- name: Install OpenSSL
  ansible.builtin.zypper:
    name: openssl
    state: present

- name: Create SSL directory
  ansible.builtin.file:
    path: "{{ ssl_cert_path }}"
    state: directory
    owner: root
    group: root
    mode: '0755'

- name: Generate private key
  community.crypto.openssl_privatekey:
    path: "{{ ssl_cert_path }}/{{ ssl_key_file }}"
    size: 2048
    type: RSA
    mode: '0600'

- name: Generate CSR (Certificate Signing Request)
  community.crypto.openssl_csr:
    path: "{{ ssl_cert_path }}/{{ ssl_csr_file }}"
    privatekey_path: "{{ ssl_cert_path }}/{{ ssl_key_file }}"
    common_name: "{{ ssl_common_name }}"
    country_name: "{{ ssl_country }}"
    state_or_province_name: "{{ ssl_state }}"
    locality_name: "{{ ssl_locality }}"
    organization_name: "{{ ssl_organization }}"
    organizational_unit_name: "{{ ssl_organizational_unit }}"

- name: Generate Self-Signed SSL Certificate
  community.crypto.x509_certificate:
    path: "{{ ssl_cert_path }}/{{ ssl_cert_file }}"
    privatekey_path: "{{ ssl_cert_path }}/{{ ssl_key_file }}"
    csr_path: "{{ ssl_cert_path }}/{{ ssl_csr_file }}"
    provider: selfsigned
    force: yes