C:9E:B2:B6:D1:B5:7F:C9:FD:00:EB:5A:AC:6B:BB:41:3C:4C:22:92:AB" }, "key_size": 2048, "validity": { "not_valid_after": "2023-07-06 04:19:07", "not_valid_before": "2022-07-06 04:24:55" } } TASK [Load certificate YAML to cert_issued variable] *************************** task path: /tmp/tmpjupnnp9c/tests/tasks/assert_certificate_parameters.yml:83 Wednesday 06 July 2022 04:25:03 +0000 (0:00:00.743) 0:00:16.518 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "ansible_facts": { "cert_issued": { "extensions": { "authorityKeyIdentifier": { "critical": false, "value": "EA:13:1C:D9:76:B4:03:87:EC:1C:CA:DF:E8:85:E1:98:02:AB:53:26" }, "basicConstraints": { "critical": true, "value": { "ca": false } }, "extendedKeyUsage": { "critical": false, "value": [ { "name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1" }, { "name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2" } ] }, "keyUsage": { "critical": false, "value": [ "digital_signature", "key_encipherment" ] }, "subjectAltName": { "critical": false, "value": [ { "name": "DNS", "value": "www.example.com" } ] }, "subjectKeyIdentifier": { "critical": false, "value": "9C:5C:4C:D3:CD:08:E7:D6:FE:1E:4E:7B:00:2A:1F:8F:CC:D0:A8:8D" } }, "key_size": 2048, "signature_algorithm": { "algorithm": "sha256WithRSAEncryption", "signature": "36:9F:06:28:72:15:87:87:E4:35:4C:2A:D3:C7:2A:4E:CF:5D:25:2E:A6:7A:98:DC:F3:5A:C1:38:60:94:FC:9B:2F:89:DA:41:FD:5E:58:69:B5:63:C1:66:22:2F:0B:9C:23:B4:F5:DA:14:B5:A7:D5:97:93:1C:BB:76:6A:CB:68:44:81:3E:5B:59:51:04:21:D1:38:02:90:32:BE:52:2C:11:7D:D4:77:51:C5:C8:FE:D0:19:ED:A0:7A:63:FE:18:48:76:A7:71:2B:59:37:84:B4:61:02:83:0E:3C:27:D8:22:A8:90:95:80:CD:DD:C5:34:8C:0E:21:AE:F5:60:E4:CF:9D:F4:7B:29:98:CD:4A:96:E2:56:77:B1:53:F2:DE:3B:7C:6C:E1:99:59:5F:3F:8D:BE:C9:18:6F:FF:7E:80:CB:05:47:C1:C6:5A:D7:ED:08:1B:9E:78:59:DF:18:CA:DF:0A:7E:C7:9A:FE:3C:0C:F3:FC:B8:89:34:D1:D1:1E:22:F7:EE:49:AE:4E:88:44:C2:C3:F9:27:C4:3D:63:6F:40:BA:A1:6D:4E:1D:1E:B2:BD:E8:7D:57:DC:71:46:02:11:AA:4A:AA:D1:C6:58:05:08:C2:C8:3C:9E:B2:B6:D1:B5:7F:C9:FD:00:EB:5A:AC:6B:BB:41:3C:4C:22:92:AB" }, "subject": [ { "name": "commonName", "oid": "2.5.4.3", "value": "www.example.com" } ], "validity": { "not_valid_after": "2023-07-06 04:19:07", "not_valid_before": "2022-07-06 04:24:55" } } }, "changed": false } TASK [Verify certificate subject] ********************************************** task path: /tmp/tmpjupnnp9c/tests/tasks/assert_certificate_parameters.yml:87 Wednesday 06 July 2022 04:25:03 +0000 (0:00:00.044) 0:00:16.563 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "changed": false } MSG: All assertions passed TASK [Verify certificate SAN] ************************************************** task path: /tmp/tmpjupnnp9c/tests/tasks/assert_certificate_parameters.yml:96 Wednesday 06 July 2022 04:25:03 +0000 (0:00:00.044) 0:00:16.607 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "changed": false } MSG: All assertions passed TASK [Verify key size] ********************************************************* task path: /tmp/tmpjupnnp9c/tests/tasks/assert_certificate_parameters.yml:105 Wednesday 06 July 2022 04:25:03 +0000 (0:00:00.030) 0:00:16.638 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "changed": false } MSG: All assertions passed TASK [Verify certificate Key Usage] ******************************************** task path: /tmp/tmpjupnnp9c/tests/tasks/assert_certificate_parameters.yml:112 Wednesday 06 July 2022 04:25:03 +0000 (0:00:00.043) 0:00:16.681 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "changed": false } MSG: All assertions passed TASK [Verify certificate Extended Key Usage] *********************************** task path: /tmp/tmpjupnnp9c/tests/tasks/assert_certificate_parameters.yml:125 Wednesday 06 July 2022 04:25:04 +0000 (0:00:00.044) 0:00:16.726 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "changed": false } MSG: All assertions passed TASK [Retrieve auto-renew flag] ************************************************ task path: /tmp/tmpjupnnp9c/tests/tasks/assert_certificate_parameters.yml:141 Wednesday 06 July 2022 04:25:04 +0000 (0:00:00.046) 0:00:16.773 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "changed": false, "cmd": "set -euo pipefail; getcert list -f /etc/pki/tls/certs/mycert_many_self_signed.crt | grep 'auto-renew' | sed 's/^\\s\\+auto-renew: //g'", "delta": "0:00:00.073863", "end": "2022-07-06 00:25:04.385439", "rc": 0, "start": "2022-07-06 00:25:04.311576" } STDOUT: yes TASK [Verify certificate auto-renew flag] ************************************** task path: /tmp/tmpjupnnp9c/tests/tasks/assert_certificate_parameters.yml:150 Wednesday 06 July 2022 04:25:04 +0000 (0:00:00.443) 0:00:17.216 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "changed": false } MSG: All assertions passed TASK [Set virtualenv_path] ***************************************************** task path: /tmp/tmpjupnnp9c/tests/tasks/assert_certificate_parameters.yml:2 Wednesday 06 July 2022 04:25:04 +0000 (0:00:00.045) 0:00:17.261 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "ansible_facts": { "__virtualenv_path": "/tmp/certificate-tests-venv" }, "changed": false } TASK [Ensure python3 is installed] ********************************************* task path: /tmp/tmpjupnnp9c/tests/tasks/assert_certificate_parameters.yml:6 Wednesday 06 July 2022 04:25:04 +0000 (0:00:00.029) 0:00:17.291 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "changed": false, "rc": 0, "results": [] } MSG: Nothing to do TASK [Install the package, force upgrade] ************************************** task path: /tmp/tmpjupnnp9c/tests/tasks/assert_certificate_parameters.yml:11 Wednesday 06 July 2022 04:25:05 +0000 (0:00:01.359) 0:00:18.650 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "changed": false, "cmd": [ "/tmp/certificate-tests-venv/bin/pip3", "install", "-U", "pip" ], "name": [ "pip" ], "requirements": null, "state": "latest", "version": null, "virtualenv": "/tmp/certificate-tests-venv" } STDOUT: Requirement already satisfied: pip in ./certificate-tests-venv/lib/python3.6/site-packages (21.3.1) TASK [Install certreader] ****************************************************** task path: /tmp/tmpjupnnp9c/tests/tasks/assert_certificate_parameters.yml:18 Wednesday 06 July 2022 04:25:06 +0000 (0:00:01.050) 0:00:19.700 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "changed": false, "cmd": [ "/tmp/certificate-tests-venv/bin/pip3", "install", "cryptography<35", "certreader>=0.1.1" ], "name": [ "cryptography<35", "certreader>=0.1.1" ], "requirements": null, "state": "present", "version": null, "virtualenv": "/tmp/certificate-tests-venv" } STDOUT: Requirement already satisfied: cryptography<35 in ./certificate-tests-venv/lib/python3.6/site-packages (3.4.8) Requirement already satisfied: certreader>=0.1.1 in ./certificate-tests-venv/lib/python3.6/site-packages (0.1.1) Requirement already satisfied: cffi>=1.12 in ./certificate-tests-venv/lib/python3.6/site-packages (from cryptography<35) (1.15.1) Requirement already satisfied: pyasn1 in ./certificate-tests-venv/lib/python3.6/site-packages (from certreader>=0.1.1) (0.4.8) Requirement already satisfied: pyyaml in ./certificate-tests-venv/lib/python3.6/site-packages (from certreader>=0.1.1) (6.0) Requirement already satisfied: pycparser in ./certificate-tests-venv/lib/python3.6/site-packages (from cffi>=1.12->cryptography<35) (2.21) TASK [Retrieve certificate file stats] ***************************************** task path: /tmp/tmpjupnnp9c/tests/tasks/assert_certificate_parameters.yml:26 Wednesday 06 July 2022 04:25:07 +0000 (0:00:00.890) 0:00:20.591 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "changed": false, "stat": { "atime": 1657081496.201274, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "18ad21a626b350aa9d85c3df56120eadec6f5198", "ctime": 1657081496.198274, "dev": 64515, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 16980479, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1657081496.198274, "nlink": 1, "path": "/etc/pki/tls/certs/other-cert.crt", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1294, "uid": 0, "version": "409400414", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify if certificate file exists] *************************************** task path: /tmp/tmpjupnnp9c/tests/tasks/assert_certificate_parameters.yml:31 Wednesday 06 July 2022 04:25:08 +0000 (0:00:00.372) 0:00:20.963 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "changed": false } MSG: All assertions passed TASK [Verify certificate file owner and group] ********************************* task path: /tmp/tmpjupnnp9c/tests/tasks/assert_certificate_parameters.yml:37 Wednesday 06 July 2022 04:25:08 +0000 (0:00:00.031) 0:00:20.995 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "changed": false } MSG: All assertions passed TASK [Verify certificate permissions] ****************************************** task path: /tmp/tmpjupnnp9c/tests/tasks/assert_certificate_parameters.yml:49 Wednesday 06 July 2022 04:25:08 +0000 (0:00:00.048) 0:00:21.043 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "changed": false } MSG: All assertions passed TASK [Retrieve key file stats] ************************************************* task path: /tmp/tmpjupnnp9c/tests/tasks/assert_certificate_parameters.yml:55 Wednesday 06 July 2022 04:25:08 +0000 (0:00:00.046) 0:00:21.089 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "changed": false, "stat": { "atime": 1657081496.151274, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "5444dedce6e6f9461ceb9d5eb2e5dc5412580235", "ctime": 1657081496.198274, "dev": 64515, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 26542137, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1657081496.198274, "nlink": 1, "path": "/etc/pki/tls/private/other-cert.key", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1704, "uid": 0, "version": "1344513873", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify if key file exists] *********************************************** task path: /tmp/tmpjupnnp9c/tests/tasks/assert_certificate_parameters.yml:60 Wednesday 06 July 2022 04:25:08 +0000 (0:00:00.373) 0:00:21.463 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "changed": false } MSG: All assertions passed TASK [Verify key file owner and group] ***************************************** task path: /tmp/tmpjupnnp9c/tests/tasks/assert_certificate_parameters.yml:66 Wednesday 06 July 2022 04:25:08 +0000 (0:00:00.033) 0:00:21.496 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "changed": false } MSG: All assertions passed TASK [Parse certificate] ******************************************************* task path: /tmp/tmpjupnnp9c/tests/tasks/assert_certificate_parameters.yml:78 Wednesday 06 July 2022 04:25:08 +0000 (0:00:00.046) 0:00:21.543 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "changed": false, "cmd": [ "/tmp/certificate-tests-venv/bin/certreader2json", "/etc/pki/tls/certs/other-cert.crt" ], "delta": "0:00:00.226616", "end": "2022-07-06 00:25:09.308717", "rc": 0, "start": "2022-07-06 00:25:09.082101" } STDOUT: { "subject": [ { "name": "commonName", "oid": "2.5.4.3", "value": "www.example.org" } ], "extensions": { "keyUsage": { "value": [ "digital_signature", "key_encipherment" ], "critical": false }, "subjectAltName": { "value": [ { "name": "DNS", "value": "www.example.org" } ], "critical": false }, "extendedKeyUsage": { "value": [ { "name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1" }, { "name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2" } ], "critical": false }, "basicConstraints": { "value": { "ca": false }, "critical": true }, "subjectKeyIdentifier": { "value": "20:E4:6E:E9:B0:0F:EF:3A:B6:54:D5:E0:7B:03:65:DB:C1:56:13:C3", "critical": false }, "authorityKeyIdentifier": { "value": "EA:13:1C:D9:76:B4:03:87:EC:1C:CA:DF:E8:85:E1:98:02:AB:53:26", "critical": false } }, "signature_algorithm": { "algorithm": "sha256WithRSAEncryption", "signature": "8F:C7:96:B9:64:65:A9:EE:69:61:05:C2:6F:C4:5E:0F:A5:DD:C9:39:AA:F5:E0:61:B5:68:0A:9C:C1:BE:18:B3:F1:9C:56:7C:C8:8F:28:0E:2D:D0:1B:53:F2:E0:FB:E9:CD:AB:25:14:8A:AD:EF:C8:38:FC:49:80:AD:B9:93:9F:03:7D:E9:68:53:5F:CA:07:53:77:D7:53:BE:B4:88:C4:2F:2E:70:38:42:09:72:DA:73:6A:A0:DD:BB:E5:9F:61:22:6C:64:F6:D5:BC:B5:A0:64:19:D2:3F:BF:4C:45:E7:67:B1:15:7D:58:5F:FB:BC:D6:43:FA:CC:E9:F6:FC:75:63:89:6C:58:4D:1F:EB:08:A6:24:35:8C:31:F6:E6:C1:67:B9:C5:E2:B2:37:1E:96:C3:B3:0C:E2:E7:25:83:5C:BF:D5:9D:8A:0E:CD:CA:66:4D:14:3A:06:E1:60:E4:BA:09:BC:A5:B7:62:03:DE:FD:AD:22:49:29:15:85:C4:4F:4D:78:04:88:D9:94:3E:9F:07:48:03:10:1E:77:B7:F7:85:63:3B:DB:2D:48:29:3C:6D:6B:6C:AC:4A:2F:EF:BC:50:F6:5D:31:74:0D:A8:DF:87:2C:0B:3D:42:53:90:15:55:7D:10:01:10:80:DB:FF:36:67:2B:DC:1C:AF:D7:A7" }, "key_size": 2048, "validity": { "not_valid_after": "2023-07-06 04:19:07", "not_valid_before": "2022-07-06 04:24:56" } } TASK [Load certificate YAML to cert_issued variable] *************************** task path: /tmp/tmpjupnnp9c/tests/tasks/assert_certificate_parameters.yml:83 Wednesday 06 July 2022 04:25:09 +0000 (0:00:00.590) 0:00:22.133 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "ansible_facts": { "cert_issued": { "extensions": { "authorityKeyIdentifier": { "critical": false, "value": "EA:13:1C:D9:76:B4:03:87:EC:1C:CA:DF:E8:85:E1:98:02:AB:53:26" }, "basicConstraints": { "critical": true, "value": { "ca": false } }, "extendedKeyUsage": { "critical": false, "value": [ { "name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1" }, { "name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2" } ] }, "keyUsage": { "critical": false, "value": [ "digital_signature", "key_encipherment" ] }, "subjectAltName": { "critical": false, "value": [ { "name": "DNS", "value": "www.example.org" } ] }, "subjectKeyIdentifier": { "critical": false, "value": "20:E4:6E:E9:B0:0F:EF:3A:B6:54:D5:E0:7B:03:65:DB:C1:56:13:C3" } }, "key_size": 2048, "signature_algorithm": { "algorithm": "sha256WithRSAEncryption", "signature": "8F:C7:96:B9:64:65:A9:EE:69:61:05:C2:6F:C4:5E:0F:A5:DD:C9:39:AA:F5:E0:61:B5:68:0A:9C:C1:BE:18:B3:F1:9C:56:7C:C8:8F:28:0E:2D:D0:1B:53:F2:E0:FB:E9:CD:AB:25:14:8A:AD:EF:C8:38:FC:49:80:AD:B9:93:9F:03:7D:E9:68:53:5F:CA:07:53:77:D7:53:BE:B4:88:C4:2F:2E:70:38:42:09:72:DA:73:6A:A0:DD:BB:E5:9F:61:22:6C:64:F6:D5:BC:B5:A0:64:19:D2:3F:BF:4C:45:E7:67:B1:15:7D:58:5F:FB:BC:D6:43:FA:CC:E9:F6:FC:75:63:89:6C:58:4D:1F:EB:08:A6:24:35:8C:31:F6:E6:C1:67:B9:C5:E2:B2:37:1E:96:C3:B3:0C:E2:E7:25:83:5C:BF:D5:9D:8A:0E:CD:CA:66:4D:14:3A:06:E1:60:E4:BA:09:BC:A5:B7:62:03:DE:FD:AD:22:49:29:15:85:C4:4F:4D:78:04:88:D9:94:3E:9F:07:48:03:10:1E:77:B7:F7:85:63:3B:DB:2D:48:29:3C:6D:6B:6C:AC:4A:2F:EF:BC:50:F6:5D:31:74:0D:A8:DF:87:2C:0B:3D:42:53:90:15:55:7D:10:01:10:80:DB:FF:36:67:2B:DC:1C:AF:D7:A7" }, "subject": [ { "name": "commonName", "oid": "2.5.4.3", "value": "www.example.org" } ], "validity": { "not_valid_after": "2023-07-06 04:19:07", "not_valid_before": "2022-07-06 04:24:56" } } }, "changed": false } TASK [Verify certificate subject] ********************************************** task path: /tmp/tmpjupnnp9c/tests/tasks/assert_certificate_parameters.yml:87 Wednesday 06 July 2022 04:25:09 +0000 (0:00:00.044) 0:00:22.178 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "changed": false } MSG: All assertions passed TASK [Verify certificate SAN] ************************************************** task path: /tmp/tmpjupnnp9c/tests/tasks/assert_certificate_parameters.yml:96 Wednesday 06 July 2022 04:25:09 +0000 (0:00:00.045) 0:00:22.224 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "changed": false } MSG: All assertions passed TASK [Verify key size] ********************************************************* task path: /tmp/tmpjupnnp9c/tests/tasks/assert_certificate_parameters.yml:105 Wednesday 06 July 2022 04:25:09 +0000 (0:00:00.033) 0:00:22.258 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "changed": false } MSG: All assertions passed TASK [Verify certificate Key Usage] ******************************************** task path: /tmp/tmpjupnnp9c/tests/tasks/assert_certificate_parameters.yml:112 Wednesday 06 July 2022 04:25:09 +0000 (0:00:00.045) 0:00:22.304 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "changed": false } MSG: All assertions passed TASK [Verify certificate Extended Key Usage] *********************************** task path: /tmp/tmpjupnnp9c/tests/tasks/assert_certificate_parameters.yml:125 Wednesday 06 July 2022 04:25:09 +0000 (0:00:00.045) 0:00:22.349 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "changed": false } MSG: All assertions passed TASK [Retrieve auto-renew flag] ************************************************ task path: /tmp/tmpjupnnp9c/tests/tasks/assert_certificate_parameters.yml:141 Wednesday 06 July 2022 04:25:09 +0000 (0:00:00.045) 0:00:22.395 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "changed": false, "cmd": "set -euo pipefail; getcert list -f /etc/pki/tls/certs/other-cert.crt | grep 'auto-renew' | sed 's/^\\s\\+auto-renew: //g'", "delta": "0:00:00.071370", "end": "2022-07-06 00:25:09.996158", "rc": 0, "start": "2022-07-06 00:25:09.924788" } STDOUT: yes TASK [Verify certificate auto-renew flag] ************************************** task path: /tmp/tmpjupnnp9c/tests/tasks/assert_certificate_parameters.yml:150 Wednesday 06 July 2022 04:25:10 +0000 (0:00:00.426) 0:00:22.821 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "changed": false } MSG: All assertions passed TASK [Set virtualenv_path] ***************************************************** task path: /tmp/tmpjupnnp9c/tests/tasks/assert_certificate_parameters.yml:2 Wednesday 06 July 2022 04:25:10 +0000 (0:00:00.047) 0:00:22.869 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "ansible_facts": { "__virtualenv_path": "/tmp/certificate-tests-venv" }, "changed": false } TASK [Ensure python3 is installed] ********************************************* task path: /tmp/tmpjupnnp9c/tests/tasks/assert_certificate_parameters.yml:6 Wednesday 06 July 2022 04:25:10 +0000 (0:00:00.028) 0:00:22.898 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "changed": false, "rc": 0, "results": [] } MSG: Nothing to do TASK [Install the package, force upgrade] ************************************** task path: /tmp/tmpjupnnp9c/tests/tasks/assert_certificate_parameters.yml:11 Wednesday 06 July 2022 04:25:11 +0000 (0:00:01.336) 0:00:24.234 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "changed": false, "cmd": [ "/tmp/certificate-tests-venv/bin/pip3", "install", "-U", "pip" ], "name": [ "pip" ], "requirements": null, "state": "latest", "version": null, "virtualenv": "/tmp/certificate-tests-venv" } STDOUT: Requirement already satisfied: pip in ./certificate-tests-venv/lib/python3.6/site-packages (21.3.1) TASK [Install certreader] ****************************************************** task path: /tmp/tmpjupnnp9c/tests/tasks/assert_certificate_parameters.yml:18 Wednesday 06 July 2022 04:25:12 +0000 (0:00:01.056) 0:00:25.291 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "changed": false, "cmd": [ "/tmp/certificate-tests-venv/bin/pip3", "install", "cryptography<35", "certreader>=0.1.1" ], "name": [ "cryptography<35", "certreader>=0.1.1" ], "requirements": null, "state": "present", "version": null, "virtualenv": "/tmp/certificate-tests-venv" } STDOUT: Requirement already satisfied: cryptography<35 in ./certificate-tests-venv/lib/python3.6/site-packages (3.4.8) Requirement already satisfied: certreader>=0.1.1 in ./certificate-tests-venv/lib/python3.6/site-packages (0.1.1) Requirement already satisfied: cffi>=1.12 in ./certificate-tests-venv/lib/python3.6/site-packages (from cryptography<35) (1.15.1) Requirement already satisfied: pyasn1 in ./certificate-tests-venv/lib/python3.6/site-packages (from certreader>=0.1.1) (0.4.8) Requirement already satisfied: pyyaml in ./certificate-tests-venv/lib/python3.6/site-packages (from certreader>=0.1.1) (6.0) Requirement already satisfied: pycparser in ./certificate-tests-venv/lib/python3.6/site-packages (from cffi>=1.12->cryptography<35) (2.21) TASK [Retrieve certificate file stats] ***************************************** task path: /tmp/tmpjupnnp9c/tests/tasks/assert_certificate_parameters.yml:26 Wednesday 06 July 2022 04:25:13 +0000 (0:00:00.868) 0:00:26.159 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "changed": false, "stat": { "atime": 1657081497.233274, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "f060cbb194bf6b91f727bae5d13523223daf3b2e", "ctime": 1657081497.230274, "dev": 64515, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 17013568, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1657081497.230274, "nlink": 1, "path": "/etc/pki/tls/certs/another-cert.crt", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1294, "uid": 0, "version": "94202685", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify if certificate file exists] *************************************** task path: /tmp/tmpjupnnp9c/tests/tasks/assert_certificate_parameters.yml:31 Wednesday 06 July 2022 04:25:13 +0000 (0:00:00.368) 0:00:26.528 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "changed": false } MSG: All assertions passed TASK [Verify certificate file owner and group] ********************************* task path: /tmp/tmpjupnnp9c/tests/tasks/assert_certificate_parameters.yml:37 Wednesday 06 July 2022 04:25:13 +0000 (0:00:00.033) 0:00:26.561 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "changed": false } MSG: All assertions passed TASK [Verify certificate permissions] ****************************************** task path: /tmp/tmpjupnnp9c/tests/tasks/assert_certificate_parameters.yml:49 Wednesday 06 July 2022 04:25:13 +0000 (0:00:00.054) 0:00:26.616 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "changed": false } MSG: All assertions passed TASK [Retrieve key file stats] ************************************************* task path: /tmp/tmpjupnnp9c/tests/tasks/assert_certificate_parameters.yml:55 Wednesday 06 July 2022 04:25:13 +0000 (0:00:00.045) 0:00:26.661 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "changed": false, "stat": { "atime": 1657081497.185274, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "fd9891f401c6268ca7da6d4c5629225859366b0d", "ctime": 1657081497.230274, "dev": 64515, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 26548757, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1657081497.230274, "nlink": 1, "path": "/etc/pki/tls/private/another-cert.key", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1704, "uid": 0, "version": "2557210617", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify if key file exists] *********************************************** task path: /tmp/tmpjupnnp9c/tests/tasks/assert_certificate_parameters.yml:60 Wednesday 06 July 2022 04:25:14 +0000 (0:00:00.396) 0:00:27.058 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "changed": false } MSG: All assertions passed TASK [Verify key file owner and group] ***************************************** task path: /tmp/tmpjupnnp9c/tests/tasks/assert_certificate_parameters.yml:66 Wednesday 06 July 2022 04:25:14 +0000 (0:00:00.033) 0:00:27.091 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "changed": false } MSG: All assertions passed TASK [Parse certificate] ******************************************************* task path: /tmp/tmpjupnnp9c/tests/tasks/assert_certificate_parameters.yml:78 Wednesday 06 July 2022 04:25:14 +0000 (0:00:00.047) 0:00:27.138 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "changed": false, "cmd": [ "/tmp/certificate-tests-venv/bin/certreader2json", "/etc/pki/tls/certs/another-cert.crt" ], "delta": "0:00:00.244383", "end": "2022-07-06 00:25:14.928260", "rc": 0, "start": "2022-07-06 00:25:14.683877" } STDOUT: { "subject": [ { "name": "commonName", "oid": "2.5.4.3", "value": "www.example.net" } ], "extensions": { "keyUsage": { "value": [ "digital_signature", "key_encipherment" ], "critical": false }, "subjectAltName": { "value": [ { "name": "DNS", "value": "www.example.net" } ], "critical": false }, "extendedKeyUsage": { "value": [ { "name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1" }, { "name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2" } ], "critical": false }, "basicConstraints": { "value": { "ca": false }, "critical": true }, "subjectKeyIdentifier": { "value": "00:2A:E7:FD:82:F9:E4:E9:35:4C:8F:EA:97:CB:96:81:90:83:BC:99", "critical": false }, "authorityKeyIdentifier": { "value": "EA:13:1C:D9:76:B4:03:87:EC:1C:CA:DF:E8:85:E1:98:02:AB:53:26", "critical": false } }, "signature_algorithm": { "algorithm": "sha256WithRSAEncryption", "signature": "7F:3D:12:DC:3F:C7:46:96:66:BD:5D:70:C2:36:B9:55:6A:3E:02:29:6E:07:31:39:02:52:6E:9F:07:62:F8:B1:8C:49:AA:88:91:35:06:8A:A3:E9:C1:5E:D6:70:EB:DE:67:43:72:A7:DD:BB:BF:2C:9A:10:A0:DF:25:73:CE:6A:4F:E9:B4:71:E7:76:96:7A:38:1A:E2:E2:1F:7A:8A:6F:18:0E:F1:AD:41:E8:50:C0:D5:81:3C:06:70:ED:6C:62:FC:C1:D9:62:90:95:1D:30:D3:44:07:7D:7C:39:2F:1A:F7:8D:0F:42:FF:98:65:74:48:D0:55:F7:2E:FC:26:21:00:C9:39:46:31:8F:33:C8:BE:B0:64:09:8E:B3:59:A5:B8:2E:46:16:F0:D6:27:98:BD:53:9F:B6:A1:68:43:D5:E2:72:C0:AC:6B:77:2C:0D:F2:2F:15:9B:48:12:8F:E5:EA:23:4E:59:90:3B:EC:42:D2:AC:68:80:8E:C7:CC:8A:B7:16:13:C5:ED:9D:A2:69:E9:28:8D:65:00:0E:0A:83:F6:6D:11:28:5A:4A:16:E1:5F:B0:68:FD:3A:CE:62:AD:96:67:A9:9C:F1:ED:1A:BC:CA:D5:72:CB:33:1A:35:03:7B:E5:B6:8D:7A:CA:AF:15:50:F6:62:26:E2:F2:99:2E" }, "key_size": 2048, "validity": { "not_valid_after": "2023-07-06 04:19:07", "not_valid_before": "2022-07-06 04:24:57" } } TASK [Load certificate YAML to cert_issued variable] *************************** task path: /tmp/tmpjupnnp9c/tests/tasks/assert_certificate_parameters.yml:83 Wednesday 06 July 2022 04:25:15 +0000 (0:00:00.619) 0:00:27.758 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "ansible_facts": { "cert_issued": { "extensions": { "authorityKeyIdentifier": { "critical": false, "value": "EA:13:1C:D9:76:B4:03:87:EC:1C:CA:DF:E8:85:E1:98:02:AB:53:26" }, "basicConstraints": { "critical": true, "value": { "ca": false } }, "extendedKeyUsage": { "critical": false, "value": [ { "name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1" }, { "name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2" } ] }, "keyUsage": { "critical": false, "value": [ "digital_signature", "key_encipherment" ] }, "subjectAltName": { "critical": false, "value": [ { "name": "DNS", "value": "www.example.net" } ] }, "subjectKeyIdentifier": { "critical": false, "value": "00:2A:E7:FD:82:F9:E4:E9:35:4C:8F:EA:97:CB:96:81:90:83:BC:99" } }, "key_size": 2048, "signature_algorithm": { "algorithm": "sha256WithRSAEncryption", "signature": "7F:3D:12:DC:3F:C7:46:96:66:BD:5D:70:C2:36:B9:55:6A:3E:02:29:6E:07:31:39:02:52:6E:9F:07:62:F8:B1:8C:49:AA:88:91:35:06:8A:A3:E9:C1:5E:D6:70:EB:DE:67:43:72:A7:DD:BB:BF:2C:9A:10:A0:DF:25:73:CE:6A:4F:E9:B4:71:E7:76:96:7A:38:1A:E2:E2:1F:7A:8A:6F:18:0E:F1:AD:41:E8:50:C0:D5:81:3C:06:70:ED:6C:62:FC:C1:D9:62:90:95:1D:30:D3:44:07:7D:7C:39:2F:1A:F7:8D:0F:42:FF:98:65:74:48:D0:55:F7:2E:FC:26:21:00:C9:39:46:31:8F:33:C8:BE:B0:64:09:8E:B3:59:A5:B8:2E:46:16:F0:D6:27:98:BD:53:9F:B6:A1:68:43:D5:E2:72:C0:AC:6B:77:2C:0D:F2:2F:15:9B:48:12:8F:E5:EA:23:4E:59:90:3B:EC:42:D2:AC:68:80:8E:C7:CC:8A:B7:16:13:C5:ED:9D:A2:69:E9:28:8D:65:00:0E:0A:83:F6:6D:11:28:5A:4A:16:E1:5F:B0:68:FD:3A:CE:62:AD:96:67:A9:9C:F1:ED:1A:BC:CA:D5:72:CB:33:1A:35:03:7B:E5:B6:8D:7A:CA:AF:15:50:F6:62:26:E2:F2:99:2E" }, "subject": [ { "name": "commonName", "oid": "2.5.4.3", "value": "www.example.net" } ], "validity": { "not_valid_after": "2023-07-06 04:19:07", "not_valid_before": "2022-07-06 04:24:57" } } }, "changed": false } TASK [Verify certificate subject] ********************************************** task path: /tmp/tmpjupnnp9c/tests/tasks/assert_certificate_parameters.yml:87 Wednesday 06 July 2022 04:25:15 +0000 (0:00:00.072) 0:00:27.830 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "changed": false } MSG: All assertions passed TASK [Verify certificate SAN] ************************************************** task path: /tmp/tmpjupnnp9c/tests/tasks/assert_certificate_parameters.yml:96 Wednesday 06 July 2022 04:25:15 +0000 (0:00:00.074) 0:00:27.905 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "changed": false } MSG: All assertions passed TASK [Verify key size] ********************************************************* task path: /tmp/tmpjupnnp9c/tests/tasks/assert_certificate_parameters.yml:105 Wednesday 06 July 2022 04:25:15 +0000 (0:00:00.063) 0:00:27.969 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "changed": false } MSG: All assertions passed TASK [Verify certificate Key Usage] ******************************************** task path: /tmp/tmpjupnnp9c/tests/tasks/assert_certificate_parameters.yml:112 Wednesday 06 July 2022 04:25:15 +0000 (0:00:00.046) 0:00:28.016 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "changed": false } MSG: All assertions passed TASK [Verify certificate Extended Key Usage] *********************************** task path: /tmp/tmpjupnnp9c/tests/tasks/assert_certificate_parameters.yml:125 Wednesday 06 July 2022 04:25:15 +0000 (0:00:00.045) 0:00:28.061 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "changed": false } MSG: All assertions passed TASK [Retrieve auto-renew flag] ************************************************ task path: /tmp/tmpjupnnp9c/tests/tasks/assert_certificate_parameters.yml:141 Wednesday 06 July 2022 04:25:15 +0000 (0:00:00.070) 0:00:28.132 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "changed": false, "cmd": "set -euo pipefail; getcert list -f /etc/pki/tls/certs/another-cert.crt | grep 'auto-renew' | sed 's/^\\s\\+auto-renew: //g'", "delta": "0:00:00.077740", "end": "2022-07-06 00:25:15.780415", "rc": 0, "start": "2022-07-06 00:25:15.702675" } STDOUT: yes TASK [Verify certificate auto-renew flag] ************************************** task path: /tmp/tmpjupnnp9c/tests/tasks/assert_certificate_parameters.yml:150 Wednesday 06 July 2022 04:25:15 +0000 (0:00:00.476) 0:00:28.608 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "changed": false } MSG: All assertions passed META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/rhel-8-y.qcow2.snap : ok=73 changed=1 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0 Wednesday 06 July 2022 04:25:15 +0000 (0:00:00.057) 0:00:28.666 ******** =============================================================================== linux-system-roles.certificate : Ensure certificate requests ------------ 3.97s /tmp/tmpjupnnp9c/tests/roles/linux-system-roles.certificate/tasks/main.yml:100 linux-system-roles.certificate : Ensure certificate role dependencies are installed --- 1.47s /tmp/tmpjupnnp9c/tests/roles/linux-system-roles.certificate/tasks/main.yml:5 -- Ensure python3 is installed --------------------------------------------- 1.41s /tmp/tmpjupnnp9c/tests/tasks/assert_certificate_parameters.yml:6 -------------- Ensure python3 is installed --------------------------------------------- 1.36s /tmp/tmpjupnnp9c/tests/tasks/assert_certificate_parameters.yml:6 -------------- Ensure python3 is installed --------------------------------------------- 1.34s /tmp/tmpjupnnp9c/tests/tasks/assert_certificate_parameters.yml:6 -------------- linux-system-roles.certificate : Ensure provider packages are installed --- 1.32s /tmp/tmpjupnnp9c/tests/roles/linux-system-roles.certificate/tasks/main.yml:22 - Install the package, force upgrade -------------------------------------- 1.14s /tmp/tmpjupnnp9c/tests/tasks/assert_certificate_parameters.yml:11 ------------- Gathering Facts --------------------------------------------------------- 1.14s /tmp/tmpjupnnp9c/tests/tests_many_self_signed.yml:2 --------------------------- Install the package, force upgrade -------------------------------------- 1.06s /tmp/tmpjupnnp9c/tests/tasks/assert_certificate_parameters.yml:11 ------------- Install the package, force upgrade -------------------------------------- 1.05s /tmp/tmpjupnnp9c/tests/tasks/assert_certificate_parameters.yml:11 ------------- Install certreader ------------------------------------------------------ 0.89s /tmp/tmpjupnnp9c/tests/tasks/assert_certificate_parameters.yml:18 ------------- Install certreader ------------------------------------------------------ 0.87s /tmp/tmpjupnnp9c/tests/tasks/assert_certificate_parameters.yml:18 ------------- Install certreader ------------------------------------------------------ 0.86s /tmp/tmpjupnnp9c/tests/tasks/assert_certificate_parameters.yml:18 ------------- Gathering Facts --------------------------------------------------------- 0.80s /tmp/tmpjupnnp9c/tests/tests_many_self_signed.yml:18 -------------------------- linux-system-roles.certificate : Ensure provider service is running ----- 0.79s /tmp/tmpjupnnp9c/tests/roles/linux-system-roles.certificate/tasks/main.yml:88 - Parse certificate ------------------------------------------------------- 0.74s /tmp/tmpjupnnp9c/tests/tasks/assert_certificate_parameters.yml:78 ------------- Parse certificate ------------------------------------------------------- 0.62s /tmp/tmpjupnnp9c/tests/tasks/assert_certificate_parameters.yml:78 ------------- Parse certificate ------------------------------------------------------- 0.59s /tmp/tmpjupnnp9c/tests/tasks/assert_certificate_parameters.yml:78 ------------- linux-system-roles.certificate : Ensure pre-scripts hooks directory exists --- 0.53s /tmp/tmpjupnnp9c/tests/roles/linux-system-roles.certificate/tasks/main.yml:33 - Retrieve certificate file stats ----------------------------------------- 0.52s /tmp/tmpjupnnp9c/tests/tasks/assert_certificate_parameters.yml:26 ------------- ansible-playbook [core 2.12.6] config file = /etc/ansible/ansible.cfg configured module search path = ['/root/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules'] ansible python module location = /usr/lib/python3.9/site-packages/ansible ansible collection location = /tmp/tmpsp7qopjw executable location = /usr/bin/ansible-playbook python version = 3.9.13 (main, May 18 2022, 00:00:00) [GCC 11.3.1 20220421 (Red Hat 11.3.1-2)] jinja version = 2.11.3 libyaml = True Using /etc/ansible/ansible.cfg as config file Skipping callback 'debug', as we already have a stdout callback. Skipping callback 'default', as we already have a stdout callback. Skipping callback 'minimal', as we already have a stdout callback. Skipping callback 'oneline', as we already have a stdout callback. PLAYBOOK: tests_many_self_signed.yml ******************************************* 2 plays in /tmp/tmpj_xtuxdz/tests/certificate/tests_many_self_signed.yml PLAY [Issue many self-signed certificates] ************************************* TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpj_xtuxdz/tests/certificate/tests_many_self_signed.yml:2 Wednesday 06 July 2022 04:36:33 +0000 (0:00:00.014) 0:00:00.014 ******** ok: [/cache/rhel-8-y.qcow2.snap] META: ran handlers TASK [fedora.linux_system_roles.certificate : Set version specific variables] *** task path: /tmp/tmpsp7qopjw/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:2 Wednesday 06 July 2022 04:36:34 +0000 (0:00:01.139) 0:00:01.154 ******** included: /tmp/tmpsp7qopjw/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/set_vars.yml for /cache/rhel-8-y.qcow2.snap TASK [fedora.linux_system_roles.certificate : Ensure ansible_facts used by role] *** task path: /tmp/tmpsp7qopjw/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/set_vars.yml:2 Wednesday 06 July 2022 04:36:34 +0000 (0:00:00.027) 0:00:01.181 ******** ok: [/cache/rhel-8-y.qcow2.snap] TASK [fedora.linux_system_roles.certificate : Set platform/version specific variables] *** task path: /tmp/tmpsp7qopjw/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/set_vars.yml:7 Wednesday 06 July 2022 04:36:35 +0000 (0:00:00.545) 0:00:01.727 ******** skipping: [/cache/rhel-8-y.qcow2.snap] => (item=RedHat.yml) => { "ansible_loop_var": "item", "changed": false, "item": "RedHat.yml", "skip_reason": "Conditional result was False" } skipping: [/cache/rhel-8-y.qcow2.snap] => (item=RedHat.yml) => { "ansible_loop_var": "item", "changed": false, "item": "RedHat.yml", "skip_reason": "Conditional result was False" } skipping: [/cache/rhel-8-y.qcow2.snap] => (item=RedHat_8.yml) => { "ansible_loop_var": "item", "changed": false, "item": "RedHat_8.yml", "skip_reason": "Conditional result was False" } skipping: [/cache/rhel-8-y.qcow2.snap] => (item=RedHat_8.7.yml) => { "ansible_loop_var": "item", "changed": false, "item": "RedHat_8.7.yml", "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.certificate : Ensure certificate role dependencies are installed] *** task path: /tmp/tmpsp7qopjw/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:5 Wednesday 06 July 2022 04:36:35 +0000 (0:00:00.040) 0:00:01.767 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "changed": false, "rc": 0, "results": [] } MSG: Nothing to do TASK [fedora.linux_system_roles.certificate : Ensure provider packages are installed] *** task path: /tmp/tmpsp7qopjw/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:22 Wednesday 06 July 2022 04:36:37 +0000 (0:00:01.505) 0:00:03.273 ******** ok: [/cache/rhel-8-y.qcow2.snap] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": false, "rc": 0, "results": [] } MSG: Nothing to do TASK [fedora.linux_system_roles.certificate : Ensure pre-scripts hooks directory exists] *** task path: /tmp/tmpsp7qopjw/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:33 Wednesday 06 July 2022 04:36:38 +0000 (0:00:01.427) 0:00:04.701 ******** ok: [/cache/rhel-8-y.qcow2.snap] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": false, "gid": 0, "group": "root", "mode": "0700", "owner": "root", "path": "/etc/certmonger//pre-scripts", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 6, "state": "directory", "uid": 0 } TASK [fedora.linux_system_roles.certificate : Ensure post-scripts hooks directory exists] *** task path: /tmp/tmpsp7qopjw/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:59 Wednesday 06 July 2022 04:36:38 +0000 (0:00:00.527) 0:00:05.229 ******** ok: [/cache/rhel-8-y.qcow2.snap] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": false, "gid": 0, "group": "root", "mode": "0700", "owner": "root", "path": "/etc/certmonger//post-scripts", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 6, "state": "directory", "uid": 0 } TASK [fedora.linux_system_roles.certificate : Ensure provider service is running] *** task path: /tmp/tmpsp7qopjw/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:88 Wednesday 06 July 2022 04:36:39 +0000 (0:00:00.401) 0:00:05.631 ******** ok: [/cache/rhel-8-y.qcow2.snap] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": false, "enabled": true, "name": "certmonger", "state": "started", "status": { "ActiveEnterTimestamp": "Wed 2022-07-06 00:30:53 EDT", "ActiveEnterTimestampMonotonic": "208549725", "ActiveExitTimestampMonotonic": "0", "ActiveState": "active", "After": "syslog.target dbus.socket systemd-journald.socket basic.target network.target dbus.service sysinit.target system.slice", "AllowIsolate": "no", "AllowedCPUs": "", "AllowedMemoryNodes": "", "AmbientCapabilities": "", "AssertResult": "yes", "AssertTimestamp": "Wed 2022-07-06 00:30:53 EDT", "AssertTimestampMonotonic": "208539032", "Before": "shutdown.target multi-user.target", "BlockIOAccounting": "no", "BlockIOWeight": "[not set]", "BusName": "org.fedorahosted.certmonger", "CPUAccounting": "no", "CPUAffinity": "", "CPUAffinityFromNUMA": "no", "CPUQuotaPerSecUSec": "infinity", "CPUQuotaPeriodUSec": "infinity", "CPUSchedulingPolicy": "0", "CPUSchedulingPriority": "0", "CPUSchedulingResetOnFork": "no", "CPUShares": "[not set]", "CPUUsageNSec": "[not set]", "CPUWeight": "[not set]", "CacheDirectoryMode": "0755", "CanFreeze": "yes", "CanIsolate": "no", "CanReload": "no", "CanStart": "yes", "CanStop": "yes", "CapabilityBoundingSet": "cap_chown cap_dac_override cap_dac_read_search cap_fowner cap_fsetid cap_kill cap_setgid cap_setuid cap_setpcap cap_linux_immutable cap_net_bind_service cap_net_broadcast cap_net_admin cap_net_raw cap_ipc_lock cap_ipc_owner cap_sys_module cap_sys_rawio cap_sys_chroot cap_sys_ptrace cap_sys_pacct cap_sys_admin cap_sys_boot cap_sys_nice cap_sys_resource cap_sys_time cap_sys_tty_config cap_mknod cap_lease cap_audit_write cap_audit_control cap_setfcap cap_mac_override cap_mac_admin cap_syslog cap_wake_alarm cap_block_suspend cap_audit_read cap_perfmon cap_bpf", "CollectMode": "inactive", "ConditionResult": "yes", "ConditionTimestamp": "Wed 2022-07-06 00:30:53 EDT", "ConditionTimestampMonotonic": "208539032", "ConfigurationDirectoryMode": "0755", "Conflicts": "shutdown.target", "ControlGroup": "/system.slice/certmonger.service", "ControlPID": "0", "DefaultDependencies": "yes", "DefaultMemoryLow": "0", "DefaultMemoryMin": "0", "Delegate": "no", "Description": "Certificate monitoring and PKI enrollment", "DevicePolicy": "auto", "DynamicUser": "no", "EffectiveCPUs": "", "EffectiveMemoryNodes": "", "EnvironmentFiles": "/etc/sysconfig/certmonger (ignore_errors=yes)", "ExecMainCode": "0", "ExecMainExitTimestampMonotonic": "0", "ExecMainPID": "20339", "ExecMainStartTimestamp": "Wed 2022-07-06 00:30:53 EDT", "ExecMainStartTimestampMonotonic": "208540188", "ExecMainStatus": "0", "ExecStart": "{ path=/usr/sbin/certmonger ; argv[]=/usr/sbin/certmonger -S -p /run/certmonger.pid -n $OPTS ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }", "FailureAction": "none", "FileDescriptorStoreMax": "0", "FragmentPath": "/usr/lib/systemd/system/certmonger.service", "FreezerState": "running", "GID": "[not set]", "GuessMainPID": "yes", "IOAccounting": "no", "IOSchedulingClass": "0", "IOSchedulingPriority": "0", "IOWeight": "[not set]", "IPAccounting": "no", "IPEgressBytes": "18446744073709551615", "IPEgressPackets": "18446744073709551615", "IPIngressBytes": "18446744073709551615", "IPIngressPackets": "18446744073709551615", "Id": "certmonger.service", "IgnoreOnIsolate": "no", "IgnoreSIGPIPE": "yes", "InactiveEnterTimestampMonotonic": "0", "InactiveExitTimestamp": "Wed 2022-07-06 00:30:53 EDT", "InactiveExitTimestampMonotonic": "208540321", "InvocationID": "10da18c4a5da4869bbf5df93894e3192", "JobRunningTimeoutUSec": "infinity", "JobTimeoutAction": "none", "JobTimeoutUSec": "infinity", "KeyringMode": "private", "KillMode": "control-group", "KillSignal": "15", "LimitAS": "infinity", "LimitASSoft": "infinity", "LimitCORE": "infinity", "LimitCORESoft": "0", "LimitCPU": "infinity", "LimitCPUSoft": "infinity", "LimitDATA": "infinity", "LimitDATASoft": "infinity", "LimitFSIZE": "infinity", "LimitFSIZESoft": "infinity", "LimitLOCKS": "infinity", "LimitLOCKSSoft": "infinity", "LimitMEMLOCK": "65536", "LimitMEMLOCKSoft": "65536", "LimitMSGQUEUE": "819200", "LimitMSGQUEUESoft": "819200", "LimitNICE": "0", "LimitNICESoft": "0", "LimitNOFILE": "262144", "LimitNOFILESoft": "1024", "LimitNPROC": "14640", "LimitNPROCSoft": "14640", "LimitRSS": "infinity", "LimitRSSSoft": "infinity", "LimitRTPRIO": "0", "LimitRTPRIOSoft": "0", "LimitRTTIME": "infinity", "LimitRTTIMESoft": "infinity", "LimitSIGPENDING": "14640", "LimitSIGPENDINGSoft": "14640", "LimitSTACK": "infinity", "LimitSTACKSoft": "8388608", "LoadState": "loaded", "LockPersonality": "no", "LogLevelMax": "-1", "LogRateLimitBurst": "0", "LogRateLimitIntervalUSec": "0", "LogsDirectoryMode": "0755", "MainPID": "20339", "MemoryAccounting": "yes", "MemoryCurrent": "3985408", "MemoryDenyWriteExecute": "no", "MemoryHigh": "infinity", "MemoryLimit": "infinity", "MemoryLow": "0", "MemoryMax": "infinity", "MemoryMin": "0", "MemorySwapMax": "infinity", "MountAPIVFS": "no", "MountFlags": "", "NFileDescriptorStore": "0", "NRestarts": "0", "NUMAMask": "", "NUMAPolicy": "n/a", "Names": "certmonger.service", "NeedDaemonReload": "no", "Nice": "0", "NoNewPrivileges": "no", "NonBlocking": "no", "NotifyAccess": "none", "OOMScoreAdjust": "0", "OnFailureJobMode": "replace", "PIDFile": "/run/certmonger.pid", "PartOf": "dbus.service", "PermissionsStartOnly": "no", "Perpetual": "no", "PrivateDevices": "no", "PrivateMounts": "no", "PrivateNetwork": "no", "PrivateTmp": "no", "PrivateUsers": "no", "ProtectControlGroups": "no", "ProtectHome": "no", "ProtectKernelModules": "no", "ProtectKernelTunables": "no", "ProtectSystem": "no", "RefuseManualStart": "no", "RefuseManualStop": "no", "RemainAfterExit": "no", "RemoveIPC": "no", "Requires": "sysinit.target dbus.socket system.slice", "Restart": "no", "RestartUSec": "100ms", "RestrictNamespaces": "no", "RestrictRealtime": "no", "RestrictSUIDSGID": "no", "Result": "success", "RootDirectoryStartOnly": "no", "RuntimeDirectoryMode": "0755", "RuntimeDirectoryPreserve": "no", "RuntimeMaxUSec": "infinity", "SameProcessGroup": "no", "SecureBits": "0", "SendSIGHUP": "no", "SendSIGKILL": "yes", "Slice": "system.slice", "StandardError": "inherit", "StandardInput": "null", "StandardInputData": "", "StandardOutput": "journal", "StartLimitAction": "none", "StartLimitBurst": "5", "StartLimitIntervalUSec": "10s", "StartupBlockIOWeight": "[not set]", "StartupCPUShares": "[not set]", "StartupCPUWeight": "[not set]", "StartupIOWeight": "[not set]", "StateChangeTimestamp": "Wed 2022-07-06 00:30:53 EDT", "StateChangeTimestampMonotonic": "208549725", "StateDirectoryMode": "0755", "StatusErrno": "0", "StopWhenUnneeded": "no", "SubState": "running", "SuccessAction": "none", "SyslogFacility": "3", "SyslogLevel": "6", "SyslogLevelPrefix": "yes", "SyslogPriority": "30", "SystemCallErrorNumber": "0", "TTYReset": "no", "TTYVHangup": "no", "TTYVTDisallocate": "no", "TasksAccounting": "yes", "TasksCurrent": "1", "TasksMax": "23424", "TimeoutStartUSec": "1min 