trfore.smallstep.step_ca_cert role – Download and add the CA root certificate to trust stores

Note

This role is part of the trfore.smallstep collection (version 1.1.2).

It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it use: ansible-galaxy collection install trfore.smallstep.

To use it in a playbook, specify: trfore.smallstep.step_ca_cert.

Entry point main – Download and add the CA root certificate to trust stores

Synopsis

• Download and add the CA root certificate into the system’s trust store.

• Optionally, add it to Firefox and Java’s trust stores.

Parameters

Parameter	Comments
step_ca_cert_firefox boolean	Add CA root certificate to the Firefox NSS security database. Choices: false ← (default) true
step_ca_cert_java boolean	Add CA root certificate to the Java key store. Choices: false ← (default) true
step_ca_fingerprint string / required	Fingerprint of the CA root certificate.
step_ca_path path	Step CA folder containing the CA configuration and root certificate. Default: "/etc/step-ca/"
step_ca_url string / required	URI of the step CA.

Collection links

• Issue Tracker
• Repository (Sources)
• Submit a Bug Report
• Request a Feature