ansible-playbook [core 2.12.6]
  config file = /etc/ansible/ansible.cfg
  configured module search path = ['/root/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/lib/python3.9/site-packages/ansible
  ansible collection location = /tmp/tmpt8vnebz7
  executable location = /usr/bin/ansible-playbook
  python version = 3.9.13 (main, May 18 2022, 00:00:00) [GCC 11.3.1 20220421 (Red Hat 11.3.1-2)]
  jinja version = 2.11.3
  libyaml = True
Using /etc/ansible/ansible.cfg as config file
Skipping callback 'debug', as we already have a stdout callback.
Skipping callback 'default', as we already have a stdout callback.
Skipping callback 'minimal', as we already have a stdout callback.
Skipping callback 'oneline', as we already have a stdout callback.

PLAYBOOK: rhel-8_setup.yml *****************************************************
1 plays in /cache/rhel-8_setup.yml

PLAY [Setup repos] *************************************************************
META: ran handlers

TASK [set up internal repositories] ********************************************
task path: /cache/rhel-8_setup.yml:5
Wednesday 06 July 2022  22:42:10 +0000 (0:00:00.018)       0:00:00.019 ******** 
ok: [/cache/rhel-8.qcow2] => (item=None) => {
    "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result",
    "changed": false
}
ok: [/cache/rhel-8.qcow2] => (item=None) => {
    "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result",
    "changed": false
}
ok: [/cache/rhel-8.qcow2] => (item=None) => {
    "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result",
    "changed": false
}
ok: [/cache/rhel-8.qcow2] => {
    "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result",
    "changed": false
}
META: ran handlers
META: ran handlers

PLAY RECAP *********************************************************************
/cache/rhel-8.qcow2        : ok=1    changed=0    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0   

Wednesday 06 July 2022  22:42:11 +0000 (0:00:01.305)       0:00:01.324 ******** 
=============================================================================== 
set up internal repositories -------------------------------------------- 1.31s
/cache/rhel-8_setup.yml:5 -----------------------------------------------------

PLAYBOOK: tests_many_self_signed.yml *******************************************
2 plays in /tmp/tmplpebei7w/tests/tests_many_self_signed.yml

PLAY [Issue many self-signed certificates] *************************************

TASK [Gathering Facts] *********************************************************
task path: /tmp/tmplpebei7w/tests/tests_many_self_signed.yml:2
Wednesday 06 July 2022  22:42:11 +0000 (0:00:00.041)       0:00:01.366 ******** 
ok: [/cache/rhel-8.qcow2]
META: ran handlers

TASK [linux-system-roles.certificate : Set version specific variables] *********
task path: /tmp/tmplpebei7w/tests/roles/linux-system-roles.certificate/tasks/main.yml:2
Wednesday 06 July 2022  22:42:12 +0000 (0:00:01.070)       0:00:02.436 ******** 
included: /tmp/tmplpebei7w/tests/roles/linux-system-roles.certificate/tasks/set_vars.yml for /cache/rhel-8.qcow2

TASK [linux-system-roles.certificate : Ensure ansible_facts used by role] ******
task path: /tmp/tmplpebei7w/tests/roles/linux-system-roles.certificate/tasks/set_vars.yml:2
Wednesday 06 July 2022  22:42:12 +0000 (0:00:00.026)       0:00:02.463 ******** 
ok: [/cache/rhel-8.qcow2]

TASK [linux-system-roles.certificate : Set platform/version specific variables] ***
task path: /tmp/tmplpebei7w/tests/roles/linux-system-roles.certificate/tasks/set_vars.yml:8
Wednesday 06 July 2022  22:42:13 +0000 (0:00:00.507)       0:00:02.970 ******** 
skipping: [/cache/rhel-8.qcow2] => (item=RedHat.yml)  => {
    "ansible_loop_var": "item",
    "changed": false,
    "item": "RedHat.yml",
    "skip_reason": "Conditional result was False"
}
skipping: [/cache/rhel-8.qcow2] => (item=RedHat.yml)  => {
    "ansible_loop_var": "item",
    "changed": false,
    "item": "RedHat.yml",
    "skip_reason": "Conditional result was False"
}
skipping: [/cache/rhel-8.qcow2] => (item=RedHat_8.yml)  => {
    "ansible_loop_var": "item",
    "changed": false,
    "item": "RedHat_8.yml",
    "skip_reason": "Conditional result was False"
}
skipping: [/cache/rhel-8.qcow2] => (item=RedHat_8.6.yml)  => {
    "ansible_loop_var": "item",
    "changed": false,
    "item": "RedHat_8.6.yml",
    "skip_reason": "Conditional result was False"
}

TASK [linux-system-roles.certificate : Ensure certificate role dependencies are installed] ***
task path: /tmp/tmplpebei7w/tests/roles/linux-system-roles.certificate/tasks/main.yml:5
Wednesday 06 July 2022  22:42:13 +0000 (0:00:00.040)       0:00:03.011 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "changed": false,
    "rc": 0,
    "results": []
}

MSG:

Nothing to do

TASK [linux-system-roles.certificate : Ensure provider packages are installed] ***
task path: /tmp/tmplpebei7w/tests/roles/linux-system-roles.certificate/tasks/main.yml:22
Wednesday 06 July 2022  22:42:15 +0000 (0:00:01.539)       0:00:04.551 ******** 
ok: [/cache/rhel-8.qcow2] => (item=certmonger) => {
    "__certificate_provider": "certmonger",
    "ansible_loop_var": "__certificate_provider",
    "changed": false,
    "rc": 0,
    "results": []
}

MSG:

Nothing to do

TASK [linux-system-roles.certificate : Ensure pre-scripts hooks directory exists] ***
task path: /tmp/tmplpebei7w/tests/roles/linux-system-roles.certificate/tasks/main.yml:33
Wednesday 06 July 2022  22:42:16 +0000 (0:00:01.329)       0:00:05.880 ******** 
ok: [/cache/rhel-8.qcow2] => (item=certmonger) => {
    "__certificate_provider": "certmonger",
    "ansible_loop_var": "__certificate_provider",
    "changed": false,
    "gid": 0,
    "group": "root",
    "mode": "0700",
    "owner": "root",
    "path": "/etc/certmonger//pre-scripts",
    "secontext": "unconfined_u:object_r:etc_t:s0",
    "size": 6,
    "state": "directory",
    "uid": 0
}

TASK [linux-system-roles.certificate : Ensure post-scripts hooks directory exists] ***
task path: /tmp/tmplpebei7w/tests/roles/linux-system-roles.certificate/tasks/main.yml:59
Wednesday 06 July 2022  22:42:16 +0000 (0:00:00.540)       0:00:06.420 ******** 
ok: [/cache/rhel-8.qcow2] => (item=certmonger) => {
    "__certificate_provider": "certmonger",
    "ansible_loop_var": "__certificate_provider",
    "changed": false,
    "gid": 0,
    "group": "root",
    "mode": "0700",
    "owner": "root",
    "path": "/etc/certmonger//post-scripts",
    "secontext": "unconfined_u:object_r:etc_t:s0",
    "size": 6,
    "state": "directory",
    "uid": 0
}

TASK [linux-system-roles.certificate : Ensure provider service is running] *****
task path: /tmp/tmplpebei7w/tests/roles/linux-system-roles.certificate/tasks/main.yml:88
Wednesday 06 July 2022  22:42:17 +0000 (0:00:00.400)       0:00:06.821 ******** 
ok: [/cache/rhel-8.qcow2] => (item=certmonger) => {
    "__certificate_provider": "certmonger",
    "ansible_loop_var": "__certificate_provider",
    "changed": false,
    "enabled": true,
    "name": "certmonger",
    "state": "started",
    "status": {
        "ActiveEnterTimestamp": "Wed 2022-07-06 18:36:04 EDT",
        "ActiveEnterTimestampMonotonic": "228945850",
        "ActiveExitTimestampMonotonic": "0",
        "ActiveState": "active",
        "After": "sysinit.target dbus.service dbus.socket syslog.target network.target system.slice systemd-journald.socket basic.target",
        "AllowIsolate": "no",
        "AllowedCPUs": "",
        "AllowedMemoryNodes": "",
        "AmbientCapabilities": "",
        "AssertResult": "yes",
        "AssertTimestamp": "Wed 2022-07-06 18:36:04 EDT",
        "AssertTimestampMonotonic": "228933431",
        "Before": "multi-user.target shutdown.target",
        "BlockIOAccounting": "no",
        "BlockIOWeight": "[not set]",
        "BusName": "org.fedorahosted.certmonger",
        "CPUAccounting": "no",
        "CPUAffinity": "",
        "CPUAffinityFromNUMA": "no",
        "CPUQuotaPerSecUSec": "infinity",
        "CPUQuotaPeriodUSec": "infinity",
        "CPUSchedulingPolicy": "0",
        "CPUSchedulingPriority": "0",
        "CPUSchedulingResetOnFork": "no",
        "CPUShares": "[not set]",
        "CPUUsageNSec": "[not set]",
        "CPUWeight": "[not set]",
        "CacheDirectoryMode": "0755",
        "CanFreeze": "yes",
        "CanIsolate": "no",
        "CanReload": "no",
        "CanStart": "yes",
        "CanStop": "yes",
        "CapabilityBoundingSet": "cap_chown cap_dac_override cap_dac_read_search cap_fowner cap_fsetid cap_kill cap_setgid cap_setuid cap_setpcap cap_linux_immutable cap_net_bind_service cap_net_broadcast cap_net_admin cap_net_raw cap_ipc_lock cap_ipc_owner cap_sys_module cap_sys_rawio cap_sys_chroot cap_sys_ptrace cap_sys_pacct cap_sys_admin cap_sys_boot cap_sys_nice cap_sys_resource cap_sys_time cap_sys_tty_config cap_mknod cap_lease cap_audit_write cap_audit_control cap_setfcap cap_mac_override cap_mac_admin cap_syslog cap_wake_alarm cap_block_suspend cap_audit_read cap_perfmon cap_bpf",
        "CollectMode": "inactive",
        "ConditionResult": "yes",
        "ConditionTimestamp": "Wed 2022-07-06 18:36:04 EDT",
        "ConditionTimestampMonotonic": "228933431",
        "ConfigurationDirectoryMode": "0755",
        "Conflicts": "shutdown.target",
        "ControlGroup": "/system.slice/certmonger.service",
        "ControlPID": "0",
        "DefaultDependencies": "yes",
        "DefaultMemoryLow": "0",
        "DefaultMemoryMin": "0",
        "Delegate": "no",
        "Description": "Certificate monitoring and PKI enrollment",
        "DevicePolicy": "auto",
        "DynamicUser": "no",
        "EffectiveCPUs": "",
        "EffectiveMemoryNodes": "",
        "EnvironmentFiles": "/etc/sysconfig/certmonger (ignore_errors=yes)",
        "ExecMainCode": "0",
        "ExecMainExitTimestampMonotonic": "0",
        "ExecMainPID": "23911",
        "ExecMainStartTimestamp": "Wed 2022-07-06 18:36:04 EDT",
        "ExecMainStartTimestampMonotonic": "228934830",
        "ExecMainStatus": "0",
        "ExecStart": "{ path=/usr/sbin/certmonger ; argv[]=/usr/sbin/certmonger -S -p /run/certmonger.pid -n $OPTS ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }",
        "FailureAction": "none",
        "FileDescriptorStoreMax": "0",
        "FragmentPath": "/usr/lib/systemd/system/certmonger.service",
        "FreezerState": "running",
        "GID": "[not set]",
        "GuessMainPID": "yes",
        "IOAccounting": "no",
        "IOSchedulingClass": "0",
        "IOSchedulingPriority": "0",
        "IOWeight": "[not set]",
        "IPAccounting": "no",
        "IPEgressBytes": "18446744073709551615",
        "IPEgressPackets": "18446744073709551615",
        "IPIngressBytes": "18446744073709551615",
        "IPIngressPackets": "18446744073709551615",
        "Id": "certmonger.service",
        "IgnoreOnIsolate": "no",
        "IgnoreSIGPIPE": "yes",
        "InactiveEnterTimestampMonotonic": "0",
        "InactiveExitTimestamp": "Wed 2022-07-06 18:36:04 EDT",
        "InactiveExitTimestampMonotonic": "228934872",
        "InvocationID": "73d85d6be97a474c9524444a92253530",
        "JobRunningTimeoutUSec": "infinity",
        "JobTimeoutAction": "none",
        "JobTimeoutUSec": "infinity",
        "KeyringMode": "private",
        "KillMode": "control-group",
        "KillSignal": "15",
        "LimitAS": "infinity",
        "LimitASSoft": "infinity",
        "LimitCORE": "infinity",
        "LimitCORESoft": "0",
        "LimitCPU": "infinity",
        "LimitCPUSoft": "infinity",
        "LimitDATA": "infinity",
        "LimitDATASoft": "infinity",
        "LimitFSIZE": "infinity",
        "LimitFSIZESoft": "infinity",
        "LimitLOCKS": "infinity",
        "LimitLOCKSSoft": "infinity",
        "LimitMEMLOCK": "65536",
        "LimitMEMLOCKSoft": "65536",
        "LimitMSGQUEUE": "819200",
        "LimitMSGQUEUESoft": "819200",
        "LimitNICE": "0",
        "LimitNICESoft": "0",
        "LimitNOFILE": "262144",
        "LimitNOFILESoft": "1024",
        "LimitNPROC": "14648",
        "LimitNPROCSoft": "14648",
        "LimitRSS": "infinity",
        "LimitRSSSoft": "infinity",
        "LimitRTPRIO": "0",
        "LimitRTPRIOSoft": "0",
        "LimitRTTIME": "infinity",
        "LimitRTTIMESoft": "infinity",
        "LimitSIGPENDING": "14648",
        "LimitSIGPENDINGSoft": "14648",
        "LimitSTACK": "infinity",
        "LimitSTACKSoft": "8388608",
        "LoadState": "loaded",
        "LockPersonality": "no",
        "LogLevelMax": "-1",
        "LogRateLimitBurst": "0",
        "LogRateLimitIntervalUSec": "0",
        "LogsDirectoryMode": "0755",
        "MainPID": "23911",
        "MemoryAccounting": "yes",
        "MemoryCurrent": "3997696",
        "MemoryDenyWriteExecute": "no",
        "MemoryHigh": "infinity",
        "MemoryLimit": "infinity",
        "MemoryLow": "0",
        "MemoryMax": "infinity",
        "MemoryMin": "0",
        "MemorySwapMax": "infinity",
        "MountAPIVFS": "no",
        "MountFlags": "",
        "NFileDescriptorStore": "0",
        "NRestarts": "0",
        "NUMAMask": "",
        "NUMAPolicy": "n/a",
        "Names": "certmonger.service",
        "NeedDaemonReload": "no",
        "Nice": "0",
        "NoNewPrivileges": "no",
        "NonBlocking": "no",
        "NotifyAccess": "none",
        "OOMScoreAdjust": "0",
        "OnFailureJobMode": "replace",
        "PIDFile": "/run/certmonger.pid",
        "PartOf": "dbus.service",
        "PermissionsStartOnly": "no",
        "Perpetual": "no",
        "PrivateDevices": "no",
        "PrivateMounts": "no",
        "PrivateNetwork": "no",
        "PrivateTmp": "no",
        "PrivateUsers": "no",
        "ProtectControlGroups": "no",
        "ProtectHome": "no",
        "ProtectKernelModules": "no",
        "ProtectKernelTunables": "no",
        "ProtectSystem": "no",
        "RefuseManualStart": "no",
        "RefuseManualStop": "no",
        "RemainAfterExit": "no",
        "RemoveIPC": "no",
        "Requires": "sysinit.target system.slice dbus.socket",
        "Restart": "no",
        "RestartUSec": "100ms",
        "RestrictNamespaces": "no",
        "RestrictRealtime": "no",
        "RestrictSUIDSGID": "no",
        "Result": "success",
        "RootDirectoryStartOnly": "no",
        "RuntimeDirectoryMode": "0755",
        "RuntimeDirectoryPreserve": "no",
        "RuntimeMaxUSec": "infinity",
        "SameProcessGroup": "no",
        "SecureBits": "0",
        "SendSIGHUP": "no",
        "SendSIGKILL": "yes",
        "Slice": "system.slice",
        "StandardError": "inherit",
        "StandardInput": "null",
        "StandardInputData": "",
        "StandardOutput": "journal",
        "StartLimitAction": "none",
        "StartLimitBurst": "5",
        "StartLimitIntervalUSec": "10s",
        "StartupBlockIOWeight": "[not set]",
        "StartupCPUShares": "[not set]",
        "StartupCPUWeight": "[not set]",
        "StartupIOWeight": "[not set]",
        "StateChangeTimestamp": "Wed 2022-07-06 18:36:04 EDT",
        "StateChangeTimestampMonotonic": "228945850",
        "StateDirectoryMode": "0755",
        "StatusErrno": "0",
        "StopWhenUnneeded": "no",
        "SubState": "running",
        "SuccessAction": "none",
        "SyslogFacility": "3",
        "SyslogLevel": "6",
        "SyslogLevelPrefix": "yes",
        "SyslogPriority": "30",
        "SystemCallErrorNumber": "0",
        "TTYReset": "no",
        "TTYVHangup": "no",
        "TTYVTDisallocate": "no",
        "TasksAccounting": "yes",
        "TasksCurrent": "1",
        "TasksMax": "23436",
        "TimeoutStartUSec": "1min 30s",
        "TimeoutStopUSec": "1min 30s",
        "TimerSlackNSec": "50000",
        "Transient": "no",
        "Type": "dbus",
        "UID": "[not set]",
        "UMask": "0022",
        "UnitFilePreset": "disabled",
        "UnitFileState": "enabled",
        "UtmpMode": "init",
        "WantedBy": "multi-user.target",
        "WatchdogTimestamp": "Wed 2022-07-06 18:36:04 EDT",
        "WatchdogTimestampMonotonic": "228945849",
        "WatchdogUSec": "0"
    }
}

