Hi, I am using the latest commit from the devel branch, and I am having difficulty adding an Apt repository. The system I am running Ansible on is Ubuntu 12.04, the provisioned host is running 14.04. I am using this task:
- apt_repository: repo='ppa:webupd8team/java' The error is: msg: Failed to validate the SSL certificate for launchpad.net:443. Use validate_certs=no or make sure your managed systems have a valid CA certificate installed. Paths checked for this platform: /etc/ssl/certs, /etc/pki/ca-trust/extracted/pem, /etc/pki/tls/certs, /usr/share/ca-certificates/cacert.org, /etc/ansible I tried extracting the CA certificate file that urls.py builds and pass it to gnutls-cli to check whether the CA certificate is indeed missing: $ gnutls-cli --x509cafile certstmp.pem launchpad.net Processed 332 CA certificate(s). [...] - Certificate[0] info: - subject `OU=Domain Control Validated,CN=launchpad.net', issuer `C=US,ST=Arizona,L=Scottsdale,O=GoDaddy.com\, Inc.,OU=http://cer ts.godaddy.com/repository/,CN=Go Daddy Secure Certificate Authority - G2', RSA key 2048 bits, signed using RSA-SHA256, activated `2 014-04-08 05:33:03 UTC', expires `2014-07-25 18:24:13 UTC', SHA-1 fingerprint `3e6aa453dcc8f9888e7ee368b374d9e2b21917c5' - Certificate[1] info: - subject `C=US,ST=Arizona,L=Scottsdale,O=GoDaddy.com\, Inc.,OU=http://certs.godaddy.com/repository/,CN=Go Daddy Secure Certifica te Authority - G2', issuer `C=US,ST=Arizona,L=Scottsdale,O=GoDaddy.com\, Inc.,CN=Go Daddy Root Certificate Authority - G2', RSA key 2048 bits, signed using RSA-SHA256, activated `2011-05-03 07:00:00 UTC', expires `2031-05-03 07:00:00 UTC', SHA-1 fingerprint `27a c9369faf25207bb2627cefaccbe4ef9c319b8' - Certificate[2] info: - subject `C=US,ST=Arizona,L=Scottsdale,O=GoDaddy.com\, Inc.,CN=Go Daddy Root Certificate Authority - G2', issuer `C=US,O=The Go Daddy Group\, Inc.,OU=Go Daddy Class 2 Certification Authority', RSA key 2048 bits, signed using RSA-SHA256, activated `2014-01-01 07:00:00 UTC', expires `2031-05-30 07:00:00 UTC', SHA-1 fingerprint `340b2880f446fcc04e59ed33f52b3d08d6242964' - The hostname in the certificate matches 'launchpad.net'. - Peer's certificate is trusted [...] What else can I do to debug this problem? Regards, Joost -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/d8b09d64-5032-48ac-a019-0b2149e43c12%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
