Issues during terraform plan: https connection does not work
1,190 views
Skip to first unread message
Neil Warden
Aug 11, 2015, 9:51:06 AM8/11/15
to Terraform
Hi,
I am completely new to terraform and try to get through the Getting started.
While executing terraform plan I get errors like:
2015/08/11 15:46:29 [ERR] Checkpoint error: Get https://checkpoint-api.hashicorp.com/v1/check/terraform?arch=amd64&os=linux&signature=d3289979-94ce-c05d-fc4c-9410908e31de&version=0.6.2: x509: failed to load system roots and no roots provided
2015/08/11 15:48:03 [ERROR] root: eval: *terraform.EvalConfigProvider, err: 1 error(s) occurred:
* RequestError: send request failed
caused by: Post https://iam.amazonaws.com/: x509: failed to load system roots and no roots provided
2015/08/11 15:48:03 [ERROR] root: eval: *terraform.EvalSequence, err: 1 error(s) occurred:
* RequestError: send request failed
caused by: Post https://iam.amazonaws.com/: x509: failed to load system roots and no roots provided
2015/08/11 15:48:03 [ERROR] root: eval: *terraform.EvalOpFilter, err: 1 error(s) occurred:
* RequestError: send request failed
caused by: Post https://iam.amazonaws.com/: x509: failed to load system roots and no roots provided
2015/08/11 15:48:03 [ERROR] root: eval: *terraform.EvalSequence, err: 1 error(s) occurred:
* RequestError: send request failed
caused by: Post https://iam.amazonaws.com/: x509: failed to load system roots and no roots provided
My configuration is quite a very starting one:
provider "aws" {
access_key = "<my access key>"
secret_key = "<my secret key>"
region = "eu-central-1"
}
resource "aws_instance" "example" {
ami = "ami-77211c47"
instance_type = "t1.micro"
}
Can anyone guide me what am I doing wrong?
Thanks a lot in advance
Neil
I am completely new to terraform and try to get through the Getting started.
While executing terraform plan I get errors like:
2015/08/11 15:46:29 [ERR] Checkpoint error: Get https://checkpoint-api.hashicorp.com/v1/check/terraform?arch=amd64&os=linux&signature=d3289979-94ce-c05d-fc4c-9410908e31de&version=0.6.2: x509: failed to load system roots and no roots provided
2015/08/11 15:48:03 [ERROR] root: eval: *terraform.EvalConfigProvider, err: 1 error(s) occurred:
* RequestError: send request failed
caused by: Post https://iam.amazonaws.com/: x509: failed to load system roots and no roots provided
2015/08/11 15:48:03 [ERROR] root: eval: *terraform.EvalSequence, err: 1 error(s) occurred:
* RequestError: send request failed
caused by: Post https://iam.amazonaws.com/: x509: failed to load system roots and no roots provided
2015/08/11 15:48:03 [ERROR] root: eval: *terraform.EvalOpFilter, err: 1 error(s) occurred:
* RequestError: send request failed
caused by: Post https://iam.amazonaws.com/: x509: failed to load system roots and no roots provided
2015/08/11 15:48:03 [ERROR] root: eval: *terraform.EvalSequence, err: 1 error(s) occurred:
* RequestError: send request failed
caused by: Post https://iam.amazonaws.com/: x509: failed to load system roots and no roots provided
My configuration is quite a very starting one:
provider "aws" {
access_key = "<my access key>"
secret_key = "<my secret key>"
region = "eu-central-1"
}
resource "aws_instance" "example" {
ami = "ami-77211c47"
instance_type = "t1.micro"
}
Can anyone guide me what am I doing wrong?
Thanks a lot in advance
Neil
Neil Warden
Aug 11, 2015, 9:52:32 AM8/11/15
to Terraform
I forgot to mention:
My OS: Linux de-mucpeext-web1 3.0.101-0.47.52-default #1 SMP Thu Mar 26 10:55:49 UTC 2015 (0e3c7c8) x86_64 x86_64 x86_64 GNU/Linux
I downloaded the binary package x64 for Linux
My OS: Linux de-mucpeext-web1 3.0.101-0.47.52-default #1 SMP Thu Mar 26 10:55:49 UTC 2015 (0e3c7c8) x86_64 x86_64 x86_64 GNU/Linux
I downloaded the binary package x64 for Linux
Andrew Langhorn
Aug 11, 2015, 10:08:05 AM8/11/15
to <terraform-tool@googlegroups.com>
My original thought was that this was similar to an issue I saw mentioned a while ago in the Packer mailing list, where the user was using the x64 package on an x86 machine, but you're using x64 on x64, so that doesn't appear to be it. Has your machine got the CA certificates installed? Try installing the ca-certificates package, assuming Debian/Ubuntu.
To view this discussion on the web visit https://groups.google.com/d/msgid/terraform-tool/1d8d2580-db40-4b96-926d-56a21b68920b%40googlegroups.com.--
This mailing list is governed under the HashiCorp Community Guidelines - https://www.hashicorp.com/community-guidelines.html. Behavior in violation of those guidelines may result in your removal from this mailing list.
GitHub Issues: https://github.com/hashicorp/terraform/issues
IRC: #terraform-tool on Freenode
---
You received this message because you are subscribed to the Google Groups "Terraform" group.
To unsubscribe from this group and stop receiving emails from it, send an email to terraform-too...@googlegroups.com.
Andrew Langhorn
Web Operations
Government Digital Service
a: 6th Floor, Aviation House, 125 Kingsway, London, WC2B 6NH
Neil Warden
Aug 11, 2015, 10:17:18 AM8/11/15
to Terraform
My system is SLES 11 and there it is the openssl-cert package (AFAIK) and this is installed. Anything I can do to further analyze my problem?
Andrew Langhorn
Aug 11, 2015, 10:43:06 AM8/11/15
to <terraform-tool@googlegroups.com>
I might be barking down the wrong tree; what happens when you `curl -iv https://www.google.com`? Do you get a 200 response?
To view this discussion on the web visit https://groups.google.com/d/msgid/terraform-tool/8cc814ff-6f61-4501-b226-39daeece26ce%40googlegroups.com.
Neil Warden
Aug 11, 2015, 10:48:03 AM8/11/15
to Terraform
Problem solved: openssl-cert package installs the certificates in another place than e.g. ca-certificates on Debian. As the paths where terraform searches for the certificates is compiled into the binary and the path does not contain the "SLES path" terraform failed to find the certificates. The quick and dirty solution at my end was to copy them into a location mentioned in the search path.
de-mucpeext-web1:~ # strings /prj/sbtclevel/terraform/terraform
| grep /ssl
/etc/ssl/ca-bundle.pem
/etc/ssl/cert.pem
/etc/ssl/certs/ca-certificates.crt
de-mucpeext-web1:~ # strings /prj/sbtclevel/terraform/terraform | grep crt
/etc/certs/ca-certificates.crt
/etc/pki/tls/certs/ca-bundle.crt
/etc/ssl/certs/ca-certificates.crt
/usr/local/share/certs/ca-root-nss.crt
Under SLES typically the certs are installed elsewhere and in a different manner, so this command helped me out: cat /etc/ssl/certs/*.pem > /etc/ssl/ca-bundle.pem
/etc/ssl/ca-bundle.pem
/etc/ssl/cert.pem
/etc/ssl/certs/ca-certificates.crt
de-mucpeext-web1:~ # strings /prj/sbtclevel/terraform/terraform | grep crt
/etc/certs/ca-certificates.crt
/etc/pki/tls/certs/ca-bundle.crt
/etc/ssl/certs/ca-certificates.crt
/usr/local/share/certs/ca-root-nss.crt
Under SLES typically the certs are installed elsewhere and in a different manner, so this command helped me out: cat /etc/ssl/certs/*.pem > /etc/ssl/ca-bundle.pem
Am Dienstag, 11. August 2015 15:51:06 UTC+2 schrieb Neil Warden:
Markus Schuh
Aug 11, 2015, 10:50:45 AM8/11/15
to Terraform
This is an error of Go's crypto/x509 package, which isn't able to locate the configured system's Root Certs.
For Sles11 there is just /etc/ssl/certs with each root CA in its own file. You can generate
/etc/ssl/ca-bundle.pem
by concatenating the pem files inside /etc/ssl/certs/
Or use a more uptodate distro. SLES 12 for example has the /etc/ssl/ca-bundle.pem as part of the ca-certs related rpm.
Reply all
Reply to author
Forward
0 new messages