TASK [linux-system-roles.certificate : Ensure certificate requests] ************
task path: /tmp/tmplpebei7w/tests/roles/linux-system-roles.certificate/tasks/main.yml:100
Wednesday 06 July 2022  22:42:18 +0000 (0:00:00.766)       0:00:07.587 ******** 
changed: [/cache/rhel-8.qcow2] => (item={'name': 'mycert_many_self_signed', 'dns': 'www.example.com', 'ca': 'self-sign'}) => {
    "ansible_loop_var": "item",
    "changed": true,
    "item": {
        "ca": "self-sign",
        "dns": "www.example.com",
        "name": "mycert_many_self_signed"
    }
}

MSG:

Certificate requested (new).
changed: [/cache/rhel-8.qcow2] => (item={'name': 'other-cert', 'dns': 'www.example.org', 'ca': 'self-sign'}) => {
    "ansible_loop_var": "item",
    "changed": true,
    "item": {
        "ca": "self-sign",
        "dns": "www.example.org",
        "name": "other-cert"
    }
}

MSG:

Certificate requested (new).
changed: [/cache/rhel-8.qcow2] => (item={'name': 'another-cert', 'dns': 'www.example.net', 'ca': 'self-sign'}) => {
    "ansible_loop_var": "item",
    "changed": true,
    "item": {
        "ca": "self-sign",
        "dns": "www.example.net",
        "name": "another-cert"
    }
}

MSG:

Certificate requested (new).
META: role_complete for /cache/rhel-8.qcow2
META: ran handlers
META: ran handlers

PLAY [Verify certificate] ******************************************************

TASK [Gathering Facts] *********************************************************
task path: /tmp/tmplpebei7w/tests/tests_many_self_signed.yml:18
Wednesday 06 July 2022  22:42:20 +0000 (0:00:02.750)       0:00:10.338 ******** 
ok: [/cache/rhel-8.qcow2]
META: ran handlers

TASK [Verify each certificate] *************************************************
task path: /tmp/tmplpebei7w/tests/tests_many_self_signed.yml:50
Wednesday 06 July 2022  22:42:21 +0000 (0:00:00.791)       0:00:11.130 ******** 
included: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml for /cache/rhel-8.qcow2 => (item={'path': '/etc/pki/tls/certs/mycert_many_self_signed.crt', 'key_path': '/etc/pki/tls/private/mycert_many_self_signed.key', 'subject': [{'name': 'commonName', 'oid': '2.5.4.3', 'value': 'www.example.com'}], 'subject_alt_name': [{'name': 'DNS', 'value': 'www.example.com'}]})
included: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml for /cache/rhel-8.qcow2 => (item={'path': '/etc/pki/tls/certs/other-cert.crt', 'key_path': '/etc/pki/tls/private/other-cert.key', 'subject': [{'name': 'commonName', 'oid': '2.5.4.3', 'value': 'www.example.org'}], 'subject_alt_name': [{'name': 'DNS', 'value': 'www.example.org'}]})
included: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml for /cache/rhel-8.qcow2 => (item={'path': '/etc/pki/tls/certs/another-cert.crt', 'key_path': '/etc/pki/tls/private/another-cert.key', 'subject': [{'name': 'commonName', 'oid': '2.5.4.3', 'value': 'www.example.net'}], 'subject_alt_name': [{'name': 'DNS', 'value': 'www.example.net'}]})

TASK [Set virtualenv_path] *****************************************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:2
Wednesday 06 July 2022  22:42:21 +0000 (0:00:00.053)       0:00:11.183 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "ansible_facts": {
        "__virtualenv_path": "/tmp/certificate-tests-venv"
    },
    "changed": false
}

TASK [Ensure python3 is installed] *********************************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:6
Wednesday 06 July 2022  22:42:21 +0000 (0:00:00.068)       0:00:11.252 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "changed": false,
    "rc": 0,
    "results": []
}

MSG:

Nothing to do

TASK [Install the package, force upgrade] **************************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:11
Wednesday 06 July 2022  22:42:23 +0000 (0:00:01.308)       0:00:12.561 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "changed": false,
    "cmd": [
        "/tmp/certificate-tests-venv/bin/pip3",
        "install",
        "-U",
        "pip"
    ],
    "name": [
        "pip"
    ],
    "requirements": null,
    "state": "latest",
    "version": null,
    "virtualenv": "/tmp/certificate-tests-venv"
}

STDOUT:

Requirement already satisfied: pip in ./certificate-tests-venv/lib/python3.6/site-packages (21.3.1)


TASK [Install certreader] ******************************************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:18
Wednesday 06 July 2022  22:42:24 +0000 (0:00:01.155)       0:00:13.717 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "changed": false,
    "cmd": [
        "/tmp/certificate-tests-venv/bin/pip3",
        "install",
        "cryptography<35",
        "certreader>=0.1.1"
    ],
    "name": [
        "cryptography<35",
        "certreader>=0.1.1"
    ],
    "requirements": null,
    "state": "present",
    "version": null,
    "virtualenv": "/tmp/certificate-tests-venv"
}

STDOUT:

Requirement already satisfied: cryptography<35 in ./certificate-tests-venv/lib/python3.6/site-packages (3.4.8)
Requirement already satisfied: certreader>=0.1.1 in ./certificate-tests-venv/lib/python3.6/site-packages (0.1.1)
Requirement already satisfied: cffi>=1.12 in ./certificate-tests-venv/lib/python3.6/site-packages (from cryptography<35) (1.15.1)
Requirement already satisfied: pyasn1 in ./certificate-tests-venv/lib/python3.6/site-packages (from certreader>=0.1.1) (0.4.8)
Requirement already satisfied: pyyaml in ./certificate-tests-venv/lib/python3.6/site-packages (from certreader>=0.1.1) (6.0)
Requirement already satisfied: pycparser in ./certificate-tests-venv/lib/python3.6/site-packages (from cffi>=1.12->cryptography<35) (2.21)


TASK [Retrieve certificate file stats] *****************************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:26
Wednesday 06 July 2022  22:42:25 +0000 (0:00:00.921)       0:00:14.638 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "changed": false,
    "stat": {
        "atime": 1657147338.29998,
        "attr_flags": "",
        "attributes": [],
        "block_size": 4096,
        "blocks": 8,
        "charset": "us-ascii",
        "checksum": "c07fceee288a9366d4e27ff2b5e0fc2de848b9c9",
        "ctime": 1657147338.29698,
        "dev": 64515,
        "device_type": 0,
        "executable": false,
        "exists": true,
        "gid": 0,
        "gr_name": "root",
        "inode": 753329,
        "isblk": false,
        "ischr": false,
        "isdir": false,
        "isfifo": false,
        "isgid": false,
        "islnk": false,
        "isreg": true,
        "issock": false,
        "isuid": false,
        "mimetype": "text/plain",
        "mode": "0600",
        "mtime": 1657147338.29698,
        "nlink": 1,
        "path": "/etc/pki/tls/certs/mycert_many_self_signed.crt",
        "pw_name": "root",
        "readable": true,
        "rgrp": false,
        "roth": false,
        "rusr": true,
        "size": 1294,
        "uid": 0,
        "version": "2990485192",
        "wgrp": false,
        "woth": false,
        "writeable": true,
        "wusr": true,
        "xgrp": false,
        "xoth": false,
        "xusr": false
    }
}

TASK [Verify if certificate file exists] ***************************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:31
Wednesday 06 July 2022  22:42:25 +0000 (0:00:00.510)       0:00:15.148 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "changed": false
}

MSG:

All assertions passed

TASK [Verify certificate file owner and group] *********************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:37
Wednesday 06 July 2022  22:42:25 +0000 (0:00:00.031)       0:00:15.180 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "changed": false
}

MSG:

All assertions passed

TASK [Verify certificate permissions] ******************************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:49
Wednesday 06 July 2022  22:42:25 +0000 (0:00:00.047)       0:00:15.228 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "changed": false
}

MSG:

All assertions passed

TASK [Retrieve key file stats] *************************************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:55
Wednesday 06 July 2022  22:42:25 +0000 (0:00:00.049)       0:00:15.278 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "changed": false,
    "stat": {
        "atime": 1657147338.2499797,
        "attr_flags": "",
        "attributes": [],
        "block_size": 4096,
        "blocks": 8,
        "charset": "us-ascii",
        "checksum": "9595778bcf16ea7382c2d658b01acb70b5419900",
        "ctime": 1657147338.29698,
        "dev": 64515,
        "device_type": 0,
        "executable": false,
        "exists": true,
        "gid": 0,
        "gr_name": "root",
        "inode": 8400368,
        "isblk": false,
        "ischr": false,
        "isdir": false,
        "isfifo": false,
        "isgid": false,
        "islnk": false,
        "isreg": true,
        "issock": false,
        "isuid": false,
        "mimetype": "text/plain",
        "mode": "0600",
        "mtime": 1657147338.29698,
        "nlink": 1,
        "path": "/etc/pki/tls/private/mycert_many_self_signed.key",
        "pw_name": "root",
        "readable": true,
        "rgrp": false,
        "roth": false,
        "rusr": true,
        "size": 1704,
        "uid": 0,
        "version": "3893091959",
        "wgrp": false,
        "woth": false,
        "writeable": true,
        "wusr": true,
        "xgrp": false,
        "xoth": false,
        "xusr": false
    }
}

TASK [Verify if key file exists] ***********************************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:60
Wednesday 06 July 2022  22:42:26 +0000 (0:00:00.382)       0:00:15.660 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "changed": false
}

MSG:

All assertions passed

TASK [Verify key file owner and group] *****************************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:66
Wednesday 06 July 2022  22:42:26 +0000 (0:00:00.038)       0:00:15.699 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "changed": false
}

MSG:

All assertions passed

TASK [Parse certificate] *******************************************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:78
Wednesday 06 July 2022  22:42:26 +0000 (0:00:00.054)       0:00:15.754 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "changed": false,
    "cmd": [
        "/tmp/certificate-tests-venv/bin/certreader2json",
        "/etc/pki/tls/certs/mycert_many_self_signed.crt"
    ],
    "delta": "0:00:00.224157",
    "end": "2022-07-06 18:42:26.374513",
    "rc": 0,
    "start": "2022-07-06 18:42:26.150356"
}

STDOUT:

{
  "subject": [
    {
      "name": "commonName",
      "oid": "2.5.4.3",
      "value": "www.example.com"
    }
  ],
  "extensions": {
    "keyUsage": {
      "value": [
        "digital_signature",
        "key_encipherment"
      ],
      "critical": false
    },
    "subjectAltName": {
      "value": [
        {
          "name": "DNS",
          "value": "www.example.com"
        }
      ],
      "critical": false
    },
    "extendedKeyUsage": {
      "value": [
        {
          "name": "id-kp-serverAuth",
          "oid": "1.3.6.1.5.5.7.3.1"
        },
        {
          "name": "id-kp-clientAuth",
          "oid": "1.3.6.1.5.5.7.3.2"
        }
      ],
      "critical": false
    },
    "basicConstraints": {
      "value": {
        "ca": false
      },
      "critical": true
    },
    "subjectKeyIdentifier": {
      "value": "A7:60:19:84:7A:11:37:94:11:D2:8E:62:7E:66:01:B4:34:6A:93:90",
      "critical": false
    },
    "authorityKeyIdentifier": {
      "value": "59:31:B7:F8:0D:08:12:16:0A:D4:E8:FA:0B:BD:91:65:C9:DC:60:5A",
      "critical": false
    }
  },
  "signature_algorithm": {
    "algorithm": "sha256WithRSAEncryption",
    "signature": "11:A7:22:FD:29:C0:E3:EE:AC:6A:D2:74:72:86:CC:3F:33:12:FC:2C:50:E0:A5:5A:70:46:5F:13:3E:E8:55:7F:97:56:C9:BE:3F:3D:7B:E6:A2:C9:DB:20:EC:CC:39:7F:ED:A5:E5:8C:52:8E:80:F9:CE:BD:54:71:00:FD:80:B2:53:A5:70:5F:E5:7E:F1:A6:D5:9B:F1:A1:2E:DB:CD:35:94:D0:CB:53:08:38:DB:ED:77:3C:CD:AC:52:E9:1E:96:86:7D:AE:7C:B1:B3:C2:77:22:B4:FA:A5:F6:70:8B:AB:FE:66:89:7A:AC:9E:15:7F:65:E2:BD:2D:9F:2F:7E:41:35:12:C8:84:6C:E1:38:E5:30:66:BE:3A:71:D8:0A:60:D6:67:DB:D1:68:4D:94:85:30:FE:E5:7C:87:E0:1E:1F:8C:AA:5F:1E:D5:7E:D2:EA:C1:41:3C:FD:8B:37:2C:88:4C:21:E3:1C:A0:A3:62:F6:28:23:E2:5D:BB:70:57:04:2C:E7:64:58:AF:93:43:49:35:E0:A9:6B:D9:A7:9C:E7:CF:71:5F:88:DD:C5:01:2D:94:70:52:4A:BC:AD:31:DD:AB:E1:C1:51:80:08:CF:F4:C1:9F:FE:42:24:9B:91:E9:81:EF:74:FC:2F:E1:E4:36:6A:0C:BF:45:AB:48:34:F3"
  },
  "key_size": 2048,
  "validity": {
    "not_valid_after": "2023-07-06 22:36:04",
    "not_valid_before": "2022-07-06 22:42:18"
  }
}

TASK [Load certificate YAML to cert_issued variable] ***************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:83
Wednesday 06 July 2022  22:42:26 +0000 (0:00:00.712)       0:00:16.466 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "ansible_facts": {
        "cert_issued": {
            "extensions": {
                "authorityKeyIdentifier": {
                    "critical": false,
                    "value": "59:31:B7:F8:0D:08:12:16:0A:D4:E8:FA:0B:BD:91:65:C9:DC:60:5A"
                },
                "basicConstraints": {
                    "critical": true,
                    "value": {
                        "ca": false
                    }
                },
                "extendedKeyUsage": {
                    "critical": false,
                    "value": [
                        {
                            "name": "id-kp-serverAuth",
                            "oid": "1.3.6.1.5.5.7.3.1"
                        },
                        {
                            "name": "id-kp-clientAuth",
                            "oid": "1.3.6.1.5.5.7.3.2"
                        }
                    ]
                },
                "keyUsage": {
                    "critical": false,
                    "value": [
                        "digital_signature",
                        "key_encipherment"
                    ]
                },
                "subjectAltName": {
                    "critical": false,
                    "value": [
                        {
                            "name": "DNS",
                            "value": "www.example.com"
                        }
                    ]
                },
                "subjectKeyIdentifier": {
                    "critical": false,
                    "value": "A7:60:19:84:7A:11:37:94:11:D2:8E:62:7E:66:01:B4:34:6A:93:90"
                }
            },
            "key_size": 2048,
            "signature_algorithm": {
                "algorithm": "sha256WithRSAEncryption",
                "signature": "11:A7:22:FD:29:C0:E3:EE:AC:6A:D2:74:72:86:CC:3F:33:12:FC:2C:50:E0:A5:5A:70:46:5F:13:3E:E8:55:7F:97:56:C9:BE:3F:3D:7B:E6:A2:C9:DB:20:EC:CC:39:7F:ED:A5:E5:8C:52:8E:80:F9:CE:BD:54:71:00:FD:80:B2:53:A5:70:5F:E5:7E:F1:A6:D5:9B:F1:A1:2E:DB:CD:35:94:D0:CB:53:08:38:DB:ED:77:3C:CD:AC:52:E9:1E:96:86:7D:AE:7C:B1:B3:C2:77:22:B4:FA:A5:F6:70:8B:AB:FE:66:89:7A:AC:9E:15:7F:65:E2:BD:2D:9F:2F:7E:41:35:12:C8:84:6C:E1:38:E5:30:66:BE:3A:71:D8:0A:60:D6:67:DB:D1:68:4D:94:85:30:FE:E5:7C:87:E0:1E:1F:8C:AA:5F:1E:D5:7E:D2:EA:C1:41:3C:FD:8B:37:2C:88:4C:21:E3:1C:A0:A3:62:F6:28:23:E2:5D:BB:70:57:04:2C:E7:64:58:AF:93:43:49:35:E0:A9:6B:D9:A7:9C:E7:CF:71:5F:88:DD:C5:01:2D:94:70:52:4A:BC:AD:31:DD:AB:E1:C1:51:80:08:CF:F4:C1:9F:FE:42:24:9B:91:E9:81:EF:74:FC:2F:E1:E4:36:6A:0C:BF:45:AB:48:34:F3"
            },
            "subject": [
                {
                    "name": "commonName",
                    "oid": "2.5.4.3",
                    "value": "www.example.com"
                }
            ],
            "validity": {
                "not_valid_after": "2023-07-06 22:36:04",
                "not_valid_before": "2022-07-06 22:42:18"
            }
        }
    },
    "changed": false
}

