Are you trying to generate one cert that is then used on all servers or generate individual certs for each server?
It seems that you are saying that you want to... 1) generate a single cert on the ca server 2) copy that to the ansible server 3) copy that cert to all of the other servers If that is correct wouldn't it be best to have one pair of tasks to do 1 and 2 only on the CA server and 3 on the other servers. Note that the cert will be different every time this is run so it will never not change. Splitting into two separate sets would allow the cert creation to be run independently from copying it out, and keep the cert push to only changing when the cert changes. An alternative would be to use creates to ensure the cert isn't recreated every time. If the goal is to have a different cert for every host you should be able to just delegate the cert creation task and the fetch task to the ca server. -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/8b0842fe-fadc-4e0e-a5e7-4edee1f4db4f%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
