ara | Result #165: [changed] community.crypto.openssl_csr on localhost for "pki : Create the CA CSR for ExampleCorpRoot"

/home/zuul/src/opendev.org/openstack/openstack-ansible/playbooks/setup-hosts.yml

Execution

Date 05 Dec 2025 13:22:31 +0000

Duration 00:00:50.80

Controller aio1.openstack.local

User root

Versions

Ansible 2.18.6

ara 1.7.4 / 1.7.4

Python 3.12.11

Summary

2 Hosts

72 Tasks

71 Results

7 Plays

97 Files

0 Records

check:False tags:all

Date
05 Dec 2025 13:22:31 +0000
Path
/home/zuul/src/opendev.org/openstack/openstack-ansible/playbooks/setup-hosts.yml

Argument	Value
version	None
verbosity	0
private_key_file	None
remote_user	None
connection	openstack.osa.ssh
timeout	None
ssh_common_args	None
sftp_extra_args	None
scp_extra_args	None
ssh_extra_args	None
ask_pass	False
connection_password_file	None
force_handlers	True
flush_cache	False
become	False
become_method	sudo
become_user	None
become_ask_pass	False
become_password_file	None
tags	['all']
skip_tags	[]
check	False
diff	False
inventory	['/home/zuul/src/opendev.org/openstack/openstack-ansible/inventory/dynamic_inventory.py', '/home/zuul/src/opendev.org/openstack/openstack-ansible/inventory/inventory.ini', '/etc/openstack_deploy/inventory.ini']
listhosts	False
subset	None
extra_vars	Not saved by ARA as configured by 'ignored_arguments'
vault_ids	[]
ask_vault_pass	False
vault_password_files	[]
forks	4
module_path	None
syntax	False
listtasks	False
listtags	False
step	False
start_at_task	None
args	['setup-hosts.yml']

Task result details

Status
CHANGED
Duration
00:00:00.68
Play
Create CA certificates
Task
pki : Create the CA CSR for ExampleCorpRoot
Host
localhost ( task delegated to localhost )

Date
05 Dec 2025 13:22:40 +0000
Module / Action
community.crypto.openssl_csr (/home/zuul/src/opendev.org/openstack/ansible-role-pki/tasks/standalone/create_ca.yml:92)
Tags
- always