30s", "TimeoutStopUSec": "1min 30s", "TimerSlackNSec": "50000", "Transient": "no", "Type": "dbus", "UID": "[not set]", "UMask": "0022", "UnitFilePreset": "disabled", "UnitFileState": "enabled", "UtmpMode": "init", "WantedBy": "multi-user.target", "WatchdogTimestamp": "Wed 2022-07-06 00:30:53 EDT", "WatchdogTimestampMonotonic": "208549724", "WatchdogUSec": "0" } } TASK [fedora.linux_system_roles.certificate : Ensure certificate requests] ***** task path: /tmp/tmpsp7qopjw/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:99 Wednesday 06 July 2022 04:36:40 +0000 (0:00:00.799) 0:00:06.430 ******** changed: [/cache/rhel-8-y.qcow2.snap] => (item={'name': 'mycert_many_self_signed', 'dns': 'www.example.com', 'ca': 'self-sign'}) => { "ansible_loop_var": "item", "changed": true, "item": { "ca": "self-sign", "dns": "www.example.com", "name": "mycert_many_self_signed" } } MSG: Certificate requested (new). changed: [/cache/rhel-8-y.qcow2.snap] => (item={'name': 'other-cert', 'dns': 'www.example.org', 'ca': 'self-sign'}) => { "ansible_loop_var": "item", "changed": true, "item": { "ca": "self-sign", "dns": "www.example.org", "name": "other-cert" } } MSG: Certificate requested (new). changed: [/cache/rhel-8-y.qcow2.snap] => (item={'name': 'another-cert', 'dns': 'www.example.net', 'ca': 'self-sign'}) => { "ansible_loop_var": "item", "changed": true, "item": { "ca": "self-sign", "dns": "www.example.net", "name": "another-cert" } } MSG: Certificate requested (new). META: role_complete for /cache/rhel-8-y.qcow2.snap META: ran handlers META: ran handlers PLAY [Verify certificate] ****************************************************** TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpj_xtuxdz/tests/certificate/tests_many_self_signed.yml:18 Wednesday 06 July 2022 04:36:43 +0000 (0:00:02.927) 0:00:09.358 ******** ok: [/cache/rhel-8-y.qcow2.snap] META: ran handlers TASK [Verify each certificate] ************************************************* task path: /tmp/tmpj_xtuxdz/tests/certificate/tests_many_self_signed.yml:50 Wednesday 06 July 2022 04:36:43 +0000 (0:00:00.840) 0:00:10.198 ******** included: /tmp/tmpj_xtuxdz/tests/certificate/tasks/assert_certificate_parameters.yml for /cache/rhel-8-y.qcow2.snap => (item={'path': '/etc/pki/tls/certs/mycert_many_self_signed.crt', 'key_path': '/etc/pki/tls/private/mycert_many_self_signed.key', 'subject': [{'name': 'commonName', 'oid': '2.5.4.3', 'value': 'www.example.com'}], 'subject_alt_name': [{'name': 'DNS', 'value': 'www.example.com'}]}) included: /tmp/tmpj_xtuxdz/tests/certificate/tasks/assert_certificate_parameters.yml for /cache/rhel-8-y.qcow2.snap => (item={'path': '/etc/pki/tls/certs/other-cert.crt', 'key_path': '/etc/pki/tls/private/other-cert.key', 'subject': [{'name': 'commonName', 'oid': '2.5.4.3', 'value': 'www.example.org'}], 'subject_alt_name': [{'name': 'DNS', 'value': 'www.example.org'}]}) included: /tmp/tmpj_xtuxdz/tests/certificate/tasks/assert_certificate_parameters.yml for /cache/rhel-8-y.qcow2.snap => (item={'path': '/etc/pki/tls/certs/another-cert.crt', 'key_path': '/etc/pki/tls/private/another-cert.key', 'subject': [{'name': 'commonName', 'oid': '2.5.4.3', 'value': 'www.example.net'}], 'subject_alt_name': [{'name': 'DNS', 'value': 'www.example.net'}]}) TASK [Set virtualenv_path] ***************************************************** task path: /tmp/tmpj_xtuxdz/tests/certificate/tasks/assert_certificate_parameters.yml:2 Wednesday 06 July 2022 04:36:44 +0000 (0:00:00.058) 0:00:10.256 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "ansible_facts": { "__virtualenv_path": "/tmp/certificate-tests-venv" }, "changed": false } TASK [Ensure python3 is installed] ********************************************* task path: /tmp/tmpj_xtuxdz/tests/certificate/tasks/assert_certificate_parameters.yml:6 Wednesday 06 July 2022 04:36:44 +0000 (0:00:00.027) 0:00:10.284 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "changed": false, "rc": 0, "results": [] } MSG: Nothing to do TASK [Install the package, force upgrade] ************************************** task path: /tmp/tmpj_xtuxdz/tests/certificate/tasks/assert_certificate_parameters.yml:11 Wednesday 06 July 2022 04:36:45 +0000 (0:00:01.323) 0:00:11.608 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "changed": false, "cmd": [ "/tmp/certificate-tests-venv/bin/pip3", "install", "-U", "pip" ], "name": [ "pip" ], "requirements": null, "state": "latest", "version": null, "virtualenv": "/tmp/certificate-tests-venv" } STDOUT: Requirement already satisfied: pip in ./certificate-tests-venv/lib/python3.6/site-packages (21.3.1) TASK [Install certreader] ****************************************************** task path: /tmp/tmpj_xtuxdz/tests/certificate/tasks/assert_certificate_parameters.yml:18 Wednesday 06 July 2022 04:36:46 +0000 (0:00:01.182) 0:00:12.790 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "changed": false, "cmd": [ "/tmp/certificate-tests-venv/bin/pip3", "install", "cryptography<35", "certreader>=0.1.1" ], "name": [ "cryptography<35", "certreader>=0.1.1" ], "requirements": null, "state": "present", "version": null, "virtualenv": "/tmp/certificate-tests-venv" } STDOUT: Requirement already satisfied: cryptography<35 in ./certificate-tests-venv/lib/python3.6/site-packages (3.4.8) Requirement already satisfied: certreader>=0.1.1 in ./certificate-tests-venv/lib/python3.6/site-packages (0.1.1) Requirement already satisfied: cffi>=1.12 in ./certificate-tests-venv/lib/python3.6/site-packages (from cryptography<35) (1.15.1) Requirement already satisfied: pyasn1 in ./certificate-tests-venv/lib/python3.6/site-packages (from certreader>=0.1.1) (0.4.8) Requirement already satisfied: pyyaml in ./certificate-tests-venv/lib/python3.6/site-packages (from certreader>=0.1.1) (6.0) Requirement already satisfied: pycparser in ./certificate-tests-venv/lib/python3.6/site-packages (from cffi>=1.12->cryptography<35) (2.21) TASK [Retrieve certificate file stats] ***************************************** task path: /tmp/tmpj_xtuxdz/tests/certificate/tasks/assert_certificate_parameters.yml:26 Wednesday 06 July 2022 04:36:47 +0000 (0:00:00.898) 0:00:13.689 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "changed": false, "stat": { "atime": 1657082200.2797496, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "9ee098a1d1e129acbd80237ab2e875b32e78f195", "ctime": 1657082200.2767496, "dev": 64515, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 16980534, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1657082200.2767496, "nlink": 1, "path": "/etc/pki/tls/certs/mycert_many_self_signed.crt", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1294, "uid": 0, "version": "1260712518", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify if certificate file exists] *************************************** task path: /tmp/tmpj_xtuxdz/tests/certificate/tasks/assert_certificate_parameters.yml:31 Wednesday 06 July 2022 04:36:47 +0000 (0:00:00.498) 0:00:14.187 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "changed": false } MSG: All assertions passed TASK [Verify certificate file owner and group] ********************************* task path: /tmp/tmpj_xtuxdz/tests/certificate/tasks/assert_certificate_parameters.yml:37 Wednesday 06 July 2022 04:36:47 +0000 (0:00:00.063) 0:00:14.251 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "changed": false } MSG: All assertions passed TASK [Verify certificate permissions] ****************************************** task path: /tmp/tmpj_xtuxdz/tests/certificate/tasks/assert_certificate_parameters.yml:47 Wednesday 06 July 2022 04:36:48 +0000 (0:00:00.083) 0:00:14.335 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "changed": false } MSG: All assertions passed TASK [Retrieve key file stats] ************************************************* task path: /tmp/tmpj_xtuxdz/tests/certificate/tasks/assert_certificate_parameters.yml:53 Wednesday 06 July 2022 04:36:48 +0000 (0:00:00.075) 0:00:14.411 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "changed": false, "stat": { "atime": 1657082200.2287495, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "451d34723fdffe5813fac5b3fbc0cc2571de7915", "ctime": 1657082200.2767496, "dev": 64515, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 26493082, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1657082200.2767496, "nlink": 1, "path": "/etc/pki/tls/private/mycert_many_self_signed.key", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1704, "uid": 0, "version": "844997600", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify if key file exists] *********************************************** task path: /tmp/tmpj_xtuxdz/tests/certificate/tasks/assert_certificate_parameters.yml:58 Wednesday 06 July 2022 04:36:48 +0000 (0:00:00.408) 0:00:14.819 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "changed": false } MSG: All assertions passed TASK [Verify key file owner and group] ***************************************** task path: /tmp/tmpj_xtuxdz/tests/certificate/tasks/assert_certificate_parameters.yml:64 Wednesday 06 July 2022 04:36:48 +0000 (0:00:00.105) 0:00:14.924 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "changed": false } MSG: All assertions passed TASK [Parse certificate] ******************************************************* task path: /tmp/tmpj_xtuxdz/tests/certificate/tasks/assert_certificate_parameters.yml:74 Wednesday 06 July 2022 04:36:48 +0000 (0:00:00.048) 0:00:14.973 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "changed": false, "cmd": [ "/tmp/certificate-tests-venv/bin/certreader2json", "/etc/pki/tls/certs/mycert_many_self_signed.crt" ], "delta": "0:00:00.229265", "end": "2022-07-06 00:36:48.627463", "rc": 0, "start": "2022-07-06 00:36:48.398198" } STDOUT: { "subject": [ { "name": "commonName", "oid": "2.5.4.3", "value": "www.example.com" } ], "extensions": { "keyUsage": { "value": [ "digital_signature", "key_encipherment" ], "critical": false }, "subjectAltName": { "value": [ { "name": "DNS", "value": "www.example.com" } ], "critical": false }, "extendedKeyUsage": { "value": [ { "name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1" }, { "name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2" } ], "critical": false }, "basicConstraints": { "value": { "ca": false }, "critical": true }, "subjectKeyIdentifier": { "value": "97:AE:FD:76:4C:E0:DD:38:92:0C:BE:6F:82:F8:D1:30:83:8A:27:E2", "critical": false }, "authorityKeyIdentifier": { "value": "8A:94:1E:CC:14:86:F2:5F:BE:A3:0B:04:B8:91:8D:D3:C3:5A:D9:2C", "critical": false } }, "signature_algorithm": { "algorithm": "sha256WithRSAEncryption", "signature": "97:BA:7B:97:99:78:40:69:95:3F:D6:67:4D:CC:35:63:D7:6D:57:4C:44:7B:D8:D2:1B:3C:36:AF:94:29:F6:7F:64:57:C3:51:82:E5:41:F2:8C:1A:96:89:52:4B:58:B4:9C:B8:48:A1:13:B0:86:7F:12:54:81:FC:57:4D:65:58:44:AF:D6:A8:F4:7F:8E:8B:54:53:EB:E3:AE:0C:60:1D:31:4D:53:F5:E6:10:12:F6:C1:E0:84:7A:F9:5A:6A:52:2B:54:1F:21:0A:4F:25:B8:5F:B8:16:5B:97:14:EB:B5:E6:D7:60:8B:F8:39:60:5A:72:2F:86:5A:44:12:12:30:D4:D5:AB:D8:F6:F7:22:F6:F8:A8:00:06:F6:34:06:89:F0:CB:97:F8:ED:A9:EA:54:93:90:D2:D1:B8:7D:A8:C4:84:02:70:9A:E7:44:DB:22:0C:A1:EF:3C:64:27:06:FA:F6:62:FF:4B:F2:CA:76:F8:F6:CE:38:D1:40:73:9B:28:B4:3A:0D:C1:F4:AC:6E:9E:24:6B:B4:13:7D:F8:94:3F:C6:83:2E:1D:64:3D:FE:A5:18:A0:93:36:1B:29:F6:7D:DC:EA:34:9F:BD:5B:07:DD:80:F7:E3:F5:9B:94:DD:8B:4E:76:AD:2A:93:7E:EE:24:DC:EB:90:0C:7F:A1:81:D3" }, "key_size": 2048, "validity": { "not_valid_after": "2023-07-06 04:30:53", "not_valid_before": "2022-07-06 04:36:40" } } TASK [Load certificate YAML to cert_issued variable] *************************** task path: /tmp/tmpj_xtuxdz/tests/certificate/tasks/assert_certificate_parameters.yml:79 Wednesday 06 July 2022 04:36:49 +0000 (0:00:00.686) 0:00:15.659 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "ansible_facts": { "cert_issued": { "extensions": { "authorityKeyIdentifier": { "critical": false, "value": "8A:94:1E:CC:14:86:F2:5F:BE:A3:0B:04:B8:91:8D:D3:C3:5A:D9:2C" }, "basicConstraints": { "critical": true, "value": { "ca": false } }, "extendedKeyUsage": { "critical": false, "value": [ { "name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1" }, { "name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2" } ] }, "keyUsage": { "critical": false, "value": [ "digital_signature", "key_encipherment" ] }, "subjectAltName": { "critical": false, "value": [ { "name": "DNS", "value": "www.example.com" } ] }, "subjectKeyIdentifier": { "critical": false, "value": "97:AE:FD:76:4C:E0:DD:38:92:0C:BE:6F:82:F8:D1:30:83:8A:27:E2" } }, "key_size": 2048, "signature_algorithm": { "algorithm": "sha256WithRSAEncryption", "signature": "97:BA:7B:97:99:78:40:69:95:3F:D6:67:4D:CC:35:63:D7:6D:57:4C:44:7B:D8:D2:1B:3C:36:AF:94:29:F6:7F:64:57:C3:51:82:E5:41:F2:8C:1A:96:89:52:4B:58:B4:9C:B8:48:A1:13:B0:86:7F:12:54:81:FC:57:4D:65:58:44:AF:D6:A8:F4:7F:8E:8B:54:53:EB:E3:AE:0C:60:1D:31:4D:53:F5:E6:10:12:F6:C1:E0:84:7A:F9:5A:6A:52:2B:54:1F:21:0A:4F:25:B8:5F:B8:16:5B:97:14:EB:B5:E6:D7:60:8B:F8:39:60:5A:72:2F:86:5A:44:12:12:30:D4:D5:AB:D8:F6:F7:22:F6:F8:A8:00:06:F6:34:06:89:F0:CB:97:F8:ED:A9:EA:54:93:90:D2:D1:B8:7D:A8:C4:84:02:70:9A:E7:44:DB:22:0C:A1:EF:3C:64:27:06:FA:F6:62:FF:4B:F2:CA:76:F8:F6:CE:38:D1:40:73:9B:28:B4:3A:0D:C1:F4:AC:6E:9E:24:6B:B4:13:7D:F8:94:3F:C6:83:2E:1D:64:3D:FE:A5:18:A0:93:36:1B:29:F6:7D:DC:EA:34:9F:BD:5B:07:DD:80:F7:E3:F5:9B:94:DD:8B:4E:76:AD:2A:93:7E:EE:24:DC:EB:90:0C:7F:A1:81:D3" }, "subject": [ { "name": "commonName", "oid": "2.5.4.3", "value": "www.example.com" } ], "validity": { "not_valid_after": "2023-07-06 04:30:53", "not_valid_before": "2022-07-06 04:36:40" } } }, "changed": false } TASK [Verify certificate subject] ********************************************** task path: /tmp/tmpj_xtuxdz/tests/certificate/tasks/assert_certificate_parameters.yml:83 Wednesday 06 July 2022 04:36:49 +0000 (0:00:00.043) 0:00:15.702 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "changed": false } MSG: All assertions passed TASK [Verify certificate SAN] ************************************************** task path: /tmp/tmpj_xtuxdz/tests/certificate/tasks/assert_certificate_parameters.yml:91 Wednesday 06 July 2022 04:36:49 +0000 (0:00:00.045) 0:00:15.747 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "changed": false } MSG: All assertions passed TASK [Verify key size] ********************************************************* task path: /tmp/tmpj_xtuxdz/tests/certificate/tasks/assert_certificate_parameters.yml:99 Wednesday 06 July 2022 04:36:49 +0000 (0:00:00.033) 0:00:15.781 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "changed": false } MSG: All assertions passed TASK [Verify certificate Key Usage] ******************************************** task path: /tmp/tmpj_xtuxdz/tests/certificate/tasks/assert_certificate_parameters.yml:106 Wednesday 06 July 2022 04:36:49 +0000 (0:00:00.046) 0:00:15.828 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "changed": false } MSG: All assertions passed TASK [Verify certificate Extended Key Usage] *********************************** task path: /tmp/tmpj_xtuxdz/tests/certificate/tasks/assert_certificate_parameters.yml:118 Wednesday 06 July 2022 04:36:49 +0000 (0:00:00.046) 0:00:15.874 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "changed": false } MSG: All assertions passed TASK [Retrieve auto-renew flag] ************************************************ task path: /tmp/tmpj_xtuxdz/tests/certificate/tasks/assert_certificate_parameters.yml:132 Wednesday 06 July 2022 04:36:49 +0000 (0:00:00.046) 0:00:15.921 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "changed": false, "cmd": "set -euo pipefail; getcert list -f /etc/pki/tls/certs/mycert_many_self_signed.crt | grep 'auto-renew' | sed 's/^\\s\\+auto-renew: //g'", "delta": "0:00:00.070629", "end": "2022-07-06 00:36:49.326506", "rc": 0, "start": "2022-07-06 00:36:49.255877" } STDOUT: yes TASK [Verify certificate auto-renew flag] ************************************** task path: /tmp/tmpj_xtuxdz/tests/certificate/tasks/assert_certificate_parameters.yml:141 Wednesday 06 July 2022 04:36:50 +0000 (0:00:00.435) 0:00:16.357 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "changed": false } MSG: All assertions passed TASK [Set virtualenv_path] ***************************************************** task path: /tmp/tmpj_xtuxdz/tests/certificate/tasks/assert_certificate_parameters.yml:2 Wednesday 06 July 2022 04:36:50 +0000 (0:00:00.046) 0:00:16.403 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "ansible_facts": { "__virtualenv_path": "/tmp/certificate-tests-venv" }, "changed": false } TASK [Ensure python3 is installed] ********************************************* task path: /tmp/tmpj_xtuxdz/tests/certificate/tasks/assert_certificate_parameters.yml:6 Wednesday 06 July 2022 04:36:50 +0000 (0:00:00.029) 0:00:16.433 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "changed": false, "rc": 0, "results": [] } MSG: Nothing to do TASK [Install the package, force upgrade] ************************************** task path: /tmp/tmpj_xtuxdz/tests/certificate/tasks/assert_certificate_parameters.yml:11 Wednesday 06 July 2022 04:36:51 +0000 (0:00:01.321) 0:00:17.754 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "changed": false, "cmd": [ "/tmp/certificate-tests-venv/bin/pip3", "install", "-U", "pip" ], "name": [ "pip" ], "requirements": null, "state": "latest", "version": null, "virtualenv": "/tmp/certificate-tests-venv" } STDOUT: Requirement already satisfied: pip in ./certificate-tests-venv/lib/python3.6/site-packages (21.3.1) TASK [Install certreader] ****************************************************** task path: /tmp/tmpj_xtuxdz/tests/certificate/tasks/assert_certificate_parameters.yml:18 Wednesday 06 July 2022 04:36:52 +0000 (0:00:01.037) 0:00:18.792 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "changed": false, "cmd": [ "/tmp/certificate-tests-venv/bin/pip3", "install", "cryptography<35", "certreader>=0.1.1" ], "name": [ "cryptography<35", "certreader>=0.1.1" ], "requirements": null, "state": "present", "version": null, "virtualenv": "/tmp/certificate-tests-venv" } STDOUT: Requirement already satisfied: cryptography<35 in ./certificate-tests-venv/lib/python3.6/site-packages (3.4.8) Requirement already satisfied: certreader>=0.1.1 in ./certificate-tests-venv/lib/python3.6/site-packages (0.1.1) Requirement already satisfied: cffi>=1.12 in ./certificate-tests-venv/lib/python3.6/site-packages (from cryptography<35) (1.15.1) Requirement already satisfied: pyasn1 in ./certificate-tests-venv/lib/python3.6/site-packages (from certreader>=0.1.1) (0.4.8) Requirement already satisfied: pyyaml in ./certificate-tests-venv/lib/python3.6/site-packages (from certreader>=0.1.1) (6.0) Requirement already satisfied: pycparser in ./certificate-tests-venv/lib/python3.6/site-packages (from cffi>=1.12->cryptography<35) (2.21) TASK [Retrieve certificate file stats] ***************************************** task path: /tmp/tmpj_xtuxdz/tests/certificate/tasks/assert_certificate_parameters.yml:26 Wednesday 06 July 2022 04:36:53 +0000 (0:00:00.893) 0:00:19.686 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "changed": false, "stat": { "atime": 1657082201.2367494, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "810e68728c9af61ff6e512a32ebc2589b752afeb", "ctime": 1657082201.2327495, "dev": 64515, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 16980535, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1657082201.2327495, "nlink": 1, "path": "/etc/pki/tls/certs/other-cert.crt", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1294, "uid": 0, "version": "3264202226", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify if certificate file exists] *************************************** task path: /tmp/tmpj_xtuxdz/tests/certificate/tasks/assert_certificate_parameters.yml:31 Wednesday 06 July 2022 04:36:53 +0000 (0:00:00.394) 0:00:20.081 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "changed": false } MSG: All assertions passed TASK [Verify certificate file owner and group] ********************************* task path: /tmp/tmpj_xtuxdz/tests/certificate/tasks/assert_certificate_parameters.yml:37 Wednesday 06 July 2022 04:36:53 +0000 (0:00:00.033) 0:00:20.114 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "changed": false } MSG: All assertions passed TASK [Verify certificate permissions] ****************************************** task path: /tmp/tmpj_xtuxdz/tests/certificate/tasks/assert_certificate_parameters.yml:47 Wednesday 06 July 2022 04:36:53 +0000 (0:00:00.046) 0:00:20.161 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "changed": false } MSG: All assertions passed TASK [Retrieve key file stats] ************************************************* task path: /tmp/tmpj_xtuxdz/tests/certificate/tasks/assert_certificate_parameters.yml:53 Wednesday 06 July 2022 04:36:53 +0000 (0:00:00.045) 0:00:20.207 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "changed": false, "stat": { "atime": 1657082201.1757495, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "222a3d4d1b03ae4eec89fc829b2cee9732fd9dd8", "ctime": 1657082201.2327495, "dev": 64515, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 26493069, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1657082201.2327495, "nlink": 1, "path": "/etc/pki/tls/private/other-cert.key", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1704, "uid": 0, "version": "3905132536", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify if key file exists] *********************************************** task path: /tmp/tmpj_xtuxdz/tests/certificate/tasks/assert_certificate_parameters.yml:58 Wednesday 06 July 2022 04:36:54 +0000 (0:00:00.364) 0:00:20.571 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "changed": false } MSG: All assertions passed TASK [Verify key file owner and group] ***************************************** task path: /tmp/tmpj_xtuxdz/tests/certificate/tasks/assert_certificate_parameters.yml:64 Wednesday 06 July 2022 04:36:54 +0000 (0:00:00.031) 0:00:20.603 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "changed": false } MSG: All assertions passed TASK [Parse certificate] ******************************************************* task path: /tmp/tmpj_xtuxdz/tests/certificate/tasks/assert_certificate_parameters.yml:74 Wednesday 06 July 2022 04:36:54 +0000 (0:00:00.050) 0:00:20.654 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "changed": false, "cmd": [ "/tmp/certificate-tests-venv/bin/certreader2json", "/etc/pki/tls/certs/other-cert.crt" ], "delta": "0:00:00.232203", "end": "2022-07-06 00:36:54.211767", "rc": 0, "start": "2022-07-06 00:36:53.979564" } STDOUT: { "subject": [ { "name": "commonName", "oid": "2.5.4.3", "value": "www.example.org" } ], "extensions": { "keyUsage": { "value": [ "digital_signature", "key_encipherment" ], "critical": false }, "subjectAltName": { "value": [ { "name": "DNS", "value": "www.example.org" } ], "critical": false }, "extendedKeyUsage": { "value": [ { "name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1" }, { "name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2" } ], "critical": false }, "basicConstraints": { "value": { "ca": false }, "critical": true }, "subjectKeyIdentifier": { "value": "0B:D0:B3:82:85:52:30:6C:ED:57:31:BE:DF:FC:E5:0B:37:31:DE:3C", "critical": false }, "authorityKeyIdentifier": { "value": "8A:94:1E:CC:14:86:F2:5F:BE:A3:0B:04:B8:91:8D:D3:C3:5A:D9:2C", "critical": false } }, "signature_algorithm": { "algorithm": "sha256WithRSAEncryption", "signature": "49:10:A1:36:4F:CE:C0:AD:1D:BB:13:35:75:0E:7F:42:30:19:F7:32:67:18:EA:79:D8:FD:CB:56:24:B3:89:56:8D:64:44:14:67:F4:26:BE:61:3A:C2:6A:28:6F:46:E3:E5:40:44:D1:4D:30:B6:0B:EB:E0:A6:D9:0B:D9:77:E7:97:5B:82:E6:90:FF:4E:51:A0:4B:D9:E8:4C:44:5F:1E:35:DA:73:47:F6:24:CF:89:37:DA:21:62:55:4D:31:E5:47:1A:95:89:62:DF:30:67:A3:65:75:6A:34:79:80:7B:B4:44:B3:F6:0C:CC:51:CE:D3:EE:AF:1F:7B:88:62:7C:29:30:C0:0D:35:AE:66:45:AD:D4:A4:A4:A5:07:87:74:C2:4A:D3:7B:3B:C1:53:89:8E:FF:5C:DA:C6:B3:05:06:C6:B7:7C:66:6E:5A:2C:27:91:07:44:BA:5C:D0:74:7B:98:BD:22:97:4D:21:23:D8:60:EE:12:9C:AC:12:4A:05:2E:4F:08:42:58:1E:BF:24:01:52:BB:B9:E3:28:9B:73:C9:72:34:39:3A:17:6B:83:3E:53:53:C2:B4:93:4B:E4:BE:6F:F1:1E:55:24:B9:C0:70:11:EA:67:16:65:04:E9:56:2F:E1:CA:6B:D1:86:90:F1:3C:CD:96:11:0C:E6:10" }, "key_size": 2048, "validity": { "not_valid_after": "2023-07-06 04:30:53", "not_valid_before": "2022-07-06 04:36:41" } } TASK [Load certificate YAML to cert_issued variable] *************************** task path: /tmp/tmpj_xtuxdz/tests/certificate/tasks/assert_certificate_parameters.yml:79 Wednesday 06 July 2022 04:36:54 +0000 (0:00:00.589) 0:00:21.243 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "ansible_facts": { "cert_issued": { "extensions": { "authorityKeyIdentifier": { "critical": false, "value": "8A:94:1E:CC:14:86:F2:5F:BE:A3:0B:04:B8:91:8D:D3:C3:5A:D9:2C" }, "basicConstraints": { "critical": true, "value": { "ca": false } }, "extendedKeyUsage": { "critical": false, "value": [ { "name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1" }, { "name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2" } ] }, "keyUsage": { "critical": false, "value": [ "digital_signature", "key_encipherment" ] }, "subjectAltName": { "critical": false, "value": [ { "name": "DNS", "value": "www.example.org" } ] }, "subjectKeyIdentifier": { "critical": false, "value": "0B:D0:B3:82:85:52:30:6C:ED:57:31:BE:DF:FC:E5:0B:37:31:DE:3C" } }, "key_size": 2048, "signature_algorithm": { "algorithm": "sha256WithRSAEncryption", "signature": "49:10:A1:36:4F:CE:C0:AD:1D:BB:13:35:75:0E:7F:42:30:19:F7:32:67:18:EA:79:D8:FD:CB:56:24:B3:89:56:8D:64:44:14:67:F4:26:BE:61:3A:C2:6A:28:6F:46:E3:E5:40:44:D1:4D:30:B6:0B:EB:E0:A6:D9:0B:D9:77:E7:97:5B:82:E6:90:FF:4E:51:A0:4B:D9:E8:4C:44:5F:1E:35:DA:73:47:F6:24:CF:89:37:DA:21:62:55:4D:31:E5:47:1A:95:89:62:DF:30:67:A3:65:75:6A:34:79:80:7B:B4:44:B3:F6:0C:CC:51:CE:D3:EE:AF:1F:7B:88:62:7C:29:30:C0:0D:35:AE:66:45:AD:D4:A4:A4:A5:07:87:74:C2:4A:D3:7B:3B:C1:53:89:8E:FF:5C:DA:C6:B3:05:06:C6:B7:7C:66:6E:5A:2C:27:91:07:44:BA:5C:D0:74:7B:98:BD:22:97:4D:21:23:D8:60:EE:12:9C:AC:12:4A:05:2E:4F:08:42:58:1E:BF:24:01:52:BB:B9:E3:28:9B:73:C9:72:34:39:3A:17:6B:83:3E:53:53:C2:B4:93:4B:E4:BE:6F:F1:1E:55:24:B9:C0:70:11:EA:67:16:65:04:E9:56:2F:E1:CA:6B:D1:86:90:F1:3C:CD:96:11:0C:E6:10" }, "subject": [ { "name": "commonName", "oid": "2.5.4.3", "value": "www.example.org" } ], "validity": { "not_valid_after": "2023-07-06 04:30:53", "not_valid_before": "2022-07-06 04:36:41" } } }, "changed": false } TASK [Verify certificate subject] ********************************************** task path: /tmp/tmpj_xtuxdz/tests/certificate/tasks/assert_certificate_parameters.yml:83 Wednesday 06 July 2022 04:36:55 +0000 (0:00:00.045) 0:00:21.288 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "changed": false } MSG: All assertions passed TASK [Verify certificate SAN] ************************************************** task path: /tmp/tmpj_xtuxdz/tests/certificate/tasks/assert_certificate_parameters.yml:91 Wednesday 06 July 2022 04:36:55 +0000 (0:00:00.045) 0:00:21.334 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "changed": false } MSG: All assertions passed TASK [Verify key size] ********************************************************* task path: /tmp/tmpj_xtuxdz/tests/certificate/tasks/assert_certificate_parameters.yml:99 Wednesday 06 July 2022 04:36:55 +0000 (0:00:00.034) 0:00:21.368 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "changed": false } MSG: All assertions passed TASK [Verify certificate Key Usage] ******************************************** task path: /tmp/tmpj_xtuxdz/tests/certificate/tasks/assert_certificate_parameters.yml:106 Wednesday 06 July 2022 04:36:55 +0000 (0:00:00.047) 0:00:21.416 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "changed": false } MSG: All assertions passed TASK [Verify certificate Extended Key Usage] *********************************** task path: /tmp/tmpj_xtuxdz/tests/certificate/tasks/assert_certificate_parameters.yml:118 Wednesday 06 July 2022 04:36:55 +0000 (0:00:00.046) 0:00:21.462 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "changed": false } MSG: All assertions passed TASK [Retrieve auto-renew flag] ************************************************ task path: /tmp/tmpj_xtuxdz/tests/certificate/tasks/assert_certificate_parameters.yml:132 Wednesday 06 July 2022 04:36:55 +0000 (0:00:00.045) 0:00:21.508 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "changed": false, "cmd": "set -euo pipefail; getcert list -f /etc/pki/tls/certs/other-cert.crt | grep 'auto-renew' | sed 's/^\\s\\+auto-renew: //g'", "delta": "0:00:00.070327", "end": "2022-07-06 00:36:54.908103", "rc": 0, "start": "2022-07-06 00:36:54.837776" } STDOUT: yes TASK [Verify certificate auto-renew flag] ************************************** task path: /tmp/tmpj_xtuxdz/tests/certificate/tasks/assert_certificate_parameters.yml:141 Wednesday 06 July 2022 04:36:55 +0000 (0:00:00.428) 0:00:21.937 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "changed": false } MSG: All assertions passed TASK [Set virtualenv_path] ***************************************************** task path: /tmp/tmpj_xtuxdz/tests/certificate/tasks/assert_certificate_parameters.yml:2 Wednesday 06 July 2022 04:36:55 +0000 (0:00:00.046) 0:00:21.983 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "ansible_facts": { "__virtualenv_path": "/tmp/certificate-tests-venv" }, "changed": false } TASK [Ensure python3 is installed] ********************************************* task path: /tmp/tmpj_xtuxdz/tests/certificate/tasks/assert_certificate_parameters.yml:6 Wednesday 06 July 2022 04:36:55 +0000 (0:00:00.028) 0:00:22.012 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "changed": false, "rc": 0, "results": [] } MSG: Nothing to do TASK [Install the package, force upgrade] ************************************** task path: /tmp/tmpj_xtuxdz/tests/certificate/tasks/assert_certificate_parameters.yml:11 Wednesday 06 July 2022 04:36:57 +0000 (0:00:01.309) 0:00:23.321 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "changed": false, "cmd": [ "/tmp/certificate-tests-venv/bin/pip3", "install", "-U", "pip" ], "name": [ "pip" ], "requirements": null, "state": "latest", "version": null, "virtualenv": "/tmp/certificate-tests-venv" } STDOUT: Requirement already satisfied: pip in ./certificate-tests-venv/lib/python3.6/site-packages (21.3.1) TASK [Install certreader] ****************************************************** task path: /tmp/tmpj_xtuxdz/tests/certificate/tasks/assert_certificate_parameters.yml:18 Wednesday 06 July 2022 04:36:58 +0000 (0:00:00.986) 0:00:24.308 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "changed": false, "cmd": [ "/tmp/certificate-tests-venv/bin/pip3", "install", "cryptography<35", "certreader>=0.1.1" ], "name": [ "cryptography<35", "certreader>=0.1.1" ], "requirements": null, "state": "present", "version": null, "virtualenv": "/tmp/certificate-tests-venv" } STDOUT: Requirement already satisfied: cryptography<35 in ./certificate-tests-venv/lib/python3.6/site-packages (3.4.8) Requirement already satisfied: certreader>=0.1.1 in ./certificate-tests-venv/lib/python3.6/site-packages (0.1.1) Requirement already satisfied: cffi>=1.12 in ./certificate-tests-venv/lib/python3.6/site-packages (from cryptography<35) (1.15.1) Requirement already satisfied: pyasn1 in ./certificate-tests-venv/lib/python3.6/site-packages (from certreader>=0.1.1) (0.4.8) Requirement already satisfied: pyyaml in ./certificate-tests-venv/lib/python3.6/site-packages (from certreader>=0.1.1) (6.0) Requirement already satisfied: pycparser in ./certificate-tests-venv/lib/python3.6/site-packages (from cffi>=1.12->cryptography<35) (2.21) TASK [Retrieve certificate file stats] ***************************************** task path: /tmp/tmpj_xtuxdz/tests/certificate/tasks/assert_certificate_parameters.yml:26 Wednesday 06 July 2022 04:36:58 +0000 (0:00:00.861) 0:00:25.169 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "changed": false, "stat": { "atime": 1657082202.1277494, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "d63b8d5f411696effe9a74e95c707a24cfac0dd8", "ctime": 1657082202.1247494, "dev": 64515, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 16980536, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1657082202.1247494, "nlink": 1, "path": "/etc/pki/tls/certs/another-cert.crt", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1294, "uid": 0, "version": "4091685936", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify if certificate file exists] *************************************** task path: /tmp/tmpj_xtuxdz/tests/certificate/tasks/assert_certificate_parameters.yml:31 Wednesday 06 July 2022 04:36:59 +0000 (0:00:00.387) 0:00:25.557 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "changed": false } MSG: All assertions passed TASK [Verify certificate file owner and group] ********************************* task path: /tmp/tmpj_xtuxdz/tests/certificate/tasks/assert_certificate_parameters.yml:37 Wednesday 06 July 2022 04:36:59 +0000 (0:00:00.032) 0:00:25.590 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "changed": false } MSG: All assertions passed TASK [Verify certificate permissions] ****************************************** task path: /tmp/tmpj_xtuxdz/tests/certificate/tasks/assert_certificate_parameters.yml:47 Wednesday 06 July 2022 04:36:59 +0000 (0:00:00.048) 0:00:25.639 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "changed": false } MSG: All assertions passed TASK [Retrieve key file stats] ************************************************* task path: /tmp/tmpj_xtuxdz/tests/certificate/tasks/assert_certificate_parameters.yml:53 Wednesday 06 July 2022 04:36:59 +0000 (0:00:00.045) 0:00:25.684 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "changed": false, "stat": { "atime": 1657082202.0787494, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "120dcb5ff5336681d191b9bd8304dacba0097547", "ctime": 1657082202.1247494, "dev": 64515, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 