From 46d6b2c72d52d6fdb91fcfc8c396483ef92cdfdd Mon Sep 17 00:00:00 2001 From: Denis Knauf Date: Mon, 28 Feb 2022 18:11:11 +0100 Subject: [PATCH] known_hosts: @cert-authority allowes domain itself, instead of only subdomains. --- tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tasks/main.yml b/tasks/main.yml index 674d1fb..66e65e5 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -74,7 +74,7 @@ hash_host: false path: /etc/ssh/ssh_known_hosts name: '{{ssh_cert_known_domain}}' - key: "@cert-authority *.{{ssh_cert_known_domain}} {{lookup('file', ssh_cert_host_capub_path)}}" + key: "@cert-authority *.{{ssh_cert_known_domain}},{{ssh_cert_known_domain}} {{lookup('file', ssh_cert_host_capub_path)}}" - name: install ssh-cert-renew copy: