From d3b0fcebda4227048421e745a7a127867e329587 Mon Sep 17 00:00:00 2001
From: Samuel Veloso <veloso.lopez.samuel@gmail.com>
Date: Tue, 9 Jun 2020 13:26:30 +0200
Subject: [PATCH] Remove temporary certificates after installation is completed

---
 roles/ipareplica/tasks/install.yml | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/roles/ipareplica/tasks/install.yml b/roles/ipareplica/tasks/install.yml
index 401d877f..fc7f83e4 100644
--- a/roles/ipareplica/tasks/install.yml
+++ b/roles/ipareplica/tasks/install.yml
@@ -751,6 +751,16 @@
       state: absent
     when: result_ipareplica_enable_ipa.changed
 
+  always:
+  - name: Cleanup temporary files
+    file:
+      path: "{{ item }}"
+      state: absent
+    with_items:
+    - "/etc/ipa/.tmp_pkcs12_dirsrv"
+    - "/etc/ipa/.tmp_pkcs12_http"
+    - "/etc/ipa/.tmp_pkcs12_pkinit"
+
   when: not ansible_check_mode and
         not (result_ipareplica_test.client_already_configured is defined or
              result_ipareplica_test.server_already_configured is defined)
-- 
GitLab