From 7991ffe33d4cee2a787d30cb48ec363521359a1e Mon Sep 17 00:00:00 2001
From: Jack Ivanov <17044561+jackivanov@users.noreply.github.com>
Date: Wed, 17 Apr 2019 15:20:07 +0200
Subject: [PATCH] Update openssl.yml

---
 roles/strongswan/tasks/openssl.yml | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)

diff --git a/roles/strongswan/tasks/openssl.yml b/roles/strongswan/tasks/openssl.yml
index ffaa7062..fd38611a 100644
--- a/roles/strongswan/tasks/openssl.yml
+++ b/roles/strongswan/tasks/openssl.yml
@@ -151,6 +151,23 @@
     with_items: "{{ users }}"
     register: p12
 
+  - name: Build the client's p12 with the CA cert included
+    shell: >
+      umask 077;
+      {{ openssl_bin }} pkcs12
+      -in certs/{{ item }}.crt
+      -inkey private/{{ item }}.key
+      -export
+      -name {{ item }}
+      -out private/{{ item }}_ca.p12
+      -certfile cacert.pem
+      -passout pass:"{{ p12_export_password }}"
+    args:
+      chdir: "{{ ipsec_pki_path }}"
+      executable: bash
+    with_items: "{{ users }}"
+    register: p12
+
   - name: Copy the p12 certificates
     copy:
       src: "{{ ipsec_pki_path }}/private/{{ item }}.p12"