0
I'd like to handle nginx let's encrypt certifs' renewal with ansible. So I've tried to use the module acme_certificate and acme_account. I have difficulty to understand how is created the acme account. In examples from ansible documentation, I've seen that a 4096 bits rsa key is enought to create the key but I think it was for acme v1. This is what I've got in my playbook :
- name: "Generate Let's Encrypt private key"
openssl_privatekey:
path: "{{ letsencrypt_account_key }}"
state: present
- name: "Create acme account key"
acme_account:
account_key_src: "{{ letsencrypt_account_key }}"
state: present
terms_agreed: yes
acme_version: 2
contact:
- "mailto:{{ acme_email }}"
And obvisously I got an error :
TASK [Create acme account key] ***************************************************************************************************************************************************
fatal: [kb2front1]: FAILED! => {"changed": false, "msg": "error while parsing account key: error while loading key: Could not deserialize key data.", "other": {}}
When I 've checked the account created by certbot I 've noticed json file but I've no idea about their generation. Does anyone already success in using this acme_account and acme_certificate to handle let's encrypt certif ?
Thanks,
Fayçal