-
Notifications
You must be signed in to change notification settings - Fork 0
/
create_CERTAUTH_cert_tsocmd.yml
53 lines (48 loc) · 1.85 KB
/
create_CERTAUTH_cert_tsocmd.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
###############################################################################
# © Copyright IBM Corporation 2020, 2021
###############################################################################
- hosts: all
collections:
- ibm.ibm_zos_core
gather_facts: false
environment: "{{ environment_vars }}"
vars:
owner_id: 'ALICIA'
cert_label: 'IBM CA'
cn: '{{cert_label}}'
ou: 'ANSIBLE CORE'
country: 'US'
keyring: 'SharedRing1'
expiry_date: ''
check_name: 'IBMRACF,RACF_CERTIFICATE_EXPIRATION'
tasks:
- block:
- include_role:
name: issue_tso_cmd
vars:
task_description: 'Create a new keyring'
command:
- RACDCERT ADDRING({{keyring}}) ID({{owner_id}})
- RACDCERT LISTRING({{keyring}}) ID({{owner_id}})
ignore_errors: true
- include_role:
name: issue_tso_cmd
vars:
task_description: 'Create new CA cert and connect to keyring'
command:
- RACDCERT GENCERT CERTAUTH KEYUSAGE(CERTSIGN) SUBJECTSDN(CN('{{cn}}') OU('{{ou}}') C('{{country}}')) WITHLABEL('{{cert_label}}') NOTAFTER(DATE({{expiry_date}}))
- RACDCERT ID({{owner_id}}) CONNECT(CERTAUTH LABEL('{{cert_label}}') RING({{keyring}}))
when: not expiry_date == ''
- include_role:
name: issue_tso_cmd
vars:
task_description: 'Create new CA cert and connect to keyring'
command:
- RACDCERT GENCERT CERTAUTH KEYUSAGE(CERTSIGN) SUBJECTSDN(CN('{{cn}}') OU('{{ou}}') C('{{country}}')) WITHLABEL('{{cert_label}}')
- RACDCERT ID({{owner_id}}) CONNECT(CERTAUTH LABEL('{{cert_label}}') RING({{keyring}}))
when: expiry_date == ''
- include_role:
name: issue_operator_cmd
vars:
task_description: 'Run Health Checker'
command: "F HZSPROC,RUN,CHECK=({{check_name}})"