TASK [Verify certificate subject] **********************************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:87
Wednesday 06 July 2022  22:42:27 +0000 (0:00:00.043)       0:00:16.510 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "changed": false
}

MSG:

All assertions passed

TASK [Verify certificate SAN] **************************************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:96
Wednesday 06 July 2022  22:42:27 +0000 (0:00:00.045)       0:00:16.555 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "changed": false
}

MSG:

All assertions passed

TASK [Verify key size] *********************************************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:105
Wednesday 06 July 2022  22:42:27 +0000 (0:00:00.033)       0:00:16.589 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "changed": false
}

MSG:

All assertions passed

TASK [Verify certificate Key Usage] ********************************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:112
Wednesday 06 July 2022  22:42:27 +0000 (0:00:00.046)       0:00:16.635 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "changed": false
}

MSG:

All assertions passed

TASK [Verify certificate Extended Key Usage] ***********************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:125
Wednesday 06 July 2022  22:42:27 +0000 (0:00:00.046)       0:00:16.682 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "changed": false
}

MSG:

All assertions passed

TASK [Retrieve auto-renew flag] ************************************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:141
Wednesday 06 July 2022  22:42:27 +0000 (0:00:00.047)       0:00:16.729 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "changed": false,
    "cmd": "set -euo pipefail; getcert list -f /etc/pki/tls/certs/mycert_many_self_signed.crt | grep 'auto-renew' | sed 's/^\\s\\+auto-renew: //g'",
    "delta": "0:00:00.071303",
    "end": "2022-07-06 18:42:27.097312",
    "rc": 0,
    "start": "2022-07-06 18:42:27.026009"
}

STDOUT:

yes

TASK [Verify certificate auto-renew flag] **************************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:150
Wednesday 06 July 2022  22:42:27 +0000 (0:00:00.464)       0:00:17.194 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "changed": false
}

MSG:

All assertions passed

TASK [Set virtualenv_path] *****************************************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:2
Wednesday 06 July 2022  22:42:27 +0000 (0:00:00.046)       0:00:17.241 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "ansible_facts": {
        "__virtualenv_path": "/tmp/certificate-tests-venv"
    },
    "changed": false
}

TASK [Ensure python3 is installed] *********************************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:6
Wednesday 06 July 2022  22:42:27 +0000 (0:00:00.027)       0:00:17.268 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "changed": false,
    "rc": 0,
    "results": []
}

MSG:

Nothing to do

TASK [Install the package, force upgrade] **************************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:11
Wednesday 06 July 2022  22:42:29 +0000 (0:00:01.298)       0:00:18.567 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "changed": false,
    "cmd": [
        "/tmp/certificate-tests-venv/bin/pip3",
        "install",
        "-U",
        "pip"
    ],
    "name": [
        "pip"
    ],
    "requirements": null,
    "state": "latest",
    "version": null,
    "virtualenv": "/tmp/certificate-tests-venv"
}

STDOUT:

Requirement already satisfied: pip in ./certificate-tests-venv/lib/python3.6/site-packages (21.3.1)


TASK [Install certreader] ******************************************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:18
Wednesday 06 July 2022  22:42:30 +0000 (0:00:01.015)       0:00:19.582 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "changed": false,
    "cmd": [
        "/tmp/certificate-tests-venv/bin/pip3",
        "install",
        "cryptography<35",
        "certreader>=0.1.1"
    ],
    "name": [
        "cryptography<35",
        "certreader>=0.1.1"
    ],
    "requirements": null,
    "state": "present",
    "version": null,
    "virtualenv": "/tmp/certificate-tests-venv"
}

STDOUT:

Requirement already satisfied: cryptography<35 in ./certificate-tests-venv/lib/python3.6/site-packages (3.4.8)
Requirement already satisfied: certreader>=0.1.1 in ./certificate-tests-venv/lib/python3.6/site-packages (0.1.1)
Requirement already satisfied: cffi>=1.12 in ./certificate-tests-venv/lib/python3.6/site-packages (from cryptography<35) (1.15.1)
Requirement already satisfied: pyasn1 in ./certificate-tests-venv/lib/python3.6/site-packages (from certreader>=0.1.1) (0.4.8)
Requirement already satisfied: pyyaml in ./certificate-tests-venv/lib/python3.6/site-packages (from certreader>=0.1.1) (6.0)
Requirement already satisfied: pycparser in ./certificate-tests-venv/lib/python3.6/site-packages (from cffi>=1.12->cryptography<35) (2.21)


TASK [Retrieve certificate file stats] *****************************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:26
Wednesday 06 July 2022  22:42:30 +0000 (0:00:00.876)       0:00:20.459 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "changed": false,
    "stat": {
        "atime": 1657147339.1789799,
        "attr_flags": "",
        "attributes": [],
        "block_size": 4096,
        "blocks": 8,
        "charset": "us-ascii",
        "checksum": "5009fc968e6f54acbf40a1ed6860f0e27fbade99",
        "ctime": 1657147339.1759799,
        "dev": 64515,
        "device_type": 0,
        "executable": false,
        "exists": true,
        "gid": 0,
        "gr_name": "root",
        "inode": 753330,
        "isblk": false,
        "ischr": false,
        "isdir": false,
        "isfifo": false,
        "isgid": false,
        "islnk": false,
        "isreg": true,
        "issock": false,
        "isuid": false,
        "mimetype": "text/plain",
        "mode": "0600",
        "mtime": 1657147339.1759799,
        "nlink": 1,
        "path": "/etc/pki/tls/certs/other-cert.crt",
        "pw_name": "root",
        "readable": true,
        "rgrp": false,
        "roth": false,
        "rusr": true,
        "size": 1294,
        "uid": 0,
        "version": "3579992711",
        "wgrp": false,
        "woth": false,
        "writeable": true,
        "wusr": true,
        "xgrp": false,
        "xoth": false,
        "xusr": false
    }
}

TASK [Verify if certificate file exists] ***************************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:31
Wednesday 06 July 2022  22:42:31 +0000 (0:00:00.378)       0:00:20.838 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "changed": false
}

MSG:

All assertions passed

TASK [Verify certificate file owner and group] *********************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:37
Wednesday 06 July 2022  22:42:31 +0000 (0:00:00.030)       0:00:20.868 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "changed": false
}

MSG:

All assertions passed

TASK [Verify certificate permissions] ******************************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:49
Wednesday 06 July 2022  22:42:31 +0000 (0:00:00.044)       0:00:20.913 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "changed": false
}

MSG:

All assertions passed

TASK [Retrieve key file stats] *************************************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:55
Wednesday 06 July 2022  22:42:31 +0000 (0:00:00.041)       0:00:20.954 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "changed": false,
    "stat": {
        "atime": 1657147339.1299798,
        "attr_flags": "",
        "attributes": [],
        "block_size": 4096,
        "blocks": 8,
        "charset": "us-ascii",
        "checksum": "781347e06b01f44a0c23f451e6426af3535e1490",
        "ctime": 1657147339.1759799,
        "dev": 64515,
        "device_type": 0,
        "executable": false,
        "exists": true,
        "gid": 0,
        "gr_name": "root",
        "inode": 8400369,
        "isblk": false,
        "ischr": false,
        "isdir": false,
        "isfifo": false,
        "isgid": false,
        "islnk": false,
        "isreg": true,
        "issock": false,
        "isuid": false,
        "mimetype": "text/plain",
        "mode": "0600",
        "mtime": 1657147339.1759799,
        "nlink": 1,
        "path": "/etc/pki/tls/private/other-cert.key",
        "pw_name": "root",
        "readable": true,
        "rgrp": false,
        "roth": false,
        "rusr": true,
        "size": 1708,
        "uid": 0,
        "version": "3359062817",
        "wgrp": false,
        "woth": false,
        "writeable": true,
        "wusr": true,
        "xgrp": false,
        "xoth": false,
        "xusr": false
    }
}

TASK [Verify if key file exists] ***********************************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:60
Wednesday 06 July 2022  22:42:31 +0000 (0:00:00.376)       0:00:21.330 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "changed": false
}

MSG:

All assertions passed

TASK [Verify key file owner and group] *****************************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:66
Wednesday 06 July 2022  22:42:31 +0000 (0:00:00.039)       0:00:21.370 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "changed": false
}

MSG:

All assertions passed

TASK [Parse certificate] *******************************************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:78
Wednesday 06 July 2022  22:42:31 +0000 (0:00:00.046)       0:00:21.416 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "changed": false,
    "cmd": [
        "/tmp/certificate-tests-venv/bin/certreader2json",
        "/etc/pki/tls/certs/other-cert.crt"
    ],
    "delta": "0:00:00.235301",
    "end": "2022-07-06 18:42:31.929141",
    "rc": 0,
    "start": "2022-07-06 18:42:31.693840"
}

STDOUT:

{
  "subject": [
    {
      "name": "commonName",
      "oid": "2.5.4.3",
      "value": "www.example.org"
    }
  ],
  "extensions": {
    "keyUsage": {
      "value": [
        "digital_signature",
        "key_encipherment"
      ],
      "critical": false
    },
    "subjectAltName": {
      "value": [
        {
          "name": "DNS",
          "value": "www.example.org"
        }
      ],
      "critical": false
    },
    "extendedKeyUsage": {
      "value": [
        {
          "name": "id-kp-serverAuth",
          "oid": "1.3.6.1.5.5.7.3.1"
        },
        {
          "name": "id-kp-clientAuth",
          "oid": "1.3.6.1.5.5.7.3.2"
        }
      ],
      "critical": false
    },
    "basicConstraints": {
      "value": {
        "ca": false
      },
      "critical": true
    },
    "subjectKeyIdentifier": {
      "value": "D2:6B:32:54:89:C5:53:FC:39:6F:6A:A4:2A:63:2C:F1:4B:0B:65:D0",
      "critical": false
    },
    "authorityKeyIdentifier": {
      "value": "59:31:B7:F8:0D:08:12:16:0A:D4:E8:FA:0B:BD:91:65:C9:DC:60:5A",
      "critical": false
    }
  },
  "signature_algorithm": {
    "algorithm": "sha256WithRSAEncryption",
    "signature": "94:52:27:90:4E:3E:5E:56:72:E0:22:EC:6A:1C:2F:AE:C2:FE:6A:9A:CA:E8:19:44:E7:2D:E0:FF:AA:68:10:A7:81:B2:F4:65:4B:2C:A4:0D:96:D2:27:72:4E:FE:24:30:AC:B8:87:6A:98:68:C3:44:88:33:33:74:2E:F1:28:38:38:9D:E8:4A:69:5C:7E:1D:3E:06:21:1E:B1:4A:B7:33:5D:63:B0:24:E0:3A:B8:66:15:D5:C5:C7:06:70:ED:E8:98:41:9C:82:1C:1E:33:E1:23:28:72:91:89:E5:02:3B:9F:C4:19:4A:9D:57:4C:04:C3:8B:12:DF:6C:F0:B1:81:CE:43:1A:E4:F6:5C:FC:7E:B9:8A:B1:09:E2:A1:B8:3C:19:98:22:07:BD:A2:5C:F0:A2:C3:80:DE:D3:FD:A1:57:79:04:47:31:96:00:60:C9:38:D1:81:4A:25:D9:F5:F0:9B:70:E8:2C:24:D0:32:17:26:52:3D:11:81:B4:73:18:68:9C:D1:9F:43:18:FF:B9:EE:AB:48:CC:53:99:99:33:93:8D:4D:3A:BC:01:67:A6:15:F9:5F:65:39:35:36:83:6E:8A:B5:CD:56:1F:EA:15:E7:27:DD:CD:A7:47:FA:C5:28:0C:BA:77:61:45:B6:1A:C3:CA:57:D0:96:51:7C:6F"
  },
  "key_size": 2048,
  "validity": {
    "not_valid_after": "2023-07-06 22:36:04",
    "not_valid_before": "2022-07-06 22:42:19"
  }
}

TASK [Load certificate YAML to cert_issued variable] ***************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:83
Wednesday 06 July 2022  22:42:32 +0000 (0:00:00.606)       0:00:22.023 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "ansible_facts": {
        "cert_issued": {
            "extensions": {
                "authorityKeyIdentifier": {
                    "critical": false,
                    "value": "59:31:B7:F8:0D:08:12:16:0A:D4:E8:FA:0B:BD:91:65:C9:DC:60:5A"
                },
                "basicConstraints": {
                    "critical": true,
                    "value": {
                        "ca": false
                    }
                },
                "extendedKeyUsage": {
                    "critical": false,
                    "value": [
                        {
                            "name": "id-kp-serverAuth",
                            "oid": "1.3.6.1.5.5.7.3.1"
                        },
                        {
                            "name": "id-kp-clientAuth",
                            "oid": "1.3.6.1.5.5.7.3.2"
                        }
                    ]
                },
                "keyUsage": {
                    "critical": false,
                    "value": [
                        "digital_signature",
                        "key_encipherment"
                    ]
                },
                "subjectAltName": {
                    "critical": false,
                    "value": [
                        {
                            "name": "DNS",
                            "value": "www.example.org"
                        }
                    ]
                },
                "subjectKeyIdentifier": {
                    "critical": false,
                    "value": "D2:6B:32:54:89:C5:53:FC:39:6F:6A:A4:2A:63:2C:F1:4B:0B:65:D0"
                }
            },
            "key_size": 2048,
            "signature_algorithm": {
                "algorithm": "sha256WithRSAEncryption",
                "signature": "94:52:27:90:4E:3E:5E:56:72:E0:22:EC:6A:1C:2F:AE:C2:FE:6A:9A:CA:E8:19:44:E7:2D:E0:FF:AA:68:10:A7:81:B2:F4:65:4B:2C:A4:0D:96:D2:27:72:4E:FE:24:30:AC:B8:87:6A:98:68:C3:44:88:33:33:74:2E:F1:28:38:38:9D:E8:4A:69:5C:7E:1D:3E:06:21:1E:B1:4A:B7:33:5D:63:B0:24:E0:3A:B8:66:15:D5:C5:C7:06:70:ED:E8:98:41:9C:82:1C:1E:33:E1:23:28:72:91:89:E5:02:3B:9F:C4:19:4A:9D:57:4C:04:C3:8B:12:DF:6C:F0:B1:81:CE:43:1A:E4:F6:5C:FC:7E:B9:8A:B1:09:E2:A1:B8:3C:19:98:22:07:BD:A2:5C:F0:A2:C3:80:DE:D3:FD:A1:57:79:04:47:31:96:00:60:C9:38:D1:81:4A:25:D9:F5:F0:9B:70:E8:2C:24:D0:32:17:26:52:3D:11:81:B4:73:18:68:9C:D1:9F:43:18:FF:B9:EE:AB:48:CC:53:99:99:33:93:8D:4D:3A:BC:01:67:A6:15:F9:5F:65:39:35:36:83:6E:8A:B5:CD:56:1F:EA:15:E7:27:DD:CD:A7:47:FA:C5:28:0C:BA:77:61:45:B6:1A:C3:CA:57:D0:96:51:7C:6F"
            },
            "subject": [
                {
                    "name": "commonName",
                    "oid": "2.5.4.3",
                    "value": "www.example.org"
                }
            ],
            "validity": {
                "not_valid_after": "2023-07-06 22:36:04",
                "not_valid_before": "2022-07-06 22:42:19"
            }
        }
    },
    "changed": false
}

TASK [Verify certificate subject] **********************************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:87
Wednesday 06 July 2022  22:42:32 +0000 (0:00:00.041)       0:00:22.065 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "changed": false
}

MSG:

All assertions passed

TASK [Verify certificate SAN] **************************************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:96
Wednesday 06 July 2022  22:42:32 +0000 (0:00:00.042)       0:00:22.107 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "changed": false
}

MSG:

All assertions passed

TASK [Verify key size] *********************************************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:105
Wednesday 06 July 2022  22:42:32 +0000 (0:00:00.032)       0:00:22.140 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "changed": false
}

MSG:

All assertions passed

TASK [Verify certificate Key Usage] ********************************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:112
Wednesday 06 July 2022  22:42:32 +0000 (0:00:00.046)       0:00:22.186 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "changed": false
}

MSG:

All assertions passed

TASK [Verify certificate Extended Key Usage] ***********************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:125
Wednesday 06 July 2022  22:42:32 +0000 (0:00:00.044)       0:00:22.231 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "changed": false
}

MSG:

All assertions passed

TASK [Retrieve auto-renew flag] ************************************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:141
Wednesday 06 July 2022  22:42:32 +0000 (0:00:00.045)       0:00:22.276 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "changed": false,
    "cmd": "set -euo pipefail; getcert list -f /etc/pki/tls/certs/other-cert.crt | grep 'auto-renew' | sed 's/^\\s\\+auto-renew: //g'",
    "delta": "0:00:00.070078",
    "end": "2022-07-06 18:42:32.634108",
    "rc": 0,
    "start": "2022-07-06 18:42:32.564030"
}

STDOUT:

yes

TASK [Verify certificate auto-renew flag] **************************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:150
Wednesday 06 July 2022  22:42:33 +0000 (0:00:00.455)       0:00:22.732 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "changed": false
}

MSG:

All assertions passed

TASK [Set virtualenv_path] *****************************************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:2
Wednesday 06 July 2022  22:42:33 +0000 (0:00:00.048)       0:00:22.781 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "ansible_facts": {
        "__virtualenv_path": "/tmp/certificate-tests-venv"
    },
    "changed": false
}

TASK [Ensure python3 is installed] *********************************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:6
Wednesday 06 July 2022  22:42:33 +0000 (0:00:00.026)       0:00:22.807 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "changed": false,
    "rc": 0,
    "results": []
}

MSG:

Nothing to do

TASK [Install the package, force upgrade] **************************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:11
Wednesday 06 July 2022  22:42:34 +0000 (0:00:01.292)       0:00:24.100 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "changed": false,
    "cmd": [
        "/tmp/certificate-tests-venv/bin/pip3",
        "install",
        "-U",
        "pip"
    ],
    "name": [
        "pip"
    ],
    "requirements": null,
    "state": "latest",
    "version": null,
    "virtualenv": "/tmp/certificate-tests-venv"
}

STDOUT:

Requirement already satisfied: pip in ./certificate-tests-venv/lib/python3.6/site-packages (21.3.1)


TASK [Install certreader] ******************************************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:18
Wednesday 06 July 2022  22:42:35 +0000 (0:00:01.086)       0:00:25.186 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "changed": false,
    "cmd": [
        "/tmp/certificate-tests-venv/bin/pip3",
        "install",
        "cryptography<35",
        "certreader>=0.1.1"
    ],
    "name": [
        "cryptography<35",
        "certreader>=0.1.1"
    ],
    "requirements": null,
    "state": "present",
    "version": null,
    "virtualenv": "/tmp/certificate-tests-venv"
}

STDOUT:

Requirement already satisfied: cryptography<35 in ./certificate-tests-venv/lib/python3.6/site-packages (3.4.8)
Requirement already satisfied: certreader>=0.1.1 in ./certificate-tests-venv/lib/python3.6/site-packages (0.1.1)
Requirement already satisfied: cffi>=1.12 in ./certificate-tests-venv/lib/python3.6/site-packages (from cryptography<35) (1.15.1)
Requirement already satisfied: pyasn1 in ./certificate-tests-venv/lib/python3.6/site-packages (from certreader>=0.1.1) (0.4.8)
Requirement already satisfied: pyyaml in ./certificate-tests-venv/lib/python3.6/site-packages (from certreader>=0.1.1) (6.0)
Requirement already satisfied: pycparser in ./certificate-tests-venv/lib/python3.6/site-packages (from cffi>=1.12->cryptography<35) (2.21)


TASK [Retrieve certificate file stats] *****************************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:26
Wednesday 06 July 2022  22:42:36 +0000 (0:00:00.874)       0:00:26.060 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "changed": false,
    "stat": {
        "atime": 1657147340.1509798,
        "attr_flags": "",
        "attributes": [],
        "block_size": 4096,
        "blocks": 8,
        "charset": "us-ascii",
        "checksum": "615770ce774da163cba3effa551d3d8511db16a3",
        "ctime": 1657147340.1479797,
        "dev": 64515,
        "device_type": 0,
        "executable": false,
        "exists": true,
        "gid": 0,
        "gr_name": "root",
        "inode": 754242,
        "isblk": false,
        "ischr": false,
        "isdir": false,
        "isfifo": false,
        "isgid": false,
        "islnk": false,
        "isreg": true,
        "issock": false,
        "isuid": false,
        "mimetype": "text/plain",
        "mode": "0600",
        "mtime": 1657147340.1479797,
        "nlink": 1,
        "path": "/etc/pki/tls/certs/another-cert.crt",
        "pw_name": "root",
        "readable": true,
        "rgrp": false,
        "roth": false,
        "rusr": true,
        "size": 1294,
        "uid": 0,
        "version": "3476297616",
        "wgrp": false,
        "woth": false,
        "writeable": true,
        "wusr": true,
        "xgrp": false,
        "xoth": false,
        "xusr": false
    }
}

TASK [Verify if certificate file exists] ***************************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:31
Wednesday 06 July 2022  22:42:36 +0000 (0:00:00.374)       0:00:26.435 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "changed": false
}

MSG:

All assertions passed

TASK [Verify certificate file owner and group] *********************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:37
Wednesday 06 July 2022  22:42:36 +0000 (0:00:00.032)       0:00:26.467 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "changed": false
}

MSG:

All assertions passed

TASK [Verify certificate permissions] ******************************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:49
Wednesday 06 July 2022  22:42:37 +0000 (0:00:00.079)       0:00:26.547 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "changed": false
}

MSG:

All assertions passed

TASK [Retrieve key file stats] *************************************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:55
Wednesday 06 July 2022  22:42:37 +0000 (0:00:00.073)       0:00:26.621 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "changed": false,
    "stat": {
        "atime": 1657147340.1009798,
        "attr_flags": "",
        "attributes": [],
        "block_size": 4096,
        "blocks": 8,
        "charset": "us-ascii",
        "checksum": "30b318befbc1d91a2adc96439f47fcda90495cec",
        "ctime": 1657147340.1479797,
        "dev": 64515,
        "device_type": 0,
        "executable": false,
        "exists": true,
        "gid": 0,
        "gr_name": "root",
        "inode": 8400370,
        "isblk": false,
        "ischr": false,
        "isdir": false,
        "isfifo": false,
        "isgid": false,
        "islnk": false,
        "isreg": true,
        "issock": false,
        "isuid": false,
        "mimetype": "text/plain",
        "mode": "0600",
        "mtime": 1657147340.1479797,
        "nlink": 1,
        "path": "/etc/pki/tls/private/another-cert.key",
        "pw_name": "root",
        "readable": true,
        "rgrp": false,
        "roth": false,
        "rusr": true,
        "size": 1704,
        "uid": 0,
        "version": "2196278691",
        "wgrp": false,
        "woth": false,
        "writeable": true,
        "wusr": true,
        "xgrp": false,
        "xoth": false,
        "xusr": false
    }
}

TASK [Verify if key file exists] ***********************************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:60
Wednesday 06 July 2022  22:42:37 +0000 (0:00:00.383)       0:00:27.004 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "changed": false
}

MSG:

All assertions passed

TASK [Verify key file owner and group] *****************************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:66
Wednesday 06 July 2022  22:42:37 +0000 (0:00:00.031)       0:00:27.036 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "changed": false
}

MSG:

All assertions passed

TASK [Parse certificate] *******************************************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:78
Wednesday 06 July 2022  22:42:37 +0000 (0:00:00.075)       0:00:27.111 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "changed": false,
    "cmd": [
        "/tmp/certificate-tests-venv/bin/certreader2json",
        "/etc/pki/tls/certs/another-cert.crt"
    ],
    "delta": "0:00:00.231366",
    "end": "2022-07-06 18:42:37.647385",
    "rc": 0,
    "start": "2022-07-06 18:42:37.416019"
}

STDOUT:

{
  "subject": [
    {
      "name": "commonName",
      "oid": "2.5.4.3",
      "value": "www.example.net"
    }
  ],
  "extensions": {
    "keyUsage": {
      "value": [
        "digital_signature",
        "key_encipherment"
      ],
      "critical": false
    },
    "subjectAltName": {
      "value": [
        {
          "name": "DNS",
          "value": "www.example.net"
        }
      ],
      "critical": false
    },
    "extendedKeyUsage": {
      "value": [
        {
          "name": "id-kp-serverAuth",
          "oid": "1.3.6.1.5.5.7.3.1"
        },
        {
          "name": "id-kp-clientAuth",
          "oid": "1.3.6.1.5.5.7.3.2"
        }
      ],
      "critical": false
    },
    "basicConstraints": {
      "value": {
        "ca": false
      },
      "critical": true
    },
    "subjectKeyIdentifier": {
      "value": "E2:8A:AC:10:18:94:EB:50:F7:3B:7F:C2:E2:A4:3B:A5:35:EA:32:56",
      "critical": false
    },
    "authorityKeyIdentifier": {
      "value": "59:31:B7:F8:0D:08:12:16:0A:D4:E8:FA:0B:BD:91:65:C9:DC:60:5A",
      "critical": false
    }
  },
  "signature_algorithm": {
    "algorithm": "sha256WithRSAEncryption",
    "signature": "1F:BE:02:F6:18:EA:A9:1F:E8:06:B2:80:76:04:3F:7E:F9:98:6D:C9:AF:29:9D:81:0B:00:39:7A:29:F2:01:B6:39:E4:0C:FC:CD:D9:91:A8:71:4D:53:3A:D2:9B:09:96:6C:1B:B3:A9:2A:F4:63:E3:84:FE:17:7C:5D:75:26:C9:62:D9:22:01:DA:BA:7B:C6:47:CA:E2:6B:37:20:85:43:F5:58:A3:23:0F:5C:8C:CC:3F:CA:66:E9:76:01:30:D6:02:EE:57:06:6F:88:61:01:94:9C:5E:12:61:04:C5:8C:E1:27:8A:81:28:7D:A4:6C:7B:3C:96:85:BE:3C:DB:24:E3:1E:4F:36:19:CF:7B:AC:22:0A:E8:79:84:6B:86:C1:47:DD:5A:9D:DE:AF:C6:4B:3E:B4:3B:0F:46:72:FB:B4:91:ED:A1:6E:1E:29:F9:A2:F5:8B:05:51:25:D0:C9:1F:4E:61:ED:B0:A9:35:E2:FE:8B:5F:B0:93:04:B4:D3:BF:62:25:AF:91:CC:DB:0C:A9:FE:85:80:FB:70:C1:49:47:B4:C5:58:D2:5C:4F:2B:30:5E:28:39:C3:86:0F:A1:76:5B:1A:DC:D5:DB:1D:0B:AB:D3:36:51:63:E9:80:E4:F1:7C:FA:67:73:65:30:36:BF:BC:94:30:E1:56:2C:C6:82"
  },
  "key_size": 2048,
  "validity": {
    "not_valid_after": "2023-07-06 22:36:04",
    "not_valid_before": "2022-07-06 22:42:20"
  }
}

TASK [Load certificate YAML to cert_issued variable] ***************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:83
Wednesday 06 July 2022  22:42:38 +0000 (0:00:00.628)       0:00:27.739 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "ansible_facts": {
        "cert_issued": {
            "extensions": {
                "authorityKeyIdentifier": {
                    "critical": false,
                    "value": "59:31:B7:F8:0D:08:12:16:0A:D4:E8:FA:0B:BD:91:65:C9:DC:60:5A"
                },
                "basicConstraints": {
                    "critical": true,
                    "value": {
                        "ca": false
                    }
                },
                "extendedKeyUsage": {
                    "critical": false,
                    "value": [
                        {
                            "name": "id-kp-serverAuth",
                            "oid": "1.3.6.1.5.5.7.3.1"
                        },
                        {
                            "name": "id-kp-clientAuth",
                            "oid": "1.3.6.1.5.5.7.3.2"
                        }
                    ]
                },
                "keyUsage": {
                    "critical": false,
                    "value": [
                        "digital_signature",
                        "key_encipherment"
                    ]
                },
                "subjectAltName": {
                    "critical": false,
                    "value": [
                        {
                            "name": "DNS",
                            "value": "www.example.net"
                        }
                    ]
                },
                "subjectKeyIdentifier": {
                    "critical": false,
                    "value": "E2:8A:AC:10:18:94:EB:50:F7:3B:7F:C2:E2:A4:3B:A5:35:EA:32:56"
                }
            },
            "key_size": 2048,
            "signature_algorithm": {
                "algorithm": "sha256WithRSAEncryption",
                "signature": "1F:BE:02:F6:18:EA:A9:1F:E8:06:B2:80:76:04:3F:7E:F9:98:6D:C9:AF:29:9D:81:0B:00:39:7A:29:F2:01:B6:39:E4:0C:FC:CD:D9:91:A8:71:4D:53:3A:D2:9B:09:96:6C:1B:B3:A9:2A:F4:63:E3:84:FE:17:7C:5D:75:26:C9:62:D9:22:01:DA:BA:7B:C6:47:CA:E2:6B:37:20:85:43:F5:58:A3:23:0F:5C:8C:CC:3F:CA:66:E9:76:01:30:D6:02:EE:57:06:6F:88:61:01:94:9C:5E:12:61:04:C5:8C:E1:27:8A:81:28:7D:A4:6C:7B:3C:96:85:BE:3C:DB:24:E3:1E:4F:36:19:CF:7B:AC:22:0A:E8:79:84:6B:86:C1:47:DD:5A:9D:DE:AF:C6:4B:3E:B4:3B:0F:46:72:FB:B4:91:ED:A1:6E:1E:29:F9:A2:F5:8B:05:51:25:D0:C9:1F:4E:61:ED:B0:A9:35:E2:FE:8B:5F:B0:93:04:B4:D3:BF:62:25:AF:91:CC:DB:0C:A9:FE:85:80:FB:70:C1:49:47:B4:C5:58:D2:5C:4F:2B:30:5E:28:39:C3:86:0F:A1:76:5B:1A:DC:D5:DB:1D:0B:AB:D3:36:51:63:E9:80:E4:F1:7C:FA:67:73:65:30:36:BF:BC:94:30:E1:56:2C:C6:82"
            },
            "subject": [
                {
                    "name": "commonName",
                    "oid": "2.5.4.3",
                    "value": "www.example.net"
                }
            ],
            "validity": {
                "not_valid_after": "2023-07-06 22:36:04",
                "not_valid_before": "2022-07-06 22:42:20"
            }
        }
    },
    "changed": false
}

TASK [Verify certificate subject] **********************************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:87
Wednesday 06 July 2022  22:42:38 +0000 (0:00:00.073)       0:00:27.812 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "changed": false
}

MSG:

All assertions passed

TASK [Verify certificate SAN] **************************************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:96
Wednesday 06 July 2022  22:42:38 +0000 (0:00:00.074)       0:00:27.886 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "changed": false
}

MSG:

All assertions passed

TASK [Verify key size] *********************************************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:105
Wednesday 06 July 2022  22:42:38 +0000 (0:00:00.031)       0:00:27.918 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "changed": false
}

MSG:

All assertions passed

TASK [Verify certificate Key Usage] ********************************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:112
Wednesday 06 July 2022  22:42:38 +0000 (0:00:00.069)       0:00:27.988 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "changed": false
}

MSG:

All assertions passed

TASK [Verify certificate Extended Key Usage] ***********************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:125
Wednesday 06 July 2022  22:42:38 +0000 (0:00:00.073)       0:00:28.061 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "changed": false
}

MSG:

All assertions passed

TASK [Retrieve auto-renew flag] ************************************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:141
Wednesday 06 July 2022  22:42:38 +0000 (0:00:00.072)       0:00:28.134 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "changed": false,
    "cmd": "set -euo pipefail; getcert list -f /etc/pki/tls/certs/another-cert.crt | grep 'auto-renew' | sed 's/^\\s\\+auto-renew: //g'",
    "delta": "0:00:00.071580",
    "end": "2022-07-06 18:42:38.516249",
    "rc": 0,
    "start": "2022-07-06 18:42:38.444669"
}

STDOUT:

yes

TASK [Verify certificate auto-renew flag] **************************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:150
Wednesday 06 July 2022  22:42:39 +0000 (0:00:00.473)       0:00:28.608 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "changed": false
}

MSG:

All assertions passed
META: ran handlers
META: ran handlers

PLAY RECAP *********************************************************************
/cache/rhel-8.qcow2        : ok=74   changed=1    unreachable=0    failed=0    skipped=1    rescued=0    ignored=0   

Wednesday 06 July 2022  22:42:39 +0000 (0:00:00.084)       0:00:28.692 ******** 
=============================================================================== 
linux-system-roles.certificate : Ensure certificate requests ------------ 2.75s
/tmp/tmplpebei7w/tests/roles/linux-system-roles.certificate/tasks/main.yml:100 
linux-system-roles.certificate : Ensure certificate role dependencies are installed --- 1.54s
/tmp/tmplpebei7w/tests/roles/linux-system-roles.certificate/tasks/main.yml:5 --
linux-system-roles.certificate : Ensure provider packages are installed --- 1.33s
/tmp/tmplpebei7w/tests/roles/linux-system-roles.certificate/tasks/main.yml:22 -
Ensure python3 is installed --------------------------------------------- 1.31s
/tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:6 --------------
set up internal repositories -------------------------------------------- 1.31s
/cache/rhel-8_setup.yml:5 -----------------------------------------------------
Ensure python3 is installed --------------------------------------------- 1.30s
/tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:6 --------------
Ensure python3 is installed --------------------------------------------- 1.29s
/tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:6 --------------
Install the package, force upgrade -------------------------------------- 1.16s
/tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:11 -------------
Install the package, force upgrade -------------------------------------- 1.09s
/tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:11 -------------
Gathering Facts --------------------------------------------------------- 1.07s
/tmp/tmplpebei7w/tests/tests_many_self_signed.yml:2 ---------------------------
Install the package, force upgrade -------------------------------------- 1.02s
/tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:11 -------------
Install certreader ------------------------------------------------------ 0.92s
/tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:18 -------------
Install certreader ------------------------------------------------------ 0.88s
/tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:18 -------------
Install certreader ------------------------------------------------------ 0.87s
/tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:18 -------------
Gathering Facts --------------------------------------------------------- 0.79s
/tmp/tmplpebei7w/tests/tests_many_self_signed.yml:18 --------------------------
linux-system-roles.certificate : Ensure provider service is running ----- 0.77s
/tmp/tmplpebei7w/tests/roles/linux-system-roles.certificate/tasks/main.yml:88 -
Parse certificate ------------------------------------------------------- 0.71s
/tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:78 -------------
Parse certificate ------------------------------------------------------- 0.63s
/tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:78 -------------
Parse certificate ------------------------------------------------------- 0.61s
/tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:78 -------------
linux-system-roles.certificate : Ensure pre-scripts hooks directory exists --- 0.54s
/tmp/tmplpebei7w/tests/roles/linux-system-roles.certificate/tasks/main.yml:33 -
ansible-playbook [core 2.12.6]
  config file = /etc/ansible/ansible.cfg
  configured module search path = ['/root/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/lib/python3.9/site-packages/ansible
  ansible collection location = /tmp/tmpt8vnebz7
  executable location = /usr/bin/ansible-playbook
  python version = 3.9.13 (main, May 18 2022, 00:00:00) [GCC 11.3.1 20220421 (Red Hat 11.3.1-2)]
  jinja version = 2.11.3
  libyaml = True
Using /etc/ansible/ansible.cfg as config file
Skipping callback 'debug', as we already have a stdout callback.
Skipping callback 'default', as we already have a stdout callback.
Skipping callback 'minimal', as we already have a stdout callback.
Skipping callback 'oneline', as we already have a stdout callback.

