Hi,
I'm having a similar issue to you guys when attempting to use the Windows
2016 CIS Benchmark Level 1 AMI. I get the following error message when
using the "windows-restart" provisioner:
Communication connection err: http response error: 401 - invalid content
type
Which then eventually times out in Packer. Interestingly enough, I get
this same message when Packer first connects to the instance but then after
a retry it succeeds.
Do you guys have any insight or fixes that you've discovered on this?
Thanks!,
Richard
On Tuesday, July 24, 2018 at 7:06:40 PM UTC-4, John Roh wrote:
>
> Omg, my situation is now resolved after a few days of struggling without
> knowing what the root cause was.
>
> Thanks,
>
> John.
>
> On Sunday, July 22, 2018 at 9:24:42 PM UTC-7, John Roh wrote:
>>
>> Hi Sumit or Richard,
>>
>> Thanks for started the topic and this is so much frustration on my end
>> that the script worked about 1 month using packer v1.2.3. However, it's
>> failing with the same error message, inRM connection err: http response
>> error: 401 - invalid content type.
>>
>> I did followed how Serge suggested at the other forum and what Summit
>> suggested. I see that my packer box created the self signed cert based on
>> the aws ec2 private ip addresses.
>>
>> I confirmed the Test out the WINRM port 5986 as below.
>>
>> Test-netconnection << private IP address >> -port 5986
>>
>>
>> ComputerName : 10.129.xxx.xxx
>> RemoteAddress : 10.129.xxx.xxx
>> RemotePort : 5986
>> InterfaceAlias :
>> SourceAddress :
>> TcpTestSucceeded : True
>>
>> Or ran the below script to check
>>
>> > $ipAddress = '10.129.xxx.xxx'
>> $password = 'xxxxxxx'
>>
>> $splatParams = @{
>> ComputerName = $ipAddress
>> Authentication = 'Negotiate'
>> UseSSL = $true
>> Port = 5986
>> SessionOption = (New-PSSessionOption -SkipCACheck -SkipCNCheck)
>> Credential = [PSCredential]::new(
>> 'Administrator',
>> (ConvertTo-SecureString -String $password -AsPlainText -Force)
>> )
>> ScriptBlock = {$env:COMPUTERNAME}
>> }
>>
>> Invoke-Command @splatParams
>>
>> which returns the packer box machine hostname correctly.
>>
>> I'm still not able to resolve this issue though....is there anything you
>> can think of? Packer version I'm currently using is v1.2.3 and v1.2.5 and
>> both didn't work.
>>
>> Also, I have check netstat -an 2 | findstr 5986 that the connection is
>> established and the Administrator user got created from the user data.
>>
>> As I am writing this message, it built fine but, in my second attempt,
>> I'm back to 401, http response error: 401 - invalid content type, error
>> again.
>>
>> John.
>>
>>
>> On Sun, Jul 22, 2018 at 1:54 PM, Sumit Agarwal <[email protected]
>> <javascript:>> wrote:
>>
>>> Thanks Richard for pointing me back to the thread, I posted a new one as
>>> the title was 2012.
>>> In the end the changes I need to make in the userdata were mentioned on
>>> the github ticket and I needed to include the steps for starting the https
>>> listener.
>>>
>>> Extra entries in addition to userdata that works for chef test kitchen
>>>
>>> Set-ItemProperty -Path 'HKLM:\SYSTEM\CurrentControlSet\Control\Lsa' -
>>> Name 'LmCompatibilityLevel' -Value 2 -Type DWord -Force
>>> Set-ItemProperty -Path
>>> 'HKLM:\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0' -Name
>>> 'NTLMMinServerSec' -Value 536870912 -Type DWord -Force
>>> $c = New-SelfSignedCertificate -DnsName
>>> "$(((gip).IPv4Address).IPAddress)" -CertStoreLocation cert:\LocalMachine
>>> \My
>>> winrm create winrm/config/Listener?Address=*+Transport=HTTPS
>>> "@{Hostname=`"$(((gip).IPv4Address).IPAddress)
>>> `";CertificateThumbprint=`"$($c.ThumbPrint)`"}"
>>>
>>>
>>>
>>>
>>> On Sunday, July 22, 2018 at 8:00:46 AM UTC-4, Rickard von Essen wrote:
>>>>
>>>> There is a previous thread on a similar topic.
>>>> https://groups.google.com/d/msgid/packer-tool/04422e65-4c39-47bc-b9e0-f067f5c95e67%40googlegroups.com?utm_medium=email&utm_source=footer
>>>>
>>>> On Sun, Jul 22, 2018, 13:56 Sumit Agarwal <[email protected]> wrote:
>>>>
>>>>> I am getting the 401 Invalid Response connecting to a Windows 2016 CIS
>>>>> Hardened Image.
>>>>> I am providing a user_data for the bootup process that works with
>>>>> Chef's test kitchen and connects on HTTP with
>>>>> * Basic Auth - set to false
>>>>> * AllowUnencrypted - set to false
>>>>>
>>>>> I have even tried creating the https listeners using instructions
>>>>> provided on this page
>>>>> http://www.hurryupandwait.io/blog/understanding-and-troubleshooting-winrm-connection-and-authentication-a-thrill-seekers-guide-to-adventure
>>>>> $c = New-SelfSignedCertificate -DnsName "<IP or host name>"
>>>>> -CertStoreLocation cert:\LocalMachine\My
>>>>> winrm create winrm/config/Listener?Address=*+Transport=HTTPS
>>>>> "@{Hostname=`"<IP or host
>>>>> name>`";CertificateThumbprint=`"$($c.ThumbPrint)`"}"
>>>>>
>>>>> and I still get Invalid Response
>>>>>
>>>>> Snippet of packer json
>>>>>
>>>>> "communicator": "winrm",
>>>>> "winrm_username": "Administrator",
>>>>> "winrm_use_ntