---
- debug: msg="certs are {{chain_certs}} and oid is {{oid}}"
  when: chain_certs is defined and oid is defined

- debug: msg="certs are {{chain_certs}}"
  when: chain_certs is defined and oid is undefined

- name: Build extensions with certs
  shell: echo "{{chain_certs}}{{ (oid) | ternary(',oid=1.2.3.4.5.5','') }}"
  register: cert_ext
  when: chain_certs is defined and oid is defined

- debug: msg="extensions are {{cert_ext.stdout}}"
  when: cert_ext.stdout is defined

- include: generate_pems.yaml

- local_action: stat path="{{mktemp.stdout}}/{{component}}.pkcs12"
  register: pkcs_file
  become: no

- name: Generating pkcs12 chain for {{component}}
  command: openssl pkcs12 -export -out {{generated_certs_dir}}/{{component}}.pkcs12 -inkey {{generated_certs_dir}}/{{component}}.key -in {{generated_certs_dir}}/{{component}}.crt -password pass:pass
  when: not pkcs_file.stat.exists