SSLError(SSLError(1, u'[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify
66 views
Skip to first unread message
Jagannath Pattar
Feb 11, 2022, 9:55:24 AM2/11/22
to Ansible Project
Hi Ansible team,
We are facing the certificate verification issue while executing ansible-playbook.
Could you please suggest how to resolve this issue?
ERROR Logs:
----------
10:36:50 yml with k8s plugin:
10:36:50 HTTPSConnectionPool(host='access-XXXXX-ipv4.XXX.XXX.XXXX.se',
10:36:50 port=443): Max retries exceeded with url: /k8s/clusters/c-nmgnf/version (Caused
10:36:50 by SSLError(SSLError(1, u'[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify
10:36:50 failed (_ssl.c:661)'),))
10:36:50 [WARNING]: Unable to parse /proj/MPS/MPS_CI_REPO/Jenkins_Slave/seliius21127/wor
10:36:50 kspace/runAnsiblePlaybook_CN/SOURCE_TTCN/mec_admin/script/ansibleSource/k8s.yml
Tried followings but did not work:
----------------------------------
host_key_checking = False
Thanks,
Jagannath
----------
10:36:50 yml with k8s plugin:
10:36:50 HTTPSConnectionPool(host='access-XXXXX-ipv4.XXX.XXX.XXXX.se',
10:36:50 port=443): Max retries exceeded with url: /k8s/clusters/c-nmgnf/version (Caused
10:36:50 by SSLError(SSLError(1, u'[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify
10:36:50 failed (_ssl.c:661)'),))
10:36:50 [WARNING]: Unable to parse /proj/MPS/MPS_CI_REPO/Jenkins_Slave/seliius21127/wor
10:36:50 kspace/runAnsiblePlaybook_CN/SOURCE_TTCN/mec_admin/script/ansibleSource/k8s.yml
Tried followings but did not work:
----------------------------------
host_key_checking = False
Thanks,
Jagannath
Jagannath Pattar
Feb 15, 2022, 3:53:48 AM2/15/22
to Ansible Project
Ansible team,
Is there a workaround solution for this issue?
Thanks,
Jagannath
Dick Visser
Feb 15, 2022, 4:08:18 AM2/15/22
to ansible...@googlegroups.com
Your error is clearly about HTTPS certificate verification. If that
fails, disable it.
You haven't shared any playbook code, so we don't know what task
generated this error, so we can't tell more.
> --
> You received this message because you are subscribed to the Google Groups "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to ansible-proje...@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/88e47d8c-880d-4fa6-b721-64b62f3c3192n%40googlegroups.com.
--
Dick Visser
Trust & Identity Service Operations Manager
GÉANT
fails, disable it.
You haven't shared any playbook code, so we don't know what task
generated this error, so we can't tell more.
> You received this message because you are subscribed to the Google Groups "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to ansible-proje...@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/88e47d8c-880d-4fa6-b721-64b62f3c3192n%40googlegroups.com.
--
Dick Visser
Trust & Identity Service Operations Manager
GÉANT
Jagannath Pattar
Feb 15, 2022, 5:15:01 AM2/15/22
to Ansible Project
Hi,
Thanks for the reply. This error occurs even for gather_facts command.
ansible all -m gather_facts --tree /tmp/facts
[WARNING]: * Failed to parse /home/ejagpat/mps/SOURCE_TTCN/mec_admin/script/ansibleSource/k8s.yml with k8s plugin:
HTTPSConnectionPool(host='XXXX.XXX.XXX.XX', port=443): Max retries exceeded with url: /k8s/clusters/c-nmgnf/version (Caused by SSLError(SSLError(1,
u'[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:661)'),))
[WARNING]: Unable to parse /home/ejagpat/mps/SOURCE_TTCN/mec_admin/script/ansibleSource/k8s.yml as an inventory source
[WARNING]: No inventory was parsed, only implicit localhost is available
[WARNING]: provided hosts list is empty, only localhost is available. Note that the implicit localhost does not match 'all'
[WARNING]: * Failed to parse /home/ejagpat/mps/SOURCE_TTCN/mec_admin/script/ansibleSource/k8s.yml with k8s plugin:
HTTPSConnectionPool(host='XXXX.XXX.XXX.XX', port=443): Max retries exceeded with url: /k8s/clusters/c-nmgnf/version (Caused by SSLError(SSLError(1,
u'[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:661)'),))
[WARNING]: Unable to parse /home/ejagpat/mps/SOURCE_TTCN/mec_admin/script/ansibleSource/k8s.yml as an inventory source
[WARNING]: No inventory was parsed, only implicit localhost is available
[WARNING]: provided hosts list is empty, only localhost is available. Note that the implicit localhost does not match 'all'
Disabling certificate check also didnot work.
Please suggest other methods, i give a try.
Thanks,
Jagannath
Felix Fontein
Feb 15, 2022, 6:33:15 AM2/15/22
to ansible...@googlegroups.com
Hi,
are you sure you disabled HTTPS certificate checks for the k8s
inventory plugin? In your original posting, you disabled SSH host key
checking.
Please check out
https://docs.ansible.com/ansible/latest/collections/kubernetes/core/k8s_inventory.html#parameter-connections/validate_certs
Cheers,
Felix
are you sure you disabled HTTPS certificate checks for the k8s
inventory plugin? In your original posting, you disabled SSH host key
checking.
Please check out
https://docs.ansible.com/ansible/latest/collections/kubernetes/core/k8s_inventory.html#parameter-connections/validate_certs
Cheers,
Felix
Jagannath Pattar
Feb 16, 2022, 5:43:45 AM2/16/22
to Ansible Project
Hi Felix,
Thanks for this info. I did not aware of this K8S inventory plugin option.
Now the ansible is working for us.
Thank again, very much appreciated your help.
Cheers,
Jagannath
Reply all
Reply to author
Forward
0 new messages