...
- Put the cert(s) in place on the server; check permissions
- fill in the ansible config values for ssl stuff
- run an ansible playbook that just does that apache setup
- First check/change 'hosts' in the top-level 'app-config.yml' playbook
- ansible-playbook -i hosts --tags "ssl" app-config.yml --ask-vault-pass
- NOTE/TODO! I'm currently refactoring this; won't need tag 'ssl' anymore because apache config stuff is getting its own nested role in apache-passenger/apache-config
- restart apache on server
- referenced: https://www.digitalocean.com/community/tutorials/how-to-install-an-ssl-certificate-from-a-commercial-certificate-authority#apache
...