SAN fixed

config.cfg

@@ -10,10 +10,10 @@ easyrsa_ca_expire: 3650
 easyrsa_cert_expire: 3650
 
 # if True re-init all existing certificates. Boolean
-easyrsa_reinit_existent: False
+easyrsa_reinit_existent: True
 
 # Domain or ip
-server_name: "{{ ansible_ssh_host }}"
+server_name: "win7.mycompany.local"
 server_ip: "{{ ansible_ssh_host }}"
 
 users:

vpn.yml

@@ -48,8 +48,8 @@
   - name: Install git
     apt: name=git state=latest      
     
-  - name: Fetch easy-rsa-ipsec repo
-    git: repo=git://github.com/ValdikSS/easy-rsa-ipsec.git dest="{{ easyrsa_dir }}"
+  #- name: Fetch easy-rsa-ipsec repo
+    #git: repo=git://github.com/ValdikSS/easy-rsa-ipsec.git dest="{{ easyrsa_dir }}"
 
   - name: Setup the vars file from our template
     template: src=easy-rsa.vars.j2 dest={{ easyrsa_dir }}/easyrsa3/vars
@@ -78,7 +78,7 @@
     
   - name: Build the server pair
     shell: |
-      ./easyrsa --subject-alt-name=DNS:{{ server_name }},IP:{{ server_ip }} build-server-full {{ server_name }} nopass
+      ./easyrsa --subject-alt-name=DNS:{{ server_name }} build-server-full {{ server_name }} nopass
       touch '{{ easyrsa_dir }}/easyrsa3/pki/server_initialized'
     args:
       chdir: '{{ easyrsa_dir }}/easyrsa3/'
@@ -88,7 +88,7 @@
 
   - name: Build the client's pair
     shell: |
-      ./easyrsa --subject-alt-name=DNS:{{ server_name }},IP:{{ server_ip }} build-client-full {{ item }} nopass
+      ./easyrsa --subject-alt-name=DNS:{{ server_name }} build-client-full {{ item }} nopass
       touch '{{ easyrsa_dir }}/easyrsa3/pki/{{ item }}_initialized'
     args:
       chdir: '{{ easyrsa_dir }}/easyrsa3/'