Update openssl.yml

Fix PKCS#12 mobileconfig installation errors when using openssl version > 3 (trailofbits#14558) trailofbits#14622
https://github.com/trailofbits/algo/pull/14622/files

roles/strongswan/tasks/openssl.yml

@@ -155,10 +155,27 @@
  format: OpenSSH
  with_items: "{{ users }}"
 
+ - name: Gather the package facts
+ ansible.builtin.package_facts:
+ manager: auto
+
+ - name: Get OpenSSL version
+ shell: |
+ set -o pipefail
+ {{ openssl_bin }} version |
+ cut -f 2 -d ' '
+ register: ssl_version
+ run_once: true
+
+ - name: Set OpenSSL version fact
+ set_fact:
+ openssl_version: "{{ ssl_version.stdout }}"
+
  - name: Build the client's p12
  shell: >
  umask 077;
  {{ openssl_bin }} pkcs12
+ {{ (openssl_version is version('3', '>=')) | ternary('-legacy', '') }}
  -in certs/{{ item }}.crt
  -inkey private/{{ item }}.key
  -export
@@ -175,6 +192,7 @@
  shell: >
  umask 077;
  {{ openssl_bin }} pkcs12
+ {{ (openssl_version is version('3', '>=')) | ternary('-legacy', '') }}
  -in certs/{{ item }}.crt
  -inkey private/{{ item }}.key
  -export