PLAYBOOK: rhel-8_setup.yml *****************************************************
1 plays in /cache/rhel-8_setup.yml

PLAY [Setup repos] *************************************************************
META: ran handlers

TASK [set up internal repositories] ********************************************
task path: /cache/rhel-8_setup.yml:5
Wednesday 06 July 2022  22:54:45 +0000 (0:00:00.018)       0:00:00.018 ******** 
ok: [/cache/rhel-8.qcow2] => (item=None) => {
    "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result",
    "changed": false
}
ok: [/cache/rhel-8.qcow2] => (item=None) => {
    "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result",
    "changed": false
}
ok: [/cache/rhel-8.qcow2] => (item=None) => {
    "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result",
    "changed": false
}
ok: [/cache/rhel-8.qcow2] => {
    "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result",
    "changed": false
}
META: ran handlers
META: ran handlers

PLAY RECAP *********************************************************************
/cache/rhel-8.qcow2        : ok=1    changed=0    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0   

Wednesday 06 July 2022  22:54:46 +0000 (0:00:01.351)       0:00:01.369 ******** 
=============================================================================== 
set up internal repositories -------------------------------------------- 1.35s
/cache/rhel-8_setup.yml:5 -----------------------------------------------------

PLAYBOOK: tests_many_self_signed.yml *******************************************
2 plays in /tmp/tmp0buh2ky5/tests/certificate/tests_many_self_signed.yml

PLAY [Issue many self-signed certificates] *************************************

TASK [Gathering Facts] *********************************************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tests_many_self_signed.yml:2
Wednesday 06 July 2022  22:54:46 +0000 (0:00:00.043)       0:00:01.413 ******** 
ok: [/cache/rhel-8.qcow2]
META: ran handlers

TASK [fedora.linux_system_roles.certificate : Set version specific variables] ***
task path: /tmp/tmpt8vnebz7/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:2
Wednesday 06 July 2022  22:54:48 +0000 (0:00:01.032)       0:00:02.446 ******** 
included: /tmp/tmpt8vnebz7/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/set_vars.yml for /cache/rhel-8.qcow2

TASK [fedora.linux_system_roles.certificate : Ensure ansible_facts used by role] ***
task path: /tmp/tmpt8vnebz7/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/set_vars.yml:2
Wednesday 06 July 2022  22:54:48 +0000 (0:00:00.026)       0:00:02.472 ******** 
ok: [/cache/rhel-8.qcow2]

TASK [fedora.linux_system_roles.certificate : Set platform/version specific variables] ***
task path: /tmp/tmpt8vnebz7/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/set_vars.yml:7
Wednesday 06 July 2022  22:54:48 +0000 (0:00:00.513)       0:00:02.986 ******** 
skipping: [/cache/rhel-8.qcow2] => (item=RedHat.yml)  => {
    "ansible_loop_var": "item",
    "changed": false,
    "item": "RedHat.yml",
    "skip_reason": "Conditional result was False"
}
skipping: [/cache/rhel-8.qcow2] => (item=RedHat.yml)  => {
    "ansible_loop_var": "item",
    "changed": false,
    "item": "RedHat.yml",
    "skip_reason": "Conditional result was False"
}
skipping: [/cache/rhel-8.qcow2] => (item=RedHat_8.yml)  => {
    "ansible_loop_var": "item",
    "changed": false,
    "item": "RedHat_8.yml",
    "skip_reason": "Conditional result was False"
}
skipping: [/cache/rhel-8.qcow2] => (item=RedHat_8.6.yml)  => {
    "ansible_loop_var": "item",
    "changed": false,
    "item": "RedHat_8.6.yml",
    "skip_reason": "Conditional result was False"
}

TASK [fedora.linux_system_roles.certificate : Ensure certificate role dependencies are installed] ***
task path: /tmp/tmpt8vnebz7/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:5
Wednesday 06 July 2022  22:54:48 +0000 (0:00:00.041)       0:00:03.027 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "changed": false,
    "rc": 0,
    "results": []
}

MSG:

Nothing to do

TASK [fedora.linux_system_roles.certificate : Ensure provider packages are installed] ***
task path: /tmp/tmpt8vnebz7/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:22
Wednesday 06 July 2022  22:54:50 +0000 (0:00:01.429)       0:00:04.456 ******** 
ok: [/cache/rhel-8.qcow2] => (item=certmonger) => {
    "__certificate_provider": "certmonger",
    "ansible_loop_var": "__certificate_provider",
    "changed": false,
    "rc": 0,
    "results": []
}

MSG:

Nothing to do

TASK [fedora.linux_system_roles.certificate : Ensure pre-scripts hooks directory exists] ***
task path: /tmp/tmpt8vnebz7/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:33
Wednesday 06 July 2022  22:54:51 +0000 (0:00:01.276)       0:00:05.732 ******** 
ok: [/cache/rhel-8.qcow2] => (item=certmonger) => {
    "__certificate_provider": "certmonger",
    "ansible_loop_var": "__certificate_provider",
    "changed": false,
    "gid": 0,
    "group": "root",
    "mode": "0700",
    "owner": "root",
    "path": "/etc/certmonger//pre-scripts",
    "secontext": "unconfined_u:object_r:etc_t:s0",
    "size": 6,
    "state": "directory",
    "uid": 0
}

TASK [fedora.linux_system_roles.certificate : Ensure post-scripts hooks directory exists] ***
task path: /tmp/tmpt8vnebz7/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:59
Wednesday 06 July 2022  22:54:51 +0000 (0:00:00.526)       0:00:06.259 ******** 
ok: [/cache/rhel-8.qcow2] => (item=certmonger) => {
    "__certificate_provider": "certmonger",
    "ansible_loop_var": "__certificate_provider",
    "changed": false,
    "gid": 0,
    "group": "root",
    "mode": "0700",
    "owner": "root",
    "path": "/etc/certmonger//post-scripts",
    "secontext": "unconfined_u:object_r:etc_t:s0",
    "size": 6,
    "state": "directory",
    "uid": 0
}

TASK [fedora.linux_system_roles.certificate : Ensure provider service is running] ***
task path: /tmp/tmpt8vnebz7/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:88
Wednesday 06 July 2022  22:54:52 +0000 (0:00:00.420)       0:00:06.679 ******** 
ok: [/cache/rhel-8.qcow2] => (item=certmonger) => {
    "__certificate_provider": "certmonger",
    "ansible_loop_var": "__certificate_provider",
    "changed": false,
    "enabled": true,
    "name": "certmonger",
    "state": "started",
    "status": {
        "ActiveEnterTimestamp": "Wed 2022-07-06 18:48:34 EDT",
        "ActiveEnterTimestampMonotonic": "217577643",
        "ActiveExitTimestampMonotonic": "0",
        "ActiveState": "active",
        "After": "dbus.service dbus.socket sysinit.target system.slice basic.target network.target syslog.target systemd-journald.socket",
        "AllowIsolate": "no",
        "AllowedCPUs": "",
        "AllowedMemoryNodes": "",
        "AmbientCapabilities": "",
        "AssertResult": "yes",
        "AssertTimestamp": "Wed 2022-07-06 18:48:34 EDT",
        "AssertTimestampMonotonic": "217565677",
        "Before": "shutdown.target multi-user.target",
        "BlockIOAccounting": "no",
        "BlockIOWeight": "[not set]",
        "BusName": "org.fedorahosted.certmonger",
        "CPUAccounting": "no",
        "CPUAffinity": "",
        "CPUAffinityFromNUMA": "no",
        "CPUQuotaPerSecUSec": "infinity",
        "CPUQuotaPeriodUSec": "infinity",
        "CPUSchedulingPolicy": "0",
        "CPUSchedulingPriority": "0",
        "CPUSchedulingResetOnFork": "no",
        "CPUShares": "[not set]",
        "CPUUsageNSec": "[not set]",
        "CPUWeight": "[not set]",
        "CacheDirectoryMode": "0755",
        "CanFreeze": "yes",
        "CanIsolate": "no",
        "CanReload": "no",
        "CanStart": "yes",
        "CanStop": "yes",
        "CapabilityBoundingSet": "cap_chown cap_dac_override cap_dac_read_search cap_fowner cap_fsetid cap_kill cap_setgid cap_setuid cap_setpcap cap_linux_immutable cap_net_bind_service cap_net_broadcast cap_net_admin cap_net_raw cap_ipc_lock cap_ipc_owner cap_sys_module cap_sys_rawio cap_sys_chroot cap_sys_ptrace cap_sys_pacct cap_sys_admin cap_sys_boot cap_sys_nice cap_sys_resource cap_sys_time cap_sys_tty_config cap_mknod cap_lease cap_audit_write cap_audit_control cap_setfcap cap_mac_override cap_mac_admin cap_syslog cap_wake_alarm cap_block_suspend cap_audit_read cap_perfmon cap_bpf",
        "CollectMode": "inactive",
        "ConditionResult": "yes",
        "ConditionTimestamp": "Wed 2022-07-06 18:48:34 EDT",
        "ConditionTimestampMonotonic": "217565676",
        "ConfigurationDirectoryMode": "0755",
        "Conflicts": "shutdown.target",
        "ControlGroup": "/system.slice/certmonger.service",
        "ControlPID": "0",
        "DefaultDependencies": "yes",
        "DefaultMemoryLow": "0",
        "DefaultMemoryMin": "0",
        "Delegate": "no",
        "Description": "Certificate monitoring and PKI enrollment",
        "DevicePolicy": "auto",
        "DynamicUser": "no",
        "EffectiveCPUs": "",
        "EffectiveMemoryNodes": "",
        "EnvironmentFiles": "/etc/sysconfig/certmonger (ignore_errors=yes)",
        "ExecMainCode": "0",
        "ExecMainExitTimestampMonotonic": "0",
        "ExecMainPID": "23914",
        "ExecMainStartTimestamp": "Wed 2022-07-06 18:48:34 EDT",
        "ExecMainStartTimestampMonotonic": "217566944",
        "ExecMainStatus": "0",
        "ExecStart": "{ path=/usr/sbin/certmonger ; argv[]=/usr/sbin/certmonger -S -p /run/certmonger.pid -n $OPTS ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }",
        "FailureAction": "none",
        "FileDescriptorStoreMax": "0",
        "FragmentPath": "/usr/lib/systemd/system/certmonger.service",
        "FreezerState": "running",
        "GID": "[not set]",
        "GuessMainPID": "yes",
        "IOAccounting": "no",
        "IOSchedulingClass": "0",
        "IOSchedulingPriority": "0",
        "IOWeight": "[not set]",
        "IPAccounting": "no",
        "IPEgressBytes": "18446744073709551615",
        "IPEgressPackets": "18446744073709551615",
        "IPIngressBytes": "18446744073709551615",
        "IPIngressPackets": "18446744073709551615",
        "Id": "certmonger.service",
        "IgnoreOnIsolate": "no",
        "IgnoreSIGPIPE": "yes",
        "InactiveEnterTimestampMonotonic": "0",
        "InactiveExitTimestamp": "Wed 2022-07-06 18:48:34 EDT",
        "InactiveExitTimestampMonotonic": "217566995",
        "InvocationID": "d54891b3cfa34d7ca4a9f82aac3ff004",
        "JobRunningTimeoutUSec": "infinity",
        "JobTimeoutAction": "none",
        "JobTimeoutUSec": "infinity",
        "KeyringMode": "private",
        "KillMode": "control-group",
        "KillSignal": "15",
        "LimitAS": "infinity",
        "LimitASSoft": "infinity",
        "LimitCORE": "infinity",
        "LimitCORESoft": "0",
        "LimitCPU": "infinity",
        "LimitCPUSoft": "infinity",
        "LimitDATA": "infinity",
        "LimitDATASoft": "infinity",
        "LimitFSIZE": "infinity",
        "LimitFSIZESoft": "infinity",
        "LimitLOCKS": "infinity",
        "LimitLOCKSSoft": "infinity",
        "LimitMEMLOCK": "65536",
        "LimitMEMLOCKSoft": "65536",
        "LimitMSGQUEUE": "819200",
        "LimitMSGQUEUESoft": "819200",
        "LimitNICE": "0",
        "LimitNICESoft": "0",
        "LimitNOFILE": "262144",
        "LimitNOFILESoft": "1024",
        "LimitNPROC": "14648",
        "LimitNPROCSoft": "14648",
        "LimitRSS": "infinity",
        "LimitRSSSoft": "infinity",
        "LimitRTPRIO": "0",
        "LimitRTPRIOSoft": "0",
        "LimitRTTIME": "infinity",
        "LimitRTTIMESoft": "infinity",
        "LimitSIGPENDING": "14648",
        "LimitSIGPENDINGSoft": "14648",
        "LimitSTACK": "infinity",
        "LimitSTACKSoft": "8388608",
        "LoadState": "loaded",
        "LockPersonality": "no",
        "LogLevelMax": "-1",
        "LogRateLimitBurst": "0",
        "LogRateLimitIntervalUSec": "0",
        "LogsDirectoryMode": "0755",
        "MainPID": "23914",
        "MemoryAccounting": "yes",
        "MemoryCurrent": "3977216",
        "MemoryDenyWriteExecute": "no",
        "MemoryHigh": "infinity",
        "MemoryLimit": "infinity",
        "MemoryLow": "0",
        "MemoryMax": "infinity",
        "MemoryMin": "0",
        "MemorySwapMax": "infinity",
        "MountAPIVFS": "no",
        "MountFlags": "",
        "NFileDescriptorStore": "0",
        "NRestarts": "0",
        "NUMAMask": "",
        "NUMAPolicy": "n/a",
        "Names": "certmonger.service",
        "NeedDaemonReload": "no",
        "Nice": "0",
        "NoNewPrivileges": "no",
        "NonBlocking": "no",
        "NotifyAccess": "none",
        "OOMScoreAdjust": "0",
        "OnFailureJobMode": "replace",
        "PIDFile": "/run/certmonger.pid",
        "PartOf": "dbus.service",
        "PermissionsStartOnly": "no",
        "Perpetual": "no",
        "PrivateDevices": "no",
        "PrivateMounts": "no",
        "PrivateNetwork": "no",
        "PrivateTmp": "no",
        "PrivateUsers": "no",
        "ProtectControlGroups": "no",
        "ProtectHome": "no",
        "ProtectKernelModules": "no",
        "ProtectKernelTunables": "no",
        "ProtectSystem": "no",
        "RefuseManualStart": "no",
        "RefuseManualStop": "no",
        "RemainAfterExit": "no",
        "RemoveIPC": "no",
        "Requires": "system.slice dbus.socket sysinit.target",
        "Restart": "no",
        "RestartUSec": "100ms",
        "RestrictNamespaces": "no",
        "RestrictRealtime": "no",
        "RestrictSUIDSGID": "no",
        "Result": "success",
        "RootDirectoryStartOnly": "no",
        "RuntimeDirectoryMode": "0755",
        "RuntimeDirectoryPreserve": "no",
        "RuntimeMaxUSec": "infinity",
        "SameProcessGroup": "no",
        "SecureBits": "0",
        "SendSIGHUP": "no",
        "SendSIGKILL": "yes",
        "Slice": "system.slice",
        "StandardError": "inherit",
        "StandardInput": "null",
        "StandardInputData": "",
        "StandardOutput": "journal",
        "StartLimitAction": "none",
        "StartLimitBurst": "5",
        "StartLimitIntervalUSec": "10s",
        "StartupBlockIOWeight": "[not set]",
        "StartupCPUShares": "[not set]",
        "StartupCPUWeight": "[not set]",
        "StartupIOWeight": "[not set]",
        "StateChangeTimestamp": "Wed 2022-07-06 18:48:34 EDT",
        "StateChangeTimestampMonotonic": "217577643",
        "StateDirectoryMode": "0755",
        "StatusErrno": "0",
        "StopWhenUnneeded": "no",
        "SubState": "running",
        "SuccessAction": "none",
        "SyslogFacility": "3",
        "SyslogLevel": "6",
        "SyslogLevelPrefix": "yes",
        "SyslogPriority": "30",
        "SystemCallErrorNumber": "0",
        "TTYReset": "no",
        "TTYVHangup": "no",
        "TTYVTDisallocate": "no",
        "TasksAccounting": "yes",
        "TasksCurrent": "1",
        "TasksMax": "23436",
        "TimeoutStartUSec": "1min 30s",
        "TimeoutStopUSec": "1min 30s",
        "TimerSlackNSec": "50000",
        "Transient": "no",
        "Type": "dbus",
        "UID": "[not set]",
        "UMask": "0022",
        "UnitFilePreset": "disabled",
        "UnitFileState": "enabled",
        "UtmpMode": "init",
        "WantedBy": "multi-user.target",
        "WatchdogTimestamp": "Wed 2022-07-06 18:48:34 EDT",
        "WatchdogTimestampMonotonic": "217577641",
        "WatchdogUSec": "0"
    }
}

TASK [fedora.linux_system_roles.certificate : Ensure certificate requests] *****
task path: /tmp/tmpt8vnebz7/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:99
Wednesday 06 July 2022  22:54:53 +0000 (0:00:00.802)       0:00:07.482 ******** 
changed: [/cache/rhel-8.qcow2] => (item={'name': 'mycert_many_self_signed', 'dns': 'www.example.com', 'ca': 'self-sign'}) => {
    "ansible_loop_var": "item",
    "changed": true,
    "item": {
        "ca": "self-sign",
        "dns": "www.example.com",
        "name": "mycert_many_self_signed"
    }
}

MSG:

Certificate requested (new).
changed: [/cache/rhel-8.qcow2] => (item={'name': 'other-cert', 'dns': 'www.example.org', 'ca': 'self-sign'}) => {
    "ansible_loop_var": "item",
    "changed": true,
    "item": {
        "ca": "self-sign",
        "dns": "www.example.org",
        "name": "other-cert"
    }
}

MSG:

Certificate requested (new).
changed: [/cache/rhel-8.qcow2] => (item={'name': 'another-cert', 'dns': 'www.example.net', 'ca': 'self-sign'}) => {
    "ansible_loop_var": "item",
    "changed": true,
    "item": {
        "ca": "self-sign",
        "dns": "www.example.net",
        "name": "another-cert"
    }
}

MSG:

Certificate requested (new).
META: role_complete for /cache/rhel-8.qcow2
META: ran handlers
META: ran handlers

PLAY [Verify certificate] ******************************************************

TASK [Gathering Facts] *********************************************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tests_many_self_signed.yml:18
Wednesday 06 July 2022  22:54:55 +0000 (0:00:02.694)       0:00:10.177 ******** 
ok: [/cache/rhel-8.qcow2]
META: ran handlers

TASK [Verify each certificate] *************************************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tests_many_self_signed.yml:50
Wednesday 06 July 2022  22:54:56 +0000 (0:00:00.835)       0:00:11.012 ******** 
included: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml for /cache/rhel-8.qcow2 => (item={'path': '/etc/pki/tls/certs/mycert_many_self_signed.crt', 'key_path': '/etc/pki/tls/private/mycert_many_self_signed.key', 'subject': [{'name': 'commonName', 'oid': '2.5.4.3', 'value': 'www.example.com'}], 'subject_alt_name': [{'name': 'DNS', 'value': 'www.example.com'}]})
included: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml for /cache/rhel-8.qcow2 => (item={'path': '/etc/pki/tls/certs/other-cert.crt', 'key_path': '/etc/pki/tls/private/other-cert.key', 'subject': [{'name': 'commonName', 'oid': '2.5.4.3', 'value': 'www.example.org'}], 'subject_alt_name': [{'name': 'DNS', 'value': 'www.example.org'}]})
included: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml for /cache/rhel-8.qcow2 => (item={'path': '/etc/pki/tls/certs/another-cert.crt', 'key_path': '/etc/pki/tls/private/another-cert.key', 'subject': [{'name': 'commonName', 'oid': '2.5.4.3', 'value': 'www.example.net'}], 'subject_alt_name': [{'name': 'DNS', 'value': 'www.example.net'}]})

TASK [Set virtualenv_path] *****************************************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:2
Wednesday 06 July 2022  22:54:56 +0000 (0:00:00.053)       0:00:11.066 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "ansible_facts": {
        "__virtualenv_path": "/tmp/certificate-tests-venv"
    },
    "changed": false
}

TASK [Ensure python3 is installed] *********************************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:6
Wednesday 06 July 2022  22:54:56 +0000 (0:00:00.027)       0:00:11.093 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "changed": false,
    "rc": 0,
    "results": []
}

MSG:

Nothing to do

TASK [Install the package, force upgrade] **************************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:11
Wednesday 06 July 2022  22:54:58 +0000 (0:00:01.378)       0:00:12.472 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "changed": false,
    "cmd": [
        "/tmp/certificate-tests-venv/bin/pip3",
        "install",
        "-U",
        "pip"
    ],
    "name": [
        "pip"
    ],
    "requirements": null,
    "state": "latest",
    "version": null,
    "virtualenv": "/tmp/certificate-tests-venv"
}

STDOUT:

Requirement already satisfied: pip in ./certificate-tests-venv/lib/python3.6/site-packages (21.3.1)


TASK [Install certreader] ******************************************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:18
Wednesday 06 July 2022  22:54:59 +0000 (0:00:01.125)       0:00:13.597 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "changed": false,
    "cmd": [
        "/tmp/certificate-tests-venv/bin/pip3",
        "install",
        "cryptography<35",
        "certreader>=0.1.1"
    ],
    "name": [
        "cryptography<35",
        "certreader>=0.1.1"
    ],
    "requirements": null,
    "state": "present",
    "version": null,
    "virtualenv": "/tmp/certificate-tests-venv"
}

STDOUT:

Requirement already satisfied: cryptography<35 in ./certificate-tests-venv/lib/python3.6/site-packages (3.4.8)
Requirement already satisfied: certreader>=0.1.1 in ./certificate-tests-venv/lib/python3.6/site-packages (0.1.1)
Requirement already satisfied: cffi>=1.12 in ./certificate-tests-venv/lib/python3.6/site-packages (from cryptography<35) (1.15.1)
Requirement already satisfied: pyasn1 in ./certificate-tests-venv/lib/python3.6/site-packages (from certreader>=0.1.1) (0.4.8)
Requirement already satisfied: pyyaml in ./certificate-tests-venv/lib/python3.6/site-packages (from certreader>=0.1.1) (6.0)
Requirement already satisfied: pycparser in ./certificate-tests-venv/lib/python3.6/site-packages (from cffi>=1.12->cryptography<35) (2.21)


TASK [Retrieve certificate file stats] *****************************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:26
Wednesday 06 July 2022  22:55:00 +0000 (0:00:00.867)       0:00:14.464 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "changed": false,
    "stat": {
        "atime": 1657148092.4848478,
        "attr_flags": "",
        "attributes": [],
        "block_size": 4096,
        "blocks": 8,
        "charset": "us-ascii",
        "checksum": "a1d90497777e5e7266833189eefc16f96758aa10",
        "ctime": 1657148092.4818478,
        "dev": 64515,
        "device_type": 0,
        "executable": false,
        "exists": true,
        "gid": 0,
        "gr_name": "root",
        "inode": 752898,
        "isblk": false,
        "ischr": false,
        "isdir": false,
        "isfifo": false,
        "isgid": false,
        "islnk": false,
        "isreg": true,
        "issock": false,
        "isuid": false,
        "mimetype": "text/plain",
        "mode": "0600",
        "mtime": 1657148092.4818478,
        "nlink": 1,
        "path": "/etc/pki/tls/certs/mycert_many_self_signed.crt",
        "pw_name": "root",
        "readable": true,
        "rgrp": false,
        "roth": false,
        "rusr": true,
        "size": 1273,
        "uid": 0,
        "version": "890315342",
        "wgrp": false,
        "woth": false,
        "writeable": true,
        "wusr": true,
        "xgrp": false,
        "xoth": false,
        "xusr": false
    }
}

TASK [Verify if certificate file exists] ***************************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:31
Wednesday 06 July 2022  22:55:00 +0000 (0:00:00.519)       0:00:14.983 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "changed": false
}

MSG:

All assertions passed

TASK [Verify certificate file owner and group] *********************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:37
Wednesday 06 July 2022  22:55:00 +0000 (0:00:00.033)       0:00:15.017 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "changed": false
}

MSG:

All assertions passed

TASK [Verify certificate permissions] ******************************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:47
Wednesday 06 July 2022  22:55:00 +0000 (0:00:00.045)       0:00:15.062 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "changed": false
}

MSG:

All assertions passed

TASK [Retrieve key file stats] *************************************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:53
Wednesday 06 July 2022  22:55:00 +0000 (0:00:00.043)       0:00:15.106 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "changed": false,
    "stat": {
        "atime": 1657148092.4278479,
        "attr_flags": "",
        "attributes": [],
        "block_size": 4096,
        "blocks": 8,
        "charset": "us-ascii",
        "checksum": "e326219b9dee6e2d84f51666a4433e1a06159b4f",
        "ctime": 1657148092.4818478,
        "dev": 64515,
        "device_type": 0,
        "executable": false,
        "exists": true,
        "gid": 0,
        "gr_name": "root",
        "inode": 9519405,
        "isblk": false,
        "ischr": false,
        "isdir": false,
        "isfifo": false,
        "isgid": false,
        "islnk": false,
        "isreg": true,
        "issock": false,
        "isuid": false,
        "mimetype": "text/plain",
        "mode": "0600",
        "mtime": 1657148092.4818478,
        "nlink": 1,
        "path": "/etc/pki/tls/private/mycert_many_self_signed.key",
        "pw_name": "root",
        "readable": true,
        "rgrp": false,
        "roth": false,
        "rusr": true,
        "size": 1704,
        "uid": 0,
        "version": "3810082974",
        "wgrp": false,
        "woth": false,
        "writeable": true,
        "wusr": true,
        "xgrp": false,
        "xoth": false,
        "xusr": false
    }
}

TASK [Verify if key file exists] ***********************************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:58
Wednesday 06 July 2022  22:55:01 +0000 (0:00:00.374)       0:00:15.480 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "changed": false
}

MSG:

All assertions passed

TASK [Verify key file owner and group] *****************************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:64
Wednesday 06 July 2022  22:55:01 +0000 (0:00:00.032)       0:00:15.512 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "changed": false
}

MSG:

All assertions passed

TASK [Parse certificate] *******************************************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:74
Wednesday 06 July 2022  22:55:01 +0000 (0:00:00.046)       0:00:15.558 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "changed": false,
    "cmd": [
        "/tmp/certificate-tests-venv/bin/certreader2json",
        "/etc/pki/tls/certs/mycert_many_self_signed.crt"
    ],
    "delta": "0:00:00.223449",
    "end": "2022-07-06 18:55:00.407482",
    "rc": 0,
    "start": "2022-07-06 18:55:00.184033"
}

STDOUT:

{
  "subject": [
    {
      "name": "commonName",
      "oid": "2.5.4.3",
      "value": "www.example.com"
    }
  ],
  "extensions": {
    "keyUsage": {
      "value": [
        "digital_signature",
        "key_encipherment"
      ],
      "critical": false
    },
    "subjectAltName": {
      "value": [
        {
          "name": "DNS",
          "value": "www.example.com"
        }
      ],
      "critical": false
    },
    "extendedKeyUsage": {
      "value": [
        {
          "name": "id-kp-serverAuth",
          "oid": "1.3.6.1.5.5.7.3.1"
        },
        {
          "name": "id-kp-clientAuth",
          "oid": "1.3.6.1.5.5.7.3.2"
        }
      ],
      "critical": false
    },
    "basicConstraints": {
      "value": {
        "ca": false
      },
      "critical": true
    },
    "subjectKeyIdentifier": {
      "value": "BB:E3:DB:94:97:71:92:77:92:C5:7B:EF:71:D7:F5:A2:58:8E:C5:ED",
      "critical": false
    },
    "authorityKeyIdentifier": {
      "value": "FD:F7:0C:F2:B1:C6:45:2A:0C:57:81:A6:5B:4F:95:51:CE:58:82:6C",
      "critical": false
    }
  },
  "signature_algorithm": {
    "algorithm": "sha256WithRSAEncryption",
    "signature": "C3:F6:7F:55:8C:00:6F:AB:F8:63:D3:B2:46:4F:55:6B:6A:EA:E2:5C:E2:C8:E2:41:F7:93:1F:3C:8D:D5:F6:10:CF:16:93:92:B2:3F:6C:3D:92:00:2B:5B:54:A5:58:7B:5C:F3:86:2A:66:DB:C3:41:10:8B:88:44:3A:10:C7:4B:83:3A:FB:EF:78:36:04:14:47:6D:23:A4:B1:CA:EC:90:37:FB:95:66:1F:B3:70:36:B4:A1:AF:BB:31:DA:59:C3:68:33:44:33:AB:DA:96:A5:99:E7:06:45:BD:4D:4E:8D:41:62:D9:DC:AC:AA:28:84:7F:3F:1D:0B:4F:13:C3:77:14:32:76:9A:B1:38:AC:A7:86:D2:FE:9B:57:C3:20:93:B0:21:7F:FC:E8:54:F2:8E:C2:5D:A9:51:0E:DB:01:8D:42:7F:74:06:FF:69:DC:2A:08:F1:0B:00:BF:2F:A1:F8:C7:8B:AB:D2:57:4E:91:B6:F9:FF:2E:CE:1B:FE:05:21:3D:7D:C6:A6:07:2A:C5:85:74:C6:98:89:F2:CB:26:BC:4C:62:93:44:BB:C3:C4:44:5F:E7:F3:1D:A0:B7:CC:B9:A3:B5:A7:1A:D2:50:F3:32:9B:79:24:B4:43:81:5E:43:D9:C4:94:18:1D:A4:15:AB:BC:97:F6:11:73:46:BE:C2"
  },
  "key_size": 2048,
  "validity": {
    "not_valid_after": "2023-07-06 22:48:35",
    "not_valid_before": "2022-07-06 22:54:52"
  }
}

TASK [Load certificate YAML to cert_issued variable] ***************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:79
Wednesday 06 July 2022  22:55:01 +0000 (0:00:00.710)       0:00:16.269 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "ansible_facts": {
        "cert_issued": {
            "extensions": {
                "authorityKeyIdentifier": {
                    "critical": false,
                    "value": "FD:F7:0C:F2:B1:C6:45:2A:0C:57:81:A6:5B:4F:95:51:CE:58:82:6C"
                },
                "basicConstraints": {
                    "critical": true,
                    "value": {
                        "ca": false
                    }
                },
                "extendedKeyUsage": {
                    "critical": false,
                    "value": [
                        {
                            "name": "id-kp-serverAuth",
                            "oid": "1.3.6.1.5.5.7.3.1"
                        },
                        {
                            "name": "id-kp-clientAuth",
                            "oid": "1.3.6.1.5.5.7.3.2"
                        }
                    ]
                },
                "keyUsage": {
                    "critical": false,
                    "value": [
                        "digital_signature",
                        "key_encipherment"
                    ]
                },
                "subjectAltName": {
                    "critical": false,
                    "value": [
                        {
                            "name": "DNS",
                            "value": "www.example.com"
                        }
                    ]
                },
                "subjectKeyIdentifier": {
                    "critical": false,
                    "value": "BB:E3:DB:94:97:71:92:77:92:C5:7B:EF:71:D7:F5:A2:58:8E:C5:ED"
                }
            },
            "key_size": 2048,
            "signature_algorithm": {
                "algorithm": "sha256WithRSAEncryption",
                "signature": "C3:F6:7F:55:8C:00:6F:AB:F8:63:D3:B2:46:4F:55:6B:6A:EA:E2:5C:E2:C8:E2:41:F7:93:1F:3C:8D:D5:F6:10:CF:16:93:92:B2:3F:6C:3D:92:00:2B:5B:54:A5:58:7B:5C:F3:86:2A:66:DB:C3:41:10:8B:88:44:3A:10:C7:4B:83:3A:FB:EF:78:36:04:14:47:6D:23:A4:B1:CA:EC:90:37:FB:95:66:1F:B3:70:36:B4:A1:AF:BB:31:DA:59:C3:68:33:44:33:AB:DA:96:A5:99:E7:06:45:BD:4D:4E:8D:41:62:D9:DC:AC:AA:28:84:7F:3F:1D:0B:4F:13:C3:77:14:32:76:9A:B1:38:AC:A7:86:D2:FE:9B:57:C3:20:93:B0:21:7F:FC:E8:54:F2:8E:C2:5D:A9:51:0E:DB:01:8D:42:7F:74:06:FF:69:DC:2A:08:F1:0B:00:BF:2F:A1:F8:C7:8B:AB:D2:57:4E:91:B6:F9:FF:2E:CE:1B:FE:05:21:3D:7D:C6:A6:07:2A:C5:85:74:C6:98:89:F2:CB:26:BC:4C:62:93:44:BB:C3:C4:44:5F:E7:F3:1D:A0:B7:CC:B9:A3:B5:A7:1A:D2:50:F3:32:9B:79:24:B4:43:81:5E:43:D9:C4:94:18:1D:A4:15:AB:BC:97:F6:11:73:46:BE:C2"
            },
            "subject": [
                {
                    "name": "commonName",
                    "oid": "2.5.4.3",
                    "value": "www.example.com"
                }
            ],
            "validity": {
                "not_valid_after": "2023-07-06 22:48:35",
                "not_valid_before": "2022-07-06 22:54:52"
            }
        }
    },
    "changed": false
}

TASK [Verify certificate subject] **********************************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:83
Wednesday 06 July 2022  22:55:01 +0000 (0:00:00.043)       0:00:16.312 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "changed": false
}

MSG:

