EasyRSA – Make a certificate and copy to ansible staging dir

I use this script on my CA server to create a certificate for each new server we provision. This allows our internal PKI to function.

This script creates a certificate then copies it to the Ansible server where is can be deployed to the destination host

Obviously you’ll need to take the necessary precautions around key security


cd /home/admin/EasyRSA-3.0.5/
/home/admin/EasyRSA-3.0.5/easyrsa build-server-full $ISSUE_NAME nopass
ssh edpk-ansible..local 'mkdir -p /home/admin/ansible/files/'$1'/'
scp /home/admin/EasyRSA-3.0.5/pki/issued/$ISSUE_NAME.crt edpk-ansible..local:/home/admin/ansible/files/$1/$1.crt
scp /home/admin/EasyRSA-3.0.5/pki/private/$ISSUE_NAME.key edpk-ansible..local:/home/admin/ansible/files/$1/$1.key
cd ~