26493083, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1657082202.1247494, "nlink": 1, "path": "/etc/pki/tls/private/another-cert.key", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1708, "uid": 0, "version": "4060110573", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify if key file exists] *********************************************** task path: /tmp/tmpj_xtuxdz/tests/certificate/tasks/assert_certificate_parameters.yml:58 Wednesday 06 July 2022 04:36:59 +0000 (0:00:00.355) 0:00:26.040 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "changed": false } MSG: All assertions passed TASK [Verify key file owner and group] ***************************************** task path: /tmp/tmpj_xtuxdz/tests/certificate/tasks/assert_certificate_parameters.yml:64 Wednesday 06 July 2022 04:36:59 +0000 (0:00:00.063) 0:00:26.103 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "changed": false } MSG: All assertions passed TASK [Parse certificate] ******************************************************* task path: /tmp/tmpj_xtuxdz/tests/certificate/tasks/assert_certificate_parameters.yml:74 Wednesday 06 July 2022 04:36:59 +0000 (0:00:00.047) 0:00:26.151 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "changed": false, "cmd": [ "/tmp/certificate-tests-venv/bin/certreader2json", "/etc/pki/tls/certs/another-cert.crt" ], "delta": "0:00:00.231512", "end": "2022-07-06 00:36:59.725099", "rc": 0, "start": "2022-07-06 00:36:59.493587" } STDOUT: { "subject": [ { "name": "commonName", "oid": "2.5.4.3", "value": "www.example.net" } ], "extensions": { "keyUsage": { "value": [ "digital_signature", "key_encipherment" ], "critical": false }, "subjectAltName": { "value": [ { "name": "DNS", "value": "www.example.net" } ], "critical": false }, "extendedKeyUsage": { "value": [ { "name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1" }, { "name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2" } ], "critical": false }, "basicConstraints": { "value": { "ca": false }, "critical": true }, "subjectKeyIdentifier": { "value": "33:E1:35:99:6E:6A:61:56:CD:50:88:1E:35:C6:5C:D2:15:2C:6A:A4", "critical": false }, "authorityKeyIdentifier": { "value": "8A:94:1E:CC:14:86:F2:5F:BE:A3:0B:04:B8:91:8D:D3:C3:5A:D9:2C", "critical": false } }, "signature_algorithm": { "algorithm": "sha256WithRSAEncryption", "signature": "76:FE:EE:24:10:A9:6A:4B:BA:B3:EB:58:E3:77:86:FD:0C:D6:B6:22:9D:F7:15:A0:DB:BE:97:04:BD:A9:08:26:84:93:3D:E8:13:8E:29:4E:16:DA:40:53:E9:3C:3F:DF:DC:C8:3C:A5:8D:A2:33:73:44:C2:3C:79:AE:04:B8:B8:86:43:A1:A2:12:64:FB:45:2D:A5:6C:9A:D6:5F:B9:E3:D4:12:DB:E8:B9:97:7D:BC:39:2F:4F:81:21:62:BA:00:C0:A2:1B:0E:43:5F:53:53:E0:A4:F9:A4:0C:01:FE:D9:85:7B:F7:CF:A0:E3:90:B7:08:2B:80:A2:86:03:E5:08:B9:2F:A6:0A:34:AD:78:BC:57:9B:63:FE:66:06:08:72:DC:C6:7A:87:90:84:58:3A:12:58:BD:72:C7:7F:71:AB:B2:77:FB:57:28:44:DF:FF:9B:A1:1B:30:94:D6:59:F5:94:57:79:5B:76:AA:AE:0C:57:C9:74:E2:7D:F0:F7:F4:38:63:B6:DE:BA:4A:31:2A:6B:2A:DF:F5:3E:DA:61:BB:31:63:12:7E:EE:91:D1:61:CE:D0:6A:02:4E:44:F7:0D:66:F8:05:CF:D6:F3:1D:74:D0:07:23:F6:65:80:44:43:8E:88:99:C7:64:4D:33:62:20:64:28:BE:FE:72:07:65" }, "key_size": 2048, "validity": { "not_valid_after": "2023-07-06 04:30:53", "not_valid_before": "2022-07-06 04:36:42" } } TASK [Load certificate YAML to cert_issued variable] *************************** task path: /tmp/tmpj_xtuxdz/tests/certificate/tasks/assert_certificate_parameters.yml:79 Wednesday 06 July 2022 04:37:00 +0000 (0:00:00.606) 0:00:26.757 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "ansible_facts": { "cert_issued": { "extensions": { "authorityKeyIdentifier": { "critical": false, "value": "8A:94:1E:CC:14:86:F2:5F:BE:A3:0B:04:B8:91:8D:D3:C3:5A:D9:2C" }, "basicConstraints": { "critical": true, "value": { "ca": false } }, "extendedKeyUsage": { "critical": false, "value": [ { "name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1" }, { "name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2" } ] }, "keyUsage": { "critical": false, "value": [ "digital_signature", "key_encipherment" ] }, "subjectAltName": { "critical": false, "value": [ { "name": "DNS", "value": "www.example.net" } ] }, "subjectKeyIdentifier": { "critical": false, "value": "33:E1:35:99:6E:6A:61:56:CD:50:88:1E:35:C6:5C:D2:15:2C:6A:A4" } }, "key_size": 2048, "signature_algorithm": { "algorithm": "sha256WithRSAEncryption", "signature": "76:FE:EE:24:10:A9:6A:4B:BA:B3:EB:58:E3:77:86:FD:0C:D6:B6:22:9D:F7:15:A0:DB:BE:97:04:BD:A9:08:26:84:93:3D:E8:13:8E:29:4E:16:DA:40:53:E9:3C:3F:DF:DC:C8:3C:A5:8D:A2:33:73:44:C2:3C:79:AE:04:B8:B8:86:43:A1:A2:12:64:FB:45:2D:A5:6C:9A:D6:5F:B9:E3:D4:12:DB:E8:B9:97:7D:BC:39:2F:4F:81:21:62:BA:00:C0:A2:1B:0E:43:5F:53:53:E0:A4:F9:A4:0C:01:FE:D9:85:7B:F7:CF:A0:E3:90:B7:08:2B:80:A2:86:03:E5:08:B9:2F:A6:0A:34:AD:78:BC:57:9B:63:FE:66:06:08:72:DC:C6:7A:87:90:84:58:3A:12:58:BD:72:C7:7F:71:AB:B2:77:FB:57:28:44:DF:FF:9B:A1:1B:30:94:D6:59:F5:94:57:79:5B:76:AA:AE:0C:57:C9:74:E2:7D:F0:F7:F4:38:63:B6:DE:BA:4A:31:2A:6B:2A:DF:F5:3E:DA:61:BB:31:63:12:7E:EE:91:D1:61:CE:D0:6A:02:4E:44:F7:0D:66:F8:05:CF:D6:F3:1D:74:D0:07:23:F6:65:80:44:43:8E:88:99:C7:64:4D:33:62:20:64:28:BE:FE:72:07:65" }, "subject": [ { "name": "commonName", "oid": "2.5.4.3", "value": "www.example.net" } ], "validity": { "not_valid_after": "2023-07-06 04:30:53", "not_valid_before": "2022-07-06 04:36:42" } } }, "changed": false } TASK [Verify certificate subject] ********************************************** task path: /tmp/tmpj_xtuxdz/tests/certificate/tasks/assert_certificate_parameters.yml:83 Wednesday 06 July 2022 04:37:00 +0000 (0:00:00.044) 0:00:26.801 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "changed": false } MSG: All assertions passed TASK [Verify certificate SAN] ************************************************** task path: /tmp/tmpj_xtuxdz/tests/certificate/tasks/assert_certificate_parameters.yml:91 Wednesday 06 July 2022 04:37:00 +0000 (0:00:00.045) 0:00:26.847 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "changed": false } MSG: All assertions passed TASK [Verify key size] ********************************************************* task path: /tmp/tmpj_xtuxdz/tests/certificate/tasks/assert_certificate_parameters.yml:99 Wednesday 06 July 2022 04:37:00 +0000 (0:00:00.034) 0:00:26.881 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "changed": false } MSG: All assertions passed TASK [Verify certificate Key Usage] ******************************************** task path: /tmp/tmpj_xtuxdz/tests/certificate/tasks/assert_certificate_parameters.yml:106 Wednesday 06 July 2022 04:37:00 +0000 (0:00:00.075) 0:00:26.957 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "changed": false } MSG: All assertions passed TASK [Verify certificate Extended Key Usage] *********************************** task path: /tmp/tmpj_xtuxdz/tests/certificate/tasks/assert_certificate_parameters.yml:118 Wednesday 06 July 2022 04:37:00 +0000 (0:00:00.070) 0:00:27.027 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "changed": false } MSG: All assertions passed TASK [Retrieve auto-renew flag] ************************************************ task path: /tmp/tmpj_xtuxdz/tests/certificate/tasks/assert_certificate_parameters.yml:132 Wednesday 06 July 2022 04:37:00 +0000 (0:00:00.048) 0:00:27.076 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "changed": false, "cmd": "set -euo pipefail; getcert list -f /etc/pki/tls/certs/another-cert.crt | grep 'auto-renew' | sed 's/^\\s\\+auto-renew: //g'", "delta": "0:00:00.074010", "end": "2022-07-06 00:37:00.490935", "rc": 0, "start": "2022-07-06 00:37:00.416925" } STDOUT: yes TASK [Verify certificate auto-renew flag] ************************************** task path: /tmp/tmpj_xtuxdz/tests/certificate/tasks/assert_certificate_parameters.yml:141 Wednesday 06 July 2022 04:37:01 +0000 (0:00:00.449) 0:00:27.526 ******** ok: [/cache/rhel-8-y.qcow2.snap] => { "changed": false } MSG: All assertions passed META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/rhel-8-y.qcow2.snap : ok=73 changed=1 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0 Wednesday 06 July 2022 04:37:01 +0000 (0:00:00.079) 0:00:27.605 ******** =============================================================================== fedora.linux_system_roles.certificate : Ensure certificate requests ----- 2.93s /tmp/tmpsp7qopjw/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:99 fedora.linux_system_roles.certificate : Ensure certificate role dependencies are installed --- 1.51s /tmp/tmpsp7qopjw/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:5 fedora.linux_system_roles.certificate : Ensure provider packages are installed --- 1.43s /tmp/tmpsp7qopjw/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:22 Ensure python3 is installed --------------------------------------------- 1.32s /tmp/tmpj_xtuxdz/tests/certificate/tasks/assert_certificate_parameters.yml:6 -- Ensure python3 is installed --------------------------------------------- 1.32s /tmp/tmpj_xtuxdz/tests/certificate/tasks/assert_certificate_parameters.yml:6 -- Ensure python3 is installed --------------------------------------------- 1.31s /tmp/tmpj_xtuxdz/tests/certificate/tasks/assert_certificate_parameters.yml:6 -- Install the package, force upgrade -------------------------------------- 1.18s /tmp/tmpj_xtuxdz/tests/certificate/tasks/assert_certificate_parameters.yml:11 - Gathering Facts --------------------------------------------------------- 1.14s /tmp/tmpj_xtuxdz/tests/certificate/tests_many_self_signed.yml:2 --------------- Install the package, force upgrade -------------------------------------- 1.04s /tmp/tmpj_xtuxdz/tests/certificate/tasks/assert_certificate_parameters.yml:11 - Install the package, force upgrade -------------------------------------- 0.99s /tmp/tmpj_xtuxdz/tests/certificate/tasks/assert_certificate_parameters.yml:11 - Install certreader ------------------------------------------------------ 0.90s /tmp/tmpj_xtuxdz/tests/certificate/tasks/assert_certificate_parameters.yml:18 - Install certreader ------------------------------------------------------ 0.89s /tmp/tmpj_xtuxdz/tests/certificate/tasks/assert_certificate_parameters.yml:18 - Install certreader ------------------------------------------------------ 0.86s /tmp/tmpj_xtuxdz/tests/certificate/tasks/assert_certificate_parameters.yml:18 - Gathering Facts --------------------------------------------------------- 0.84s /tmp/tmpj_xtuxdz/tests/certificate/tests_many_self_signed.yml:18 -------------- fedora.linux_system_roles.certificate : Ensure provider service is running --- 0.80s /tmp/tmpsp7qopjw/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:88 Parse certificate ------------------------------------------------------- 0.69s /tmp/tmpj_xtuxdz/tests/certificate/tasks/assert_certificate_parameters.yml:74 - Parse certificate ------------------------------------------------------- 0.61s /tmp/tmpj_xtuxdz/tests/certificate/tasks/assert_certificate_parameters.yml:74 - Parse certificate ------------------------------------------------------- 0.59s /tmp/tmpj_xtuxdz/tests/certificate/tasks/assert_certificate_parameters.yml:74 - fedora.linux_system_roles.certificate : Ensure ansible_facts used by role --- 0.55s /tmp/tmpsp7qopjw/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/set_vars.yml:2 fedora.linux_system_roles.certificate : Ensure pre-scripts hooks directory exists --- 0.53s /tmp/tmpsp7qopjw/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:33