I am stuck at this step in the ansible monolith install..........I want to
get this working on my mobile machine as I an flying so much i loose a lot
of time developing applications and would like to get a copy working. I am
giving this another try as I would think this would be the closest to a
production model.
any body give me a hand getting past this one.....? This is self contained
and should not need SSL on the instance.......if I can bypass the validate
cert portion that would be okay from my point just not sure where to
declare this in the ansible set up...........
TASK [andrewrothstein.couchdb : install dep pkgs...]
···
***************************
changed: [192.168.33.21] => (item=[u'ca-certificates', u'erlang-nox',
u'libicu52', u'libmozjs185-1.0', u'libnspr4', u'libnspr4-0d', u'gcc',
u'g++', u'make', u'erlang-dev', u'erlang-reltool', u'libcurl4-openssl-dev',
u'libicu-dev', u'libmozjs185-dev', u'libnspr4-dev'])
TASK [andrewrothstein.couchdb : download...]
fatal: [192.168.33.21]: FAILED! => {"changed": false, "failed": true,
"msg": "Failed to validate the SSL certificate for www.apache.org:443. Make
sure your managed systems have a valid CA certificate installed. If the
website serving the url uses SNI you need python >= 2.7.9 on your managed
machine or you can install the urllib3, pyopenssl, ndg-httpsclient,
and pyasn1 python modules to perform SNI verification in python >= 2.6.
You can use validate_certs=False if you do not need to confirm the servers
identity but this is unsafe and not recommended. Paths checked for this
platform: /etc/ssl/certs, /etc/pki/ca-trust/extracted/pem,
/etc/pki/tls/certs, /usr/share/ca-certificates/cacert.org, /etc/ansible"}
to retry, use: --limit @/vagrant/ansible/deploy_stack.retry
PLAY RECAP
192.168.33.21 : ok=125 changed=13 unreachable=0
failed=1
(ansible) vagrant@control:~/commcarehq-ansible/ansible$
Having a similar issue, have you made any progress? Unsure of what it means
···
On Sunday, September 10, 2017 at 1:19:57 PM UTC-5, John Harper wrote:
>
>
>
> I am stuck at this step in the ansible monolith install..........I want to
> get this working on my mobile machine as I an flying so much i loose a lot
> of time developing applications and would like to get a copy working. I am
> giving this another try as I would think this would be the closest to a
> production model.
>
> any body give me a hand getting past this one.....? This is self
> contained and should not need SSL on the instance.......if I can bypass the
> validate cert portion that would be okay from my point just not sure where
> to declare this in the ansible set up...........
>
>
>
> TASK [andrewrothstein.couchdb : install dep pkgs...]
> ***************************
> changed: [192.168.33.21] => (item=[u'ca-certificates', u'erlang-nox',
> u'libicu52', u'libmozjs185-1.0', u'libnspr4', u'libnspr4-0d', u'gcc',
> u'g++', u'make', u'erlang-dev', u'erlang-reltool', u'libcurl4-openssl-dev',
> u'libicu-dev', u'libmozjs185-dev', u'libnspr4-dev'])
>
> TASK [andrewrothstein.couchdb : download...]
> ***********************************
> fatal: [192.168.33.21]: FAILED! => {"changed": false, "failed": true,
> "msg": "Failed to validate the SSL certificate for www.apache.org:443.
> Make sure your managed systems have a valid CA certificate installed. If
> the website serving the url uses SNI you need python >= 2.7.9 on your
> managed machine or you can install the `urllib3`, `pyopenssl`,
> `ndg-httpsclient`, and `pyasn1` python modules to perform SNI verification
> in python >= 2.6. You can use validate_certs=False if you do not need to
> confirm the servers identity but this is unsafe and not recommended. Paths
> checked for this platform: /etc/ssl/certs, /etc/pki/ca-trust/extracted/pem,
> /etc/pki/tls/certs, /usr/share/ca-certificates/cacert.org, /etc/ansible"}
> to retry, use: --limit @/vagrant/ansible/deploy_stack.retry
>
> PLAY RECAP
> *********************************************************************
> 192.168.33.21 : ok=125 changed=13 unreachable=0
> failed=1
>
> (ansible) vagrant@control:~/commcarehq-ansible/ansible$
>
If you upgrade python to > 2.79 then this will go through.
This page has a method of doing the upgrade: 14.04 - Update Python 2.7 to latest version of 2.x - Ask Ubuntu
Simon Kelly
Director of Server Engineer | Dimagi
···
On 15 September 2017 at 21:55, Cameron Grundy wrote:
Having a similar issue, have you made any progress? Unsure of what it means
On Sunday, September 10, 2017 at 1:19:57 PM UTC-5, John Harper wrote:
I am stuck at this step in the ansible monolith install..........I want
to get this working on my mobile machine as I an flying so much i loose a
lot of time developing applications and would like to get a copy working.
I am giving this another try as I would think this would be the closest to
a production model.
any body give me a hand getting past this one.....? This is self
contained and should not need SSL on the instance.......if I can bypass the
validate cert portion that would be okay from my point just not sure where
to declare this in the ansible set up...........
TASK [andrewrothstein.couchdb : install dep pkgs...]
changed: [192.168.33.21] => (item=[u'ca-certificates', u'erlang-nox',
u'libicu52', u'libmozjs185-1.0', u'libnspr4', u'libnspr4-0d', u'gcc',
u'g++', u'make', u'erlang-dev', u'erlang-reltool', u'libcurl4-openssl-dev',
u'libicu-dev', u'libmozjs185-dev', u'libnspr4-dev'])
TASK [andrewrothstein.couchdb : download...]
fatal: [192.168.33.21]: FAILED! => {"changed": false, "failed": true,
"msg": "Failed to validate the SSL certificate for www.apache.org:443.
Make sure your managed systems have a valid CA certificate installed. If
the website serving the url uses SNI you need python >= 2.7.9 on your
managed machine or you can install the urllib3, pyopenssl,
ndg-httpsclient, and pyasn1 python modules to perform SNI verification
in python >= 2.6. You can use validate_certs=False if you do not need to
confirm the servers identity but this is unsafe and not recommended. Paths
checked for this platform: /etc/ssl/certs, /etc/pki/ca-trust/extracted/pem,
/etc/pki/tls/certs, /usr/share/ca-certificates/cacert.org, /etc/ansible"}
to retry, use: --limit @/vagrant/ansible/deploy_stack.retry
PLAY RECAP ************************************************************
192.168.33.21 : ok=125 changed=13 unreachable=0
failed=1
(ansible) vagrant@control:~/commcarehq-ansible/ansible$
--
You received this message because you are subscribed to the Google Groups
"CommCare Developers" group.
To unsubscribe from this group and stop receiving emails from it, send an
email to commcare-developers+unsubscribe@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.