[SSL error ]
573 views
Skip to first unread message
Jongwon Kim
Jul 10, 2018, 5:07:01 PM7/10/18
to ansible...@googlegroups.com
Hi I am learning ansible now and I am trying install ansible roles , but I got SSL error message as below.
I am running linux in VM.
jkim3@jeff:~/ansible_test$ uname -a
Linux jeff 4.15.0-24-generic #26-Ubuntu SMP Wed Jun 13 08:44:47 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux
jkim3@jeff:~/ansible_test$ ansible-galaxy install -r dellemc_roles.txt
[DEPRECATION WARNING]: going forward only the yaml format will be supported. This feature will be removed in version 2.6. Deprecation warnings can be disabled by setting deprecation_warnings=False in ansible.cfg.
- downloading role 'dellos-aaa', owned by Dell-Networking
- downloading role from https://github.com/Dell-Networking/ansible-role-dellos-aaa/archive/v3.0.0.tar.gz
[ERROR]: failed to download the file: Failed to validate the SSL certificate for github.com:443. Make sure your managed systems have a valid CA certificate installed. You can use validate_certs=False if you do not need to confirm
the servers identity but this is unsafe and not recommended. Paths checked for this platform: /etc/ssl/certs, /etc/pki/ca-trust/extracted/pem, /etc/pki/tls/certs, /usr/share/ca-certificates/cacert.org, /etc/ansible. The exception msg
was: [SSL: WRONG_VERSION_NUMBER] wrong version number (_ssl.c:726).
[WARNING]: - Dell-Networking.dellos-aaa was NOT installed successfully.
ERROR! - you can use --ignore-errors to skip failed roles and finish processing the list.
Dick Visser
Jul 10, 2018, 5:27:40 PM7/10/18
to ansible...@googlegroups.com
Hi
The error already has some useful hints. Did you check those?
What happens if you manually try to retrieve that file using curl or wget?
If that also doesn't work, then you'd need to check what's going on
with your CAs.
It could also be that someone is intercepted traffic and
What ansible version are you using?
Dick
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-proje...@googlegroups.com.
> To post to this group, send email to ansible...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/CAOZJUOyx2eyCyAd-AXyjyKnEq%3DmAkTG2PuJ4mNyVgLwA-F5-NQ%40mail.gmail.com.
> For more options, visit https://groups.google.com/d/optout.
The error already has some useful hints. Did you check those?
What happens if you manually try to retrieve that file using curl or wget?
If that also doesn't work, then you'd need to check what's going on
with your CAs.
It could also be that someone is intercepted traffic and
What ansible version are you using?
Dick
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-proje...@googlegroups.com.
> To post to this group, send email to ansible...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/CAOZJUOyx2eyCyAd-AXyjyKnEq%3DmAkTG2PuJ4mNyVgLwA-F5-NQ%40mail.gmail.com.
> For more options, visit https://groups.google.com/d/optout.
Jongwon Kim
Jul 10, 2018, 6:03:50 PM7/10/18
to ansible...@googlegroups.com
Thanks for your response , Dick
jkim3@jeff:~/ansible_test$ wget https://github.com/Dell-Networking/ansible-role-dellos-aaa/archive/v3.0.0.tar.gz
--2018-07-10 22:00:49-- https://github.com/Dell-Networking/ansible-role-dellos-aaa/archive/v3.0.0.tar.gz
Resolving github.com (github.com)... 192.30.255.113, 192.30.255.112
Connecting to github.com (github.com)|192.30.255.113|:443... connected.
OpenSSL: error:1408F10B:SSL routines:ssl3_get_record:wrong version number
Unable to establish SSL connection.
jkim3@jeff:~/ansible_test$ ansible --version
ansible 2.5.1
To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/CAL8fbwOafNweSAvrvwn-aqv%3Dm18nSv%3DBsuxDU5RkemYnNtgAmQ%40mail.gmail.com.
Dick Visser
Jul 11, 2018, 8:05:25 AM7/11/18
to ansible...@googlegroups.com
On 11 July 2018 at 00:03, Jongwon Kim <kimj...@gmail.com> wrote:
> Thanks for your response , Dick
>
>
> jkim3@jeff:~/ansible_test$ wget
> https://github.com/Dell-Networking/ansible-role-dellos-aaa/archive/v3.0.0.tar.gz
> --2018-07-10 22:00:49--
> https://github.com/Dell-Networking/ansible-role-dellos-aaa/archive/v3.0.0.tar.gz
> Resolving github.com (github.com)... 192.30.255.113, 192.30.255.112
> Connecting to github.com (github.com)|192.30.255.113|:443... connected.
> OpenSSL: error:1408F10B:SSL routines:ssl3_get_record:wrong version number
> Unable to establish SSL connection.
This indicates a generic crypto problem on this host.
> Thanks for your response , Dick
>
>
> jkim3@jeff:~/ansible_test$ wget
> https://github.com/Dell-Networking/ansible-role-dellos-aaa/archive/v3.0.0.tar.gz
> --2018-07-10 22:00:49--
> https://github.com/Dell-Networking/ansible-role-dellos-aaa/archive/v3.0.0.tar.gz
> Resolving github.com (github.com)... 192.30.255.113, 192.30.255.112
> Connecting to github.com (github.com)|192.30.255.113|:443... connected.
> OpenSSL: error:1408F10B:SSL routines:ssl3_get_record:wrong version number
> Unable to establish SSL connection.
Try spinning up a new host. If you encounter the same problem there,
then this indicates some issue upstream.
Either way, it's not related to ansible.
So if you fix the crypto problem, your playbook will likely also start working.
Dick
Jongwon Kim
Jul 11, 2018, 7:05:03 PM7/11/18
to ansible...@googlegroups.com
Hi Dick ,
I found this error was caused by firewall blocking
Thanks a lot
To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/CAL8fbwP%2BO9sVvtZZaW4PX7os%3Dk0LDhTjrwa9FVQshogWkcEtCA%40mail.gmail.com.
Reply all
Reply to author
Forward
0 new messages