我试图弄清楚如何.crt从我们的网络服务器之一获取文件列表并检查这些认证文件的到期日期(实际上检查这些证书在某个时间范围内是否有效)。到目前为止我所拥有的是以下.yml剧本代码:
#
# simple playbook to check certificates expiration date
- name: find cerfication files & expiration dates
hosts: 10.0.1.120
gather_facts: false
tasks:
- name: Find cert files under /etc/pki/tls/certs
find:
paths: /etc/pki/tls/certs
file_type: file
patterns: "*.crt"
recurse: yes
excludes: "localhost.crt"
register: find_result
- name: check validity
openssl_certificate_info:
path: "{{ item.path }}"
valid_at:
point_1: "+1w"
point_2: "+10w"
register: result
loop: "{{ find_result.files|flatten(levels=1) }}"
#- name: validate
#assert:
#that:
#- result.valid_at.point_1
#- result.valid_at.point_2
- debug: msg= "{{ …