SET-742 Zeus: don't import specific service certificates into truststore

roles/java_certs/tasks/java_certs.yml

@@ -1,8 +1,8 @@
 ---
 - ansible.builtin.assert:
     that:
-      - certificate_list is defined
-      - certificate_list is iterable
+      - root_ca_certs is defined
+      - root_ca_certs is iterable
 
 # reset cacerts_file fact between iterations
 - ansible.builtin.set_fact:
@@ -46,20 +46,6 @@
   loop_control:
     loop_var: cert
 
-- name: Remove SSL certificates in {{ jdk.name }}
-  when: rebuild_keystore|default(false)
-  community.general.java_cert:
-    cert_url: "{{ removessl.cert_url }}"
-    keystore_path: "{{ cacerts_file }}"
-    cert_alias: "{{ removessl.alias }}"
-    executable: "{{ jdk.home }}/{{ jdk.name }}/bin/keytool"
-    keystore_pass: changeit
-    keystore_create: no
-    state: absent
-  with_items: "{{ certificate_list }}"
-  loop_control:
-    loop_var: removessl
-
 - name: Import Root CA in {{ jdk.name }} {{ cacerts_file }}
   community.general.java_cert:
     cert_path: "{{ jdk_home }}/{{ cert.url | basename }}"
@@ -72,16 +58,3 @@
   with_items: "{{ root_ca_certs }}"
   loop_control:
     loop_var: cert
-
-- name: Import SSL certificates in {{ jdk.name }}
-  community.general.java_cert:
-    cert_url: "{{ importssl.cert_url }}"
-    keystore_path: "{{ cacerts_file }}"
-    cert_alias: "{{ importssl.alias }}"
-    executable: "{{ jdk.home }}/{{ jdk.name }}/bin/keytool"
-    keystore_pass: changeit
-    keystore_create: no
-    state: present
-  with_items: "{{ certificate_list }}"
-  loop_control:
-    loop_var: importssl