{"id":23359832,"url":"https://github.com/firehed/ansible-self-signed-ssl","last_synced_at":"2026-01-28T19:33:17.170Z","repository":{"id":138434630,"uuid":"45146510","full_name":"Firehed/ansible-self-signed-ssl","owner":"Firehed","description":"Ansible role: Set up a self-signed SSL cert (intended primarily for servers behind CloudFlare)","archived":false,"fork":false,"pushed_at":"2015-10-30T21:57:48.000Z","size":128,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-06-02T05:55:03.232Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Firehed.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2015-10-28T22:49:25.000Z","updated_at":"2020-07-28T00:13:04.000Z","dependencies_parsed_at":"2023-03-13T15:32:18.802Z","dependency_job_id":null,"html_url":"https://github.com/Firehed/ansible-self-signed-ssl","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/Firehed/ansible-self-signed-ssl","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Firehed%2Fansible-self-signed-ssl","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Firehed%2Fansible-self-signed-ssl/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Firehed%2Fansible-self-signed-ssl/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Firehed%2Fansible-self-signed-ssl/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Firehed","download_url":"https://codeload.github.com/Firehed/ansible-self-signed-ssl/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Firehed%2Fansible-self-signed-ssl/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28850312,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-28T15:15:36.453Z","status":"ssl_error","status_checked_at":"2026-01-28T15:15:13.020Z","response_time":57,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-12-21T11:12:05.328Z","updated_at":"2026-01-28T19:33:17.155Z","avatar_url":"https://github.com/Firehed.png","language":null,"funding_links":[],"categories":[],"sub_categories":[],"readme":"Self Signed SSL Certificate Generator\n=========\n**DO NOT USE THIS** if you handle sensitive information such as personally-indentifyable information or payment card data. The generated keys are only suitable to protect against passive snooping. Connections can still be MITM'd by an active adversary because these certificates are not signed by a trusted CA.\n\nThis will build a self-signed SSL keypair and write them out to, by default, `/etc/ssl/ssl_domain/{key,csr,cert}.pem`.  These keys are intended primarily to be put on a front-end behind CloudFlare in \"Full\" SSL mode; see [option 1](https://blog.cloudflare.com/origin-server-connection-security-with-universal-ssl/) in CloudFlare's SSL blog.\n\n\nRequirements\n------------\n\nOpenSSL must be installed on the system. This does not attempt to install it.\n\nRole Variables\n--------------\n\n\tself_signed_ssl_domain: \"\"\n\t\n\tself_signed_ssl_country: \"\"\n\tself_signed_ssl_state: \"\"\n\tself_signed_ssl_city: \"\"\n\tself_signed_ssl_org: \"\"\n\t\n\tself_signed_ssl_dir: /etc/ssl/{{ self_signed_ssl_domain }}\n\tself_signed_ssl_dh_size: 2048\n\tself_signed_ssl_key_size: 2048\n\tself_signed_ssl_ecc: no\n\t\n\t# You probably will not need to change these\n\tself_signed_ssl_key_file: key.pem\n\tself_signed_ssl_csr_file: csr.pem\n\tself_signed_ssl_cert_file: cert.pem\n\tself_signed_ssl_dhparam_file: dhparam.pem\n\t\n\t# Public key lifetime in days; defaults to 5 years\n\tself_signed_ssl_cert_lifetime: 1825\n\nTo skip Diffie-Hellman params file generation, set `dh_size` to 0.\n\nTo generate an EC private key, set `ecc` to `yes`.\n\nExample Playbook\n----------------\n    - hosts: servers\n      roles:\n      - role: Firehed.self_signed_ssl\n        self_signed_ssl_domain: example.com\n        self_signed_ssl_country: US\n        self_signed_ssl_state: California\n        self_signed_ssl_city: San Francisco\n        self_signed_ssl_org: Example Org\nLicense\n-------\n\nMIT\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ffirehed%2Fansible-self-signed-ssl","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ffirehed%2Fansible-self-signed-ssl","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ffirehed%2Fansible-self-signed-ssl/lists"}