From ba7086f3b17920bc277f6cca463a105f0c1e71d3 Mon Sep 17 00:00:00 2001
From: Timo Makinen <tmakinen@foo.sh>
Date: Mon, 16 Dec 2024 23:42:08 +0000
Subject: [PATCH] sshd_cert: Use correct CA cert for signing

---
 roles/sshd_cert/tasks/main.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/roles/sshd_cert/tasks/main.yml b/roles/sshd_cert/tasks/main.yml
index 8d5e841..30e52c5 100644
--- a/roles/sshd_cert/tasks/main.yml
+++ b/roles/sshd_cert/tasks/main.yml
@@ -23,12 +23,12 @@
   delegate_to: localhost
   register: sshd_cert_status
 
-- name: Sign key
+- name: Sign certificate
   ansible.builtin.command:
     argv:
       - ssh-keygen
       - -s
-      - /srv/sshca/ca/ca
+      - "/srv/sshca/ca/ca.{{ ansible_date_time['year'] }}"
       - -I
       - "{{ inventory_hostname }}"
       - -h