I ran into a need for this today. How goes your testing? Need any help? Thanks,
-- Jess On Friday, January 15, 2016 at 3:40:51 PM UTC-8, [email protected] wrote: > > I am currently testing a PR for module_utils/vmware.py which adds > 'validate_certs' as an argument. > > On Friday, January 15, 2016 at 11:30:23 AM UTC-6, Kesten Broughton wrote: >> >> vsphere_guest is based on pysphere and the ansible-extra-modules vmware >> modules are based on psphere, (both of which are largely abandoned) >> but this PR for pyVmomi supported by VWmare should work. >> https://github.com/vmware/pyvmomi-community-samples/pull/213/files >> >> A thing you could do, but shouldn't do for security reasons is note from >> the error which site-packages directory it is failing at. >> Then add the following to the bottom of the sitecustomize.py file therein >> >> import ssl >> >> try: >> _create_unverified_https_context = ssl._create_unverified_context >> except AttributeError: >> # Legacy Python that doesn't verify HTTPS certificates by default >> pass >> else: >> # Handle target environment that doesn't support HTTPS verification >> ssl._create_default_https_context = _create_unverified_https_context >> >> >> On Friday, January 15, 2016 at 12:25:42 AM UTC-6, Brian Coca wrote: >>> >>> we should add validate_certs=yes|no option as we do in other modules. >>> >>> On Fri, Jan 15, 2016 at 1:09 AM, Larry Smith <[email protected]> >>> wrote: >>> > Yup. I know about the default self-signed but I would assume that >>> either >>> > pyvmomi module and/or the Ansible documentation might explain on how >>> to get >>> > around this error. Especially just for testing purposes. Thanks for >>> the >>> > reply though. >>> > >>> > On Thursday, January 14, 2016 at 3:35:47 AM UTC-5, Marcus Franke >>> wrote: >>> >> >>> >> Hi, >>> >> >>> >> by default VMware uses a self signed certificate for the vcenter web >>> >> interface. >>> >> >>> >> You could change this against an official one with a trust anchor >>> your >>> >> system can verify or configure your play not to verify the >>> certificate. If >>> >> that is possible, never used that module myself. >>> >> >>> >> Regards, >>> >> Marcus >>> >> >>> >> >>> >> Larry Smith <[email protected]> schrieb am Mi., 13. Jan. 2016 >>> 18:54: >>> >>> >>> >>> Just getting started messing with these new 2.0 VMWare modules and >>> seem >>> >>> to be stuck on an SSL error. Anyone know how to get around this? Any >>> info >>> >>> would be much appreciated. >>> >>> >>> >>> fatal: [localhost -> localhost]: FAILED! => {"apierror": "[Errno 1] >>> >>> _ssl.c:510: error:14090086:SSL >>> >>> routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed", >>> "changed": >>> >>> false, "failed": true, "msg": "Unable to connect to vCenter or ESXi >>> API on >>> >>> TCP/443."} >>> >>> >>> >>> >>> >>> --- >>> >>> >>> >>> - hosts: all >>> >>> >>> >>> connection: local >>> >>> >>> >>> become: false >>> >>> >>> >>> vars: >>> >>> >>> >>> - datacenter_name: 'LAB' >>> >>> >>> >>> - esxi_user: 'root' >>> >>> >>> >>> - esxi_pass: 'vmware' >>> >>> >>> >>> - pri_domain_name: 'everythingshouldbevirtual.local' >>> >>> >>> >>> - vcenter_host: 'vcsa.{{ pri_domain_name }}' >>> >>> >>> >>> tasks: >>> >>> >>> >>> - name: create DataCenter >>> >>> >>> >>> local_action: > >>> >>> >>> >>> vmware_datacenter >>> >>> >>> >>> hostname="{{ vcenter_host }}" >>> >>> >>> >>> username="{{ esxi_user }}" >>> >>> >>> >>> password="{{ esxi_pass }}" >>> >>> >>> >>> datacenter_name="{{ datacenter_name }}" >>> >>> >>> >>> state=present >>> >>> >>> >>> -- >>> >>> You received this message because you are subscribed to the Google >>> Groups >>> >>> "Ansible Project" group. >>> >>> To unsubscribe from this group and stop receiving emails from it, >>> send an >>> >>> email to [email protected]. >>> >>> To post to this group, send email to [email protected]. >>> >>> To view this discussion on the web visit >>> >>> >>> https://groups.google.com/d/msgid/ansible-project/e3090414-fe2a-47e6-b8dd-77be4a19285e%40googlegroups.com. >>> >>> >>> >>> For more options, visit https://groups.google.com/d/optout. >>> > >>> > -- >>> > You received this message because you are subscribed to the Google >>> Groups >>> > "Ansible Project" group. >>> > To unsubscribe from this group and stop receiving emails from it, send >>> an >>> > email to [email protected]. >>> > To post to this group, send email to [email protected]. >>> > To view this discussion on the web visit >>> > >>> https://groups.google.com/d/msgid/ansible-project/2d8a7b53-e845-4e81-9ac5-cae386b64b1e%40googlegroups.com. >>> >>> >>> > >>> > For more options, visit https://groups.google.com/d/optout. >>> >>> >>> >>> -- >>> Brian Coca >>> >> -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/652a6fd9-e286-48a6-bca8-85fa957dc746%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
