{"id":18914823,"url":"https://github.com/cinnion/ansible-role-letsencrypt-ca","last_synced_at":"2026-04-18T00:32:07.260Z","repository":{"id":151471423,"uuid":"161034137","full_name":"cinnion/ansible-role-letsencrypt-ca","owner":"cinnion","description":"An ansible role for pushing the Let's Encrypt root certificates to hosts","archived":false,"fork":false,"pushed_at":"2024-10-10T20:33:56.000Z","size":20,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-05-24T18:41:55.702Z","etag":null,"topics":["ansible","ansible-role","certbot","devops","sssd"],"latest_commit_sha":null,"homepage":null,"language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/cinnion.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2018-12-09T11:54:35.000Z","updated_at":"2024-10-10T20:34:00.000Z","dependencies_parsed_at":"2024-11-08T10:12:59.053Z","dependency_job_id":"0d2f9aba-a1c5-49e6-8056-8fde35f63c3e","html_url":"https://github.com/cinnion/ansible-role-letsencrypt-ca","commit_stats":null,"previous_names":["cinnion/ansible-role-letsencrypt-ca"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/cinnion/ansible-role-letsencrypt-ca","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cinnion%2Fansible-role-letsencrypt-ca","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cinnion%2Fansible-role-letsencrypt-ca/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cinnion%2Fansible-role-letsencrypt-ca/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cinnion%2Fansible-role-letsencrypt-ca/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/cinnion","download_url":"https://codeload.github.com/cinnion/ansible-role-letsencrypt-ca/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cinnion%2Fansible-role-letsencrypt-ca/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":31951291,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-17T17:29:20.459Z","status":"ssl_error","status_checked_at":"2026-04-17T17:28:47.801Z","response_time":62,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.6:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["ansible","ansible-role","certbot","devops","sssd"],"created_at":"2024-11-08T10:13:02.244Z","updated_at":"2026-04-18T00:32:07.221Z","avatar_url":"https://github.com/cinnion.png","language":null,"funding_links":[],"categories":[],"sub_categories":[],"readme":"# Ansible Role: Let's Encrypt CA root certificates\n\nAn Ansible Role which installs the Let's Encrypt CA certificates to hosts,\nrebuilds the SSL CA certificate bundle, and then restarts the SSSD process on\nRHEL hosts.\n\nFor the actual distribution of certificates for services, see my [letsencrypt-certs](https://github.com/cinnion/letsencrypt-certs)\nrole.\n\n## Requirements\n\nThis role has been developed using Ansible 2.9, and presently only works with\nRHEL/CentOS/Rocky 6.x through 9.x.\n\nIt requires downloading the CA certificates for Let's Encrypt from their\n[Chain of Trust](https://letsencrypt.org/certificates/) page and placing them\nin the `files` directory of this role, with their extension changed to just \n'.pem'\n\nN.B.: At this time, the certificates being pushed are the\n\n* The ISRG Root X1 (self-signed) certificate.\n* The Let’s Encrypt Authority X3 (IdenTrust cross-signed) certificate\n* Let’s Encrypt Authority X3 (IdenTrust cross-signed)\n\nA future version may include automatically downloading these files, or\nmay just include them as a part of the role source, if no issues with copyright\nare found.\n\n## Role Variables:\n\nThe following platform-specific variables are defined in the files under the\n`vars` directory (see `vars/RedHat.yml`).\n\n    ca_trusted_dir: /etc/pki/ca-trust/source/anchors\n\nThe directory where CA certificates are placed for incorporation into the\nCA bundle.\n\n    ca_update_command: update-ca-trust\n\nThe command to be run to rebuild the CA bundle.\n\n## Dependencies\n\nNone.\n\n## Example Playbook\n\n```\n    ---\n    - hosts: all\n      roles:\n        - { role: letsencrypt-ca }\n    ...\n```\n\n## License\n\nThis software is open-sourced software licensed under the\n[Apache 2.0 license](http://www.apache.org/licenses/LICENSE-2.0).\n\n## Author Information\n\nThis role was created 2018 Dec 1 by [Douglas Needham](https://www.ka8zrt.com/).\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcinnion%2Fansible-role-letsencrypt-ca","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fcinnion%2Fansible-role-letsencrypt-ca","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcinnion%2Fansible-role-letsencrypt-ca/lists"}