configpolicy/roles/burp-server/tasks/ca.yml

- name: ensure burp ca is configured
  template:
    src=CA.cnf.j2
    dest=/etc/burp/CA.cnf
    mode=0644
- name: ensure burp ca is initialized
  become: true
  become_user: burp
  command:
    burp_ca --ca burpCA --dir {{ burp_ca_dir }}
    --config /etc/burp/CA.cnf
    --init
    creates={{ burp_ca_dir }}/CA_burpCA.crt
- name: ensure burp server private key exists
  become: true
  become_user: burp
  command:
    burp_ca --ca burpCA --dir {{ burp_ca_dir }}
    --config /etc/burp/CA.cnf
    --request --key --name {{ burp_ca_server_name }} --batch
    creates={{ burp_ca_dir }}/{{ burp_ca_server_name }}.key
- name: ensure burp server certificate exists
  become: true
  become_user: burp
  command:
    burp_ca --ca burpCA --dir {{ burp_ca_dir }}
    --config /etc/burp/CA.cnf
    --sign --name {{ burp_ca_server_name }} --batch
    creates={{ burp_ca_dir }}/{{ burp_ca_server_name }}.crt
- name: ensure burp certificate symlinks exist
  file:
    path=/etc/burp/{{ item.path }}
    src={{ burp_ca_dir }}/{{ item.src }}
    state=link
  with_items:
  - path: ssl_cert_ca.pem
    src: CA_burpCA.crt
  - path: ssl_cert-server.key
    src: '{{ burp_ca_server_name }}.key'
  - path: ssl_cert-server.pem
    src: '{{ burp_ca_server_name }}.crt'