All assertions passed

TASK [Verify certificate SAN] **************************************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:91
Wednesday 06 July 2022  22:55:01 +0000 (0:00:00.042)       0:00:16.355 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "changed": false
}

MSG:

All assertions passed

TASK [Verify key size] *********************************************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:99
Wednesday 06 July 2022  22:55:01 +0000 (0:00:00.030)       0:00:16.386 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "changed": false
}

MSG:

All assertions passed

TASK [Verify certificate Key Usage] ********************************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:106
Wednesday 06 July 2022  22:55:01 +0000 (0:00:00.045)       0:00:16.431 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "changed": false
}

MSG:

All assertions passed

TASK [Verify certificate Extended Key Usage] ***********************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:118
Wednesday 06 July 2022  22:55:02 +0000 (0:00:00.045)       0:00:16.477 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "changed": false
}

MSG:

All assertions passed

TASK [Retrieve auto-renew flag] ************************************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:132
Wednesday 06 July 2022  22:55:02 +0000 (0:00:00.050)       0:00:16.527 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "changed": false,
    "cmd": "set -euo pipefail; getcert list -f /etc/pki/tls/certs/mycert_many_self_signed.crt | grep 'auto-renew' | sed 's/^\\s\\+auto-renew: //g'",
    "delta": "0:00:00.080614",
    "end": "2022-07-06 18:55:01.115021",
    "rc": 0,
    "start": "2022-07-06 18:55:01.034407"
}

STDOUT:

yes

TASK [Verify certificate auto-renew flag] **************************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:141
Wednesday 06 July 2022  22:55:02 +0000 (0:00:00.449)       0:00:16.977 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "changed": false
}

MSG:

All assertions passed

TASK [Set virtualenv_path] *****************************************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:2
Wednesday 06 July 2022  22:55:02 +0000 (0:00:00.046)       0:00:17.023 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "ansible_facts": {
        "__virtualenv_path": "/tmp/certificate-tests-venv"
    },
    "changed": false
}

TASK [Ensure python3 is installed] *********************************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:6
Wednesday 06 July 2022  22:55:02 +0000 (0:00:00.028)       0:00:17.051 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "changed": false,
    "rc": 0,
    "results": []
}

MSG:

Nothing to do

TASK [Install the package, force upgrade] **************************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:11
Wednesday 06 July 2022  22:55:03 +0000 (0:00:01.327)       0:00:18.378 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "changed": false,
    "cmd": [
        "/tmp/certificate-tests-venv/bin/pip3",
        "install",
        "-U",
        "pip"
    ],
    "name": [
        "pip"
    ],
    "requirements": null,
    "state": "latest",
    "version": null,
    "virtualenv": "/tmp/certificate-tests-venv"
}

STDOUT:

Requirement already satisfied: pip in ./certificate-tests-venv/lib/python3.6/site-packages (21.3.1)


TASK [Install certreader] ******************************************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:18
Wednesday 06 July 2022  22:55:04 +0000 (0:00:01.012)       0:00:19.391 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "changed": false,
    "cmd": [
        "/tmp/certificate-tests-venv/bin/pip3",
        "install",
        "cryptography<35",
        "certreader>=0.1.1"
    ],
    "name": [
        "cryptography<35",
        "certreader>=0.1.1"
    ],
    "requirements": null,
    "state": "present",
    "version": null,
    "virtualenv": "/tmp/certificate-tests-venv"
}

STDOUT:

Requirement already satisfied: cryptography<35 in ./certificate-tests-venv/lib/python3.6/site-packages (3.4.8)
Requirement already satisfied: certreader>=0.1.1 in ./certificate-tests-venv/lib/python3.6/site-packages (0.1.1)
Requirement already satisfied: cffi>=1.12 in ./certificate-tests-venv/lib/python3.6/site-packages (from cryptography<35) (1.15.1)
Requirement already satisfied: pyasn1 in ./certificate-tests-venv/lib/python3.6/site-packages (from certreader>=0.1.1) (0.4.8)
Requirement already satisfied: pyyaml in ./certificate-tests-venv/lib/python3.6/site-packages (from certreader>=0.1.1) (6.0)
Requirement already satisfied: pycparser in ./certificate-tests-venv/lib/python3.6/site-packages (from cffi>=1.12->cryptography<35) (2.21)


TASK [Retrieve certificate file stats] *****************************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:26
Wednesday 06 July 2022  22:55:05 +0000 (0:00:00.849)       0:00:20.240 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "changed": false,
    "stat": {
        "atime": 1657148093.209848,
        "attr_flags": "",
        "attributes": [],
        "block_size": 4096,
        "blocks": 8,
        "charset": "us-ascii",
        "checksum": "5c26427f2d633faa7500898b3df39e17b46c3d5f",
        "ctime": 1657148093.206848,
        "dev": 64515,
        "device_type": 0,
        "executable": false,
        "exists": true,
        "gid": 0,
        "gr_name": "root",
        "inode": 752905,
        "isblk": false,
        "ischr": false,
        "isdir": false,
        "isfifo": false,
        "isgid": false,
        "islnk": false,
        "isreg": true,
        "issock": false,
        "isuid": false,
        "mimetype": "text/plain",
        "mode": "0600",
        "mtime": 1657148093.206848,
        "nlink": 1,
        "path": "/etc/pki/tls/certs/other-cert.crt",
        "pw_name": "root",
        "readable": true,
        "rgrp": false,
        "roth": false,
        "rusr": true,
        "size": 1273,
        "uid": 0,
        "version": "3489799618",
        "wgrp": false,
        "woth": false,
        "writeable": true,
        "wusr": true,
        "xgrp": false,
        "xoth": false,
        "xusr": false
    }
}

TASK [Verify if certificate file exists] ***************************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:31
Wednesday 06 July 2022  22:55:06 +0000 (0:00:00.381)       0:00:20.621 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "changed": false
}

MSG:

All assertions passed

TASK [Verify certificate file owner and group] *********************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:37
Wednesday 06 July 2022  22:55:06 +0000 (0:00:00.032)       0:00:20.654 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "changed": false
}

MSG:

All assertions passed

TASK [Verify certificate permissions] ******************************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:47
Wednesday 06 July 2022  22:55:06 +0000 (0:00:00.046)       0:00:20.700 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "changed": false
}

MSG:

All assertions passed

TASK [Retrieve key file stats] *************************************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:53
Wednesday 06 July 2022  22:55:06 +0000 (0:00:00.052)       0:00:20.753 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "changed": false,
    "stat": {
        "atime": 1657148093.1618478,
        "attr_flags": "",
        "attributes": [],
        "block_size": 4096,
        "blocks": 8,
        "charset": "us-ascii",
        "checksum": "62d590ab407e6da7731a2dec07132b8cb9f1849a",
        "ctime": 1657148093.206848,
        "dev": 64515,
        "device_type": 0,
        "executable": false,
        "exists": true,
        "gid": 0,
        "gr_name": "root",
        "inode": 9519407,
        "isblk": false,
        "ischr": false,
        "isdir": false,
        "isfifo": false,
        "isgid": false,
        "islnk": false,
        "isreg": true,
        "issock": false,
        "isuid": false,
        "mimetype": "text/plain",
        "mode": "0600",
        "mtime": 1657148093.206848,
        "nlink": 1,
        "path": "/etc/pki/tls/private/other-cert.key",
        "pw_name": "root",
        "readable": true,
        "rgrp": false,
        "roth": false,
        "rusr": true,
        "size": 1704,
        "uid": 0,
        "version": "784101028",
        "wgrp": false,
        "woth": false,
        "writeable": true,
        "wusr": true,
        "xgrp": false,
        "xoth": false,
        "xusr": false
    }
}

TASK [Verify if key file exists] ***********************************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:58
Wednesday 06 July 2022  22:55:06 +0000 (0:00:00.362)       0:00:21.115 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "changed": false
}

MSG:

All assertions passed

TASK [Verify key file owner and group] *****************************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:64
Wednesday 06 July 2022  22:55:06 +0000 (0:00:00.031)       0:00:21.146 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "changed": false
}

MSG:

All assertions passed

TASK [Parse certificate] *******************************************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:74
Wednesday 06 July 2022  22:55:06 +0000 (0:00:00.045)       0:00:21.192 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "changed": false,
    "cmd": [
        "/tmp/certificate-tests-venv/bin/certreader2json",
        "/etc/pki/tls/certs/other-cert.crt"
    ],
    "delta": "0:00:00.238743",
    "end": "2022-07-06 18:55:05.964058",
    "rc": 0,
    "start": "2022-07-06 18:55:05.725315"
}

STDOUT:

{
  "subject": [
    {
      "name": "commonName",
      "oid": "2.5.4.3",
      "value": "www.example.org"
    }
  ],
  "extensions": {
    "keyUsage": {
      "value": [
        "digital_signature",
        "key_encipherment"
      ],
      "critical": false
    },
    "subjectAltName": {
      "value": [
        {
          "name": "DNS",
          "value": "www.example.org"
        }
      ],
      "critical": false
    },
    "extendedKeyUsage": {
      "value": [
        {
          "name": "id-kp-serverAuth",
          "oid": "1.3.6.1.5.5.7.3.1"
        },
        {
          "name": "id-kp-clientAuth",
          "oid": "1.3.6.1.5.5.7.3.2"
        }
      ],
      "critical": false
    },
    "basicConstraints": {
      "value": {
        "ca": false
      },
      "critical": true
    },
    "subjectKeyIdentifier": {
      "value": "28:76:7D:C1:89:68:BC:34:13:88:4F:66:00:EB:5F:FD:7B:0C:89:8B",
      "critical": false
    },
    "authorityKeyIdentifier": {
      "value": "FD:F7:0C:F2:B1:C6:45:2A:0C:57:81:A6:5B:4F:95:51:CE:58:82:6C",
      "critical": false
    }
  },
  "signature_algorithm": {
    "algorithm": "sha256WithRSAEncryption",
    "signature": "35:F4:AF:C1:23:0A:D0:E6:C8:E3:7B:B3:99:56:B9:4D:62:E1:97:F6:DE:21:79:E0:BA:0F:24:8B:DF:8A:3D:4C:4C:78:82:6E:D9:C6:44:76:6B:E8:8D:2F:FF:53:3B:9A:8E:78:E3:0D:FC:43:2B:CA:B3:00:AE:91:6A:83:A1:F2:98:F6:46:B8:31:D5:8F:DA:49:38:A2:59:89:1C:AE:18:48:0D:28:49:89:BE:CA:81:36:6C:CD:5A:60:E1:01:03:B2:DF:65:8A:F2:45:39:33:9A:60:C5:C5:8D:67:EC:B8:3B:B3:0E:E5:E8:4D:42:EC:96:9C:AB:C2:33:F1:F8:0E:27:9C:6A:DD:FF:F9:9F:BF:11:DA:EF:18:05:09:F1:70:3C:2C:53:61:AC:28:3A:17:ED:EB:90:8B:E8:97:57:43:AB:C5:44:46:5E:F7:4C:BD:7B:A1:42:FB:9A:CC:A7:F3:DF:FD:21:42:BC:61:08:9B:86:7F:9D:3C:84:87:92:D9:25:08:3F:5B:9F:4F:A2:41:A3:9B:3E:0E:25:1F:4C:E3:1D:04:A0:FF:37:48:BB:3E:08:50:6B:AA:7C:1F:62:B3:3D:62:92:F6:F3:68:B7:C4:B3:BC:CC:5F:CA:26:06:61:A3:1D:26:60:CF:BB:3C:40:1E:A3:70:21:E2:0D:6D:9A"
  },
  "key_size": 2048,
  "validity": {
    "not_valid_after": "2023-07-06 22:48:35",
    "not_valid_before": "2022-07-06 22:54:53"
  }
}

TASK [Load certificate YAML to cert_issued variable] ***************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:79
Wednesday 06 July 2022  22:55:07 +0000 (0:00:00.637)       0:00:21.829 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "ansible_facts": {
        "cert_issued": {
            "extensions": {
                "authorityKeyIdentifier": {
                    "critical": false,
                    "value": "FD:F7:0C:F2:B1:C6:45:2A:0C:57:81:A6:5B:4F:95:51:CE:58:82:6C"
                },
                "basicConstraints": {
                    "critical": true,
                    "value": {
                        "ca": false
                    }
                },
                "extendedKeyUsage": {
                    "critical": false,
                    "value": [
                        {
                            "name": "id-kp-serverAuth",
                            "oid": "1.3.6.1.5.5.7.3.1"
                        },
                        {
                            "name": "id-kp-clientAuth",
                            "oid": "1.3.6.1.5.5.7.3.2"
                        }
                    ]
                },
                "keyUsage": {
                    "critical": false,
                    "value": [
                        "digital_signature",
                        "key_encipherment"
                    ]
                },
                "subjectAltName": {
                    "critical": false,
                    "value": [
                        {
                            "name": "DNS",
                            "value": "www.example.org"
                        }
                    ]
                },
                "subjectKeyIdentifier": {
                    "critical": false,
                    "value": "28:76:7D:C1:89:68:BC:34:13:88:4F:66:00:EB:5F:FD:7B:0C:89:8B"
                }
            },
            "key_size": 2048,
            "signature_algorithm": {
                "algorithm": "sha256WithRSAEncryption",
                "signature": "35:F4:AF:C1:23:0A:D0:E6:C8:E3:7B:B3:99:56:B9:4D:62:E1:97:F6:DE:21:79:E0:BA:0F:24:8B:DF:8A:3D:4C:4C:78:82:6E:D9:C6:44:76:6B:E8:8D:2F:FF:53:3B:9A:8E:78:E3:0D:FC:43:2B:CA:B3:00:AE:91:6A:83:A1:F2:98:F6:46:B8:31:D5:8F:DA:49:38:A2:59:89:1C:AE:18:48:0D:28:49:89:BE:CA:81:36:6C:CD:5A:60:E1:01:03:B2:DF:65:8A:F2:45:39:33:9A:60:C5:C5:8D:67:EC:B8:3B:B3:0E:E5:E8:4D:42:EC:96:9C:AB:C2:33:F1:F8:0E:27:9C:6A:DD:FF:F9:9F:BF:11:DA:EF:18:05:09:F1:70:3C:2C:53:61:AC:28:3A:17:ED:EB:90:8B:E8:97:57:43:AB:C5:44:46:5E:F7:4C:BD:7B:A1:42:FB:9A:CC:A7:F3:DF:FD:21:42:BC:61:08:9B:86:7F:9D:3C:84:87:92:D9:25:08:3F:5B:9F:4F:A2:41:A3:9B:3E:0E:25:1F:4C:E3:1D:04:A0:FF:37:48:BB:3E:08:50:6B:AA:7C:1F:62:B3:3D:62:92:F6:F3:68:B7:C4:B3:BC:CC:5F:CA:26:06:61:A3:1D:26:60:CF:BB:3C:40:1E:A3:70:21:E2:0D:6D:9A"
            },
            "subject": [
                {
                    "name": "commonName",
                    "oid": "2.5.4.3",
                    "value": "www.example.org"
                }
            ],
            "validity": {
                "not_valid_after": "2023-07-06 22:48:35",
                "not_valid_before": "2022-07-06 22:54:53"
            }
        }
    },
    "changed": false
}

TASK [Verify certificate subject] **********************************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:83
Wednesday 06 July 2022  22:55:07 +0000 (0:00:00.048)       0:00:21.878 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "changed": false
}

MSG:

All assertions passed

TASK [Verify certificate SAN] **************************************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:91
Wednesday 06 July 2022  22:55:07 +0000 (0:00:00.048)       0:00:21.926 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "changed": false
}

MSG:

All assertions passed

TASK [Verify key size] *********************************************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:99
Wednesday 06 July 2022  22:55:07 +0000 (0:00:00.032)       0:00:21.959 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "changed": false
}

MSG:

All assertions passed

TASK [Verify certificate Key Usage] ********************************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:106
Wednesday 06 July 2022  22:55:07 +0000 (0:00:00.042)       0:00:22.001 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "changed": false
}

MSG:

All assertions passed

TASK [Verify certificate Extended Key Usage] ***********************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:118
Wednesday 06 July 2022  22:55:07 +0000 (0:00:00.043)       0:00:22.044 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "changed": false
}

MSG:

All assertions passed

TASK [Retrieve auto-renew flag] ************************************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:132
Wednesday 06 July 2022  22:55:07 +0000 (0:00:00.045)       0:00:22.090 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "changed": false,
    "cmd": "set -euo pipefail; getcert list -f /etc/pki/tls/certs/other-cert.crt | grep 'auto-renew' | sed 's/^\\s\\+auto-renew: //g'",
    "delta": "0:00:00.068586",
    "end": "2022-07-06 18:55:06.656835",
    "rc": 0,
    "start": "2022-07-06 18:55:06.588249"
}

STDOUT:

yes

TASK [Verify certificate auto-renew flag] **************************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:141
Wednesday 06 July 2022  22:55:08 +0000 (0:00:00.426)       0:00:22.516 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "changed": false
}

MSG:

All assertions passed

TASK [Set virtualenv_path] *****************************************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:2
Wednesday 06 July 2022  22:55:08 +0000 (0:00:00.043)       0:00:22.559 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "ansible_facts": {
        "__virtualenv_path": "/tmp/certificate-tests-venv"
    },
    "changed": false
}

TASK [Ensure python3 is installed] *********************************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:6
Wednesday 06 July 2022  22:55:08 +0000 (0:00:00.030)       0:00:22.589 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "changed": false,
    "rc": 0,
    "results": []
}

MSG:

Nothing to do

TASK [Install the package, force upgrade] **************************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:11
Wednesday 06 July 2022  22:55:09 +0000 (0:00:01.279)       0:00:23.869 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "changed": false,
    "cmd": [
        "/tmp/certificate-tests-venv/bin/pip3",
        "install",
        "-U",
        "pip"
    ],
    "name": [
        "pip"
    ],
    "requirements": null,
    "state": "latest",
    "version": null,
    "virtualenv": "/tmp/certificate-tests-venv"
}

STDOUT:

Requirement already satisfied: pip in ./certificate-tests-venv/lib/python3.6/site-packages (21.3.1)


TASK [Install certreader] ******************************************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:18
Wednesday 06 July 2022  22:55:10 +0000 (0:00:00.966)       0:00:24.836 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "changed": false,
    "cmd": [
        "/tmp/certificate-tests-venv/bin/pip3",
        "install",
        "cryptography<35",
        "certreader>=0.1.1"
    ],
    "name": [
        "cryptography<35",
        "certreader>=0.1.1"
    ],
    "requirements": null,
    "state": "present",
    "version": null,
    "virtualenv": "/tmp/certificate-tests-venv"
}

STDOUT:

Requirement already satisfied: cryptography<35 in ./certificate-tests-venv/lib/python3.6/site-packages (3.4.8)
Requirement already satisfied: certreader>=0.1.1 in ./certificate-tests-venv/lib/python3.6/site-packages (0.1.1)
Requirement already satisfied: cffi>=1.12 in ./certificate-tests-venv/lib/python3.6/site-packages (from cryptography<35) (1.15.1)
Requirement already satisfied: pyasn1 in ./certificate-tests-venv/lib/python3.6/site-packages (from certreader>=0.1.1) (0.4.8)
Requirement already satisfied: pyyaml in ./certificate-tests-venv/lib/python3.6/site-packages (from certreader>=0.1.1) (6.0)
Requirement already satisfied: pycparser in ./certificate-tests-venv/lib/python3.6/site-packages (from cffi>=1.12->cryptography<35) (2.21)


TASK [Retrieve certificate file stats] *****************************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:26
Wednesday 06 July 2022  22:55:11 +0000 (0:00:00.863)       0:00:25.699 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "changed": false,
    "stat": {
        "atime": 1657148094.1648479,
        "attr_flags": "",
        "attributes": [],
        "block_size": 4096,
        "blocks": 8,
        "charset": "us-ascii",
        "checksum": "08c6d3a400bab067d4e6c0d87e4ad60f08124f20",
        "ctime": 1657148094.1618478,
        "dev": 64515,
        "device_type": 0,
        "executable": false,
        "exists": true,
        "gid": 0,
        "gr_name": "root",
        "inode": 752906,
        "isblk": false,
        "ischr": false,
        "isdir": false,
        "isfifo": false,
        "isgid": false,
        "islnk": false,
        "isreg": true,
        "issock": false,
        "isuid": false,
        "mimetype": "text/plain",
        "mode": "0600",
        "mtime": 1657148094.1618478,
        "nlink": 1,
        "path": "/etc/pki/tls/certs/another-cert.crt",
        "pw_name": "root",
        "readable": true,
        "rgrp": false,
        "roth": false,
        "rusr": true,
        "size": 1273,
        "uid": 0,
        "version": "646303238",
        "wgrp": false,
        "woth": false,
        "writeable": true,
        "wusr": true,
        "xgrp": false,
        "xoth": false,
        "xusr": false
    }
}

TASK [Verify if certificate file exists] ***************************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:31
Wednesday 06 July 2022  22:55:11 +0000 (0:00:00.398)       0:00:26.098 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "changed": false
}

MSG:

All assertions passed

TASK [Verify certificate file owner and group] *********************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:37
Wednesday 06 July 2022  22:55:11 +0000 (0:00:00.034)       0:00:26.132 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "changed": false
}

MSG:

All assertions passed

TASK [Verify certificate permissions] ******************************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:47
Wednesday 06 July 2022  22:55:11 +0000 (0:00:00.045)       0:00:26.177 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "changed": false
}

MSG:

All assertions passed

TASK [Retrieve key file stats] *************************************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:53
Wednesday 06 July 2022  22:55:11 +0000 (0:00:00.041)       0:00:26.219 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "changed": false,
    "stat": {
        "atime": 1657148094.1158478,
        "attr_flags": "",
        "attributes": [],
        "block_size": 4096,
        "blocks": 8,
        "charset": "us-ascii",
        "checksum": "b0c95e1315aa180128cee6965c90d8c658cfaa02",
        "ctime": 1657148094.1618478,
        "dev": 64515,
        "device_type": 0,
        "executable": false,
        "exists": true,
        "gid": 0,
        "gr_name": "root",
        "inode": 9519409,
        "isblk": false,
        "ischr": false,
        "isdir": false,
        "isfifo": false,
        "isgid": false,
        "islnk": false,
        "isreg": true,
        "issock": false,
        "isuid": false,
        "mimetype": "text/plain",
        "mode": "0600",
        "mtime": 1657148094.1618478,
        "nlink": 1,
        "path": "/etc/pki/tls/private/another-cert.key",
        "pw_name": "root",
        "readable": true,
        "rgrp": false,
        "roth": false,
        "rusr": true,
        "size": 1704,
        "uid": 0,
        "version": "1121164723",
        "wgrp": false,
        "woth": false,
        "writeable": true,
        "wusr": true,
        "xgrp": false,
        "xoth": false,
        "xusr": false
    }
}

TASK [Verify if key file exists] ***********************************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:58
Wednesday 06 July 2022  22:55:12 +0000 (0:00:00.374)       0:00:26.593 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "changed": false
}

MSG:

All assertions passed

TASK [Verify key file owner and group] *****************************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:64
Wednesday 06 July 2022  22:55:12 +0000 (0:00:00.066)       0:00:26.660 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "changed": false
}

MSG:

All assertions passed

TASK [Parse certificate] *******************************************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:74
Wednesday 06 July 2022  22:55:12 +0000 (0:00:00.045)       0:00:26.705 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "changed": false,
    "cmd": [
        "/tmp/certificate-tests-venv/bin/certreader2json",
        "/etc/pki/tls/certs/another-cert.crt"
    ],
    "delta": "0:00:00.238533",
    "end": "2022-07-06 18:55:11.455553",
    "rc": 0,
    "start": "2022-07-06 18:55:11.217020"
}

STDOUT:

{
  "subject": [
    {
      "name": "commonName",
      "oid": "2.5.4.3",
      "value": "www.example.net"
    }
  ],
  "extensions": {
    "keyUsage": {
      "value": [
        "digital_signature",
        "key_encipherment"
      ],
      "critical": false
    },
    "subjectAltName": {
      "value": [
        {
          "name": "DNS",
          "value": "www.example.net"
        }
      ],
      "critical": false
    },
    "extendedKeyUsage": {
      "value": [
        {
          "name": "id-kp-serverAuth",
          "oid": "1.3.6.1.5.5.7.3.1"
        },
        {
          "name": "id-kp-clientAuth",
          "oid": "1.3.6.1.5.5.7.3.2"
        }
      ],
      "critical": false
    },
    "basicConstraints": {
      "value": {
        "ca": false
      },
      "critical": true
    },
    "subjectKeyIdentifier": {
      "value": "A5:8C:18:18:B6:87:F7:82:BC:52:69:3E:42:8A:1D:0B:42:C7:D3:3C",
      "critical": false
    },
    "authorityKeyIdentifier": {
      "value": "FD:F7:0C:F2:B1:C6:45:2A:0C:57:81:A6:5B:4F:95:51:CE:58:82:6C",
      "critical": false
    }
  },
  "signature_algorithm": {
    "algorithm": "sha256WithRSAEncryption",
    "signature": "73:D4:6F:49:25:3E:13:E2:A2:9C:A1:C7:B7:95:A2:D7:7B:2B:3A:00:AE:F2:A2:7C:36:4D:4B:1A:A4:4B:16:6A:CD:BA:B4:5D:BA:57:20:23:26:B8:A4:3D:48:B4:97:01:E1:58:8A:02:39:8F:E8:25:C7:8D:3B:EB:12:5B:2A:73:C5:B8:A0:6C:C1:CA:52:1E:8C:6F:C0:41:13:D6:94:F2:6F:5F:3D:BA:6B:AA:88:52:35:C5:23:CC:0F:A0:2E:95:F9:6D:0D:F2:74:A9:31:B8:F4:AD:81:A5:7F:A0:C3:CE:27:3E:B6:75:00:A0:ED:CD:08:26:0B:86:43:48:EF:34:1A:4B:FC:1A:2C:20:95:9B:31:2C:05:44:46:E2:85:3A:AE:D8:94:59:CC:92:B2:B0:FC:38:15:F1:B2:E8:0E:36:C5:3E:DD:EC:B0:D4:DA:DA:6C:7C:55:F6:68:5A:A4:C8:BB:D9:BA:B8:71:AF:ED:72:35:D8:B0:E0:44:29:FE:42:39:D2:F4:EF:A9:3D:38:36:E5:80:F9:3A:FF:E5:B3:AC:22:8A:93:43:95:5E:65:04:4D:C0:BF:37:5D:8C:A3:EC:BA:DD:E6:FC:49:FF:2C:55:55:89:B1:1F:F3:E4:70:6C:3B:6B:84:74:1F:9A:36:5A:EF:A8:5F:69:CE:FC:6A:5F"
  },
  "key_size": 2048,
  "validity": {
    "not_valid_after": "2023-07-06 22:48:35",
    "not_valid_before": "2022-07-06 22:54:54"
  }
}

TASK [Load certificate YAML to cert_issued variable] ***************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:79
Wednesday 06 July 2022  22:55:12 +0000 (0:00:00.613)       0:00:27.319 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "ansible_facts": {
        "cert_issued": {
            "extensions": {
                "authorityKeyIdentifier": {
                    "critical": false,
                    "value": "FD:F7:0C:F2:B1:C6:45:2A:0C:57:81:A6:5B:4F:95:51:CE:58:82:6C"
                },
                "basicConstraints": {
                    "critical": true,
                    "value": {
                        "ca": false
                    }
                },
                "extendedKeyUsage": {
                    "critical": false,
                    "value": [
                        {
                            "name": "id-kp-serverAuth",
                            "oid": "1.3.6.1.5.5.7.3.1"
                        },
                        {
                            "name": "id-kp-clientAuth",
                            "oid": "1.3.6.1.5.5.7.3.2"
                        }
                    ]
                },
                "keyUsage": {
                    "critical": false,
                    "value": [
                        "digital_signature",
                        "key_encipherment"
                    ]
                },
                "subjectAltName": {
                    "critical": false,
                    "value": [
                        {
                            "name": "DNS",
                            "value": "www.example.net"
                        }
                    ]
                },
                "subjectKeyIdentifier": {
                    "critical": false,
                    "value": "A5:8C:18:18:B6:87:F7:82:BC:52:69:3E:42:8A:1D:0B:42:C7:D3:3C"
                }
            },
            "key_size": 2048,
            "signature_algorithm": {
                "algorithm": "sha256WithRSAEncryption",
                "signature": "73:D4:6F:49:25:3E:13:E2:A2:9C:A1:C7:B7:95:A2:D7:7B:2B:3A:00:AE:F2:A2:7C:36:4D:4B:1A:A4:4B:16:6A:CD:BA:B4:5D:BA:57:20:23:26:B8:A4:3D:48:B4:97:01:E1:58:8A:02:39:8F:E8:25:C7:8D:3B:EB:12:5B:2A:73:C5:B8:A0:6C:C1:CA:52:1E:8C:6F:C0:41:13:D6:94:F2:6F:5F:3D:BA:6B:AA:88:52:35:C5:23:CC:0F:A0:2E:95:F9:6D:0D:F2:74:A9:31:B8:F4:AD:81:A5:7F:A0:C3:CE:27:3E:B6:75:00:A0:ED:CD:08:26:0B:86:43:48:EF:34:1A:4B:FC:1A:2C:20:95:9B:31:2C:05:44:46:E2:85:3A:AE:D8:94:59:CC:92:B2:B0:FC:38:15:F1:B2:E8:0E:36:C5:3E:DD:EC:B0:D4:DA:DA:6C:7C:55:F6:68:5A:A4:C8:BB:D9:BA:B8:71:AF:ED:72:35:D8:B0:E0:44:29:FE:42:39:D2:F4:EF:A9:3D:38:36:E5:80:F9:3A:FF:E5:B3:AC:22:8A:93:43:95:5E:65:04:4D:C0:BF:37:5D:8C:A3:EC:BA:DD:E6:FC:49:FF:2C:55:55:89:B1:1F:F3:E4:70:6C:3B:6B:84:74:1F:9A:36:5A:EF:A8:5F:69:CE:FC:6A:5F"
            },
            "subject": [
                {
                    "name": "commonName",
                    "oid": "2.5.4.3",
                    "value": "www.example.net"
                }
            ],
            "validity": {
                "not_valid_after": "2023-07-06 22:48:35",
                "not_valid_before": "2022-07-06 22:54:54"
            }
        }
    },
    "changed": false
}

TASK [Verify certificate subject] **********************************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:83
Wednesday 06 July 2022  22:55:12 +0000 (0:00:00.041)       0:00:27.360 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "changed": false
}

MSG:

All assertions passed

TASK [Verify certificate SAN] **************************************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:91
Wednesday 06 July 2022  22:55:12 +0000 (0:00:00.041)       0:00:27.402 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "changed": false
}

MSG:

All assertions passed

TASK [Verify key size] *********************************************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:99
Wednesday 06 July 2022  22:55:12 +0000 (0:00:00.031)       0:00:27.433 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "changed": false
}

MSG:

All assertions passed

TASK [Verify certificate Key Usage] ********************************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:106
Wednesday 06 July 2022  22:55:13 +0000 (0:00:00.076)       0:00:27.509 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "changed": false
}

MSG:

All assertions passed

TASK [Verify certificate Extended Key Usage] ***********************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:118
Wednesday 06 July 2022  22:55:13 +0000 (0:00:00.073)       0:00:27.582 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "changed": false
}

MSG:

All assertions passed

TASK [Retrieve auto-renew flag] ************************************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:132
Wednesday 06 July 2022  22:55:13 +0000 (0:00:00.043)       0:00:27.626 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "changed": false,
    "cmd": "set -euo pipefail; getcert list -f /etc/pki/tls/certs/another-cert.crt | grep 'auto-renew' | sed 's/^\\s\\+auto-renew: //g'",
    "delta": "0:00:00.070065",
    "end": "2022-07-06 18:55:12.187100",
    "rc": 0,
    "start": "2022-07-06 18:55:12.117035"
}

STDOUT:

yes

TASK [Verify certificate auto-renew flag] **************************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:141
Wednesday 06 July 2022  22:55:13 +0000 (0:00:00.424)       0:00:28.051 ******** 
ok: [/cache/rhel-8.qcow2] => {
    "changed": false
}

MSG:

All assertions passed
META: ran handlers
META: ran handlers

PLAY RECAP *********************************************************************
/cache/rhel-8.qcow2        : ok=74   changed=1    unreachable=0    failed=0    skipped=1    rescued=0    ignored=0   

Wednesday 06 July 2022  22:55:13 +0000 (0:00:00.081)       0:00:28.132 ******** 
=============================================================================== 
fedora.linux_system_roles.certificate : Ensure certificate requests ----- 2.69s
/tmp/tmpt8vnebz7/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:99 
fedora.linux_system_roles.certificate : Ensure certificate role dependencies are installed --- 1.43s
/tmp/tmpt8vnebz7/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:5 
Ensure python3 is installed --------------------------------------------- 1.38s
/tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:6 --
set up internal repositories -------------------------------------------- 1.35s
/cache/rhel-8_setup.yml:5 -----------------------------------------------------
Ensure python3 is installed --------------------------------------------- 1.33s
/tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:6 --
Ensure python3 is installed --------------------------------------------- 1.28s
/tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:6 --
fedora.linux_system_roles.certificate : Ensure provider packages are installed --- 1.28s
/tmp/tmpt8vnebz7/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:22 
Install the package, force upgrade -------------------------------------- 1.13s
/tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:11 -
Gathering Facts --------------------------------------------------------- 1.03s
/tmp/tmp0buh2ky5/tests/certificate/tests_many_self_signed.yml:2 ---------------
Install the package, force upgrade -------------------------------------- 1.01s
/tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:11 -
Install the package, force upgrade -------------------------------------- 0.97s
/tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:11 -
Install certreader ------------------------------------------------------ 0.87s
/tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:18 -
Install certreader ------------------------------------------------------ 0.86s
/tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:18 -
Install certreader ------------------------------------------------------ 0.85s
/tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:18 -
Gathering Facts --------------------------------------------------------- 0.84s
/tmp/tmp0buh2ky5/tests/certificate/tests_many_self_signed.yml:18 --------------
fedora.linux_system_roles.certificate : Ensure provider service is running --- 0.80s
/tmp/tmpt8vnebz7/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:88 
Parse certificate ------------------------------------------------------- 0.71s
/tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:74 -
Parse certificate ------------------------------------------------------- 0.64s
/tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:74 -
Parse certificate ------------------------------------------------------- 0.61s
/tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:74 -
fedora.linux_system_roles.certificate : Ensure pre-scripts hooks directory exists --- 0.53s
/tmp/tmpt8vnebz7/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:33