Field	Value
basicConstraints	[ "CA:TRUE" ]
changed	True
diff	--- before +++ after @@ -1 +1,72 @@ -{} +{ + "authority_cert_issuer": null, + "authority_cert_serial_number": null, + "authority_key_identifier": null, + "basic_constraints": [ + "CA:TRUE" + ], + "basic_constraints_critical": true, + "can_parse_csr": true, + "extended_key_usage": null, + "extended_key_usage_critical": false, + "extensions_by_oid": { + "2.5.29.15": { + "critical": false, + "value": "AwIBhg==" + }, + "2.5.29.17": { + "critical": false, + "value": "MBaCFEV4YW1wbGUgQ29ycCBSb290IENB" + }, + "2.5.29.19": { + "critical": true, + "value": "MAMBAf8=" + } + }, + "key_usage": [ + "CRL Sign", + "Certificate Sign", + "Digital Signature" + ], + "key_usage_critical": false, + "name_constraints_critical": false, + "name_constraints_excluded": null, + "name_constraints_permitted": null, + "ocsp_must_staple": null, + "ocsp_must_staple_critical": false, + "public_key": "-----BEGIN PUBLIC KEY-----\nMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAzkhaEvHVgvThuNSsGs/S\ncYl8AWz66WUH+xd45mxkEeIcOFQfrwx4JQykh/j3vbNMGRfTt+fSXkzpMLGaTlee\n3ULsUCDnUYjxXCRFvyUmqkqbId481mAZniyykEx7aduKTkT9PQ2IUZYIxLFDRJBB\nr5r34/Y1h41UC6gmK0nI49EPK9unwkF8xjEkFsvtwZwtnVHty6frbAhe26XjkJbs\n/o1GsGnaxy/owni3KfxvtQwTyEAGa1L0kmb1yUQiMhVaYhSDk3kN3sLncd6jPKFV\nLgWlu1phVcxRy3FRt6OSveytcLx9bbSoBC9pQPe8bnbGQVObTZ4yf9NCH3fGB2BL\nfberljhuiUwKSmjN7SKqyLpI83nXRs3Gv+Yp143aqwLaQdWw4kxh2eaaNPs1iEYu\nanhlLcr/N+82cq/KFmLo1X5QrZc/nSRJKrr27VDizm+o525HjwODxEi1uBggffuB\n09Mz9QyWJQWydrKIMmFf0a+lI/c1V5Q7KgQKNTdyfH2v5igg5SRjrHO/FmjhHzuW\nSpkmelkc0+ycGbS5w2cu4EpTELKUtGW4ZppFW2GvO2ZpAF0RZamgpdCxBp8U+CKv\nNPQXgiteQQZTND13s4htnyGxN+KkABCdblkcJuUqnSpMU3PwA60ithgURWRr7Ktz\nRNu18K23rzZe9qvEPgx+UFsCAwEAAQ==\n-----END PUBLIC KEY-----\n", + "public_key_data": { + "exponent": 65537, + "modulus": 841559685051515576580596970645420763757214309392498741092136997294503589345490916252452503741090740818782072428497927969730623603275285661866191721780627829960046344801052108594947237505475643257025354493676502981546670336357697946651395792799095729062844490061028327105816066929184904780531316755672542111702559594755492440923725656474806621903143491124813755283780552378273917100933127486609931337550455444382430214613471024086602790293776925457789941418141846376840201848837195378947216019262311767264952627467597372892861932251435091991799288870030451440057504205367298857961306914686118203616416673973787480615926982505961320782227426996044475586424259743753938295929393890657688049281689653481315241038593279877432428629575836761434709032717284342241326922477446120723914720945895266449986515552992488749047461040753373779851304760135282060080279265690418851371564338591428284143562183192599891031891904057279328972905375022501817839395499721427061194581430586073360387886312591963816139175232813901497097720154306047494336960648358562126628882557705672731147274314560608730195929069494668093433955631340066198475876079441326467911693419729154389175119972658179007723449386123732730926826978464646208181521548610188395264495707, + "size": 4096 + }, + "public_key_fingerprints": { + "sha256": "ea:e5:27:dc:53:c3:ce:ca:9a:a1:88:51:5a:56:bc:df:ce:3d:59:87:a2:f2:76:b8:3d:65:48:7c:59:a6:6e:e7" + }, + "public_key_type": "RSA", + "signature_valid": true, + "subject": { + "commonName": "Example Corp Root CA", + "countryName": "GB", + "stateOrProvinceName": "England" + }, + "subject_alt_name": [ + "DNS:Example Corp Root CA" + ], + "subject_alt_name_critical": false, + "subject_key_identifier": null, + "subject_ordered": [ + [ + "countryName", + "GB" + ], + [ + "stateOrProvinceName", + "England" + ], + [ + "commonName", + "Example Corp Root CA" + ] + ] +}
extendedKeyUsage	None
filename	/etc/openstack_deploy/pki/roots/ExampleCorpRoot/csr/ca_csr-1000.csr
invocation	{ "module_args": { "attributes": null, "authority_cert_issuer": null, "authority_cert_serial_number": null, "authority_key_identifier": null, "backup": true, "basic_constraints": [ "CA:TRUE" ], "basic_constraints_critical": true, "common_name": "Example Corp Root CA", "country_name": "GB", "create_subject_key_identifier": false, "crl_distribution_points": null, "digest": "sha256", "email_address": null, "extended_key_usage": null, "extended_key_usage_critical": false, "force": false, "group": null, "key_usage": [ "digitalSignature", "cRLSign", "keyCertSign" ], "key_usage_critical": false, "locality_name": null, "mode": null, "name_constraints_critical": false, "name_constraints_excluded": null, "name_constraints_permitted": null, "ocsp_must_staple": false, "ocsp_must_staple_critical": false, "organization_name": null, "organizational_unit_name": null, "owner": null, "path": "/etc/openstack_deploy/pki/roots/ExampleCorpRoot/csr/ca_csr-1000.csr", "privatekey_content": null, "privatekey_passphrase": null, "privatekey_path": "/etc/openstack_deploy/pki/roots/ExampleCorpRoot/private/ExampleCorpRoot.key.pem", "return_content": false, "select_crypto_backend": "auto", "selevel": null, "serole": null, "setype": null, "seuser": null, "state": "present", "state_or_province_name": "England", "subject": null, "subject_alt_name": null, "subject_alt_name_critical": false, "subject_key_identifier": null, "subject_ordered": null, "unsafe_writes": false, "use_common_name_for_san": true, "version": 1 } }
keyUsage	[ "digitalSignature", "cRLSign", "keyCertSign" ]
name_constraints_excluded	[]
name_constraints_permitted	[]
ocspMustStaple	False
privatekey	/etc/openstack_deploy/pki/roots/ExampleCorpRoot/private/ExampleCorpRoot.key.pem
subject	[ [ "C", "GB" ], [ "ST", "England" ], [ "CN", "Example Corp Root CA" ] ]
subjectAltName	[ "DNS:Example Corp Root CA" ]

Playbook #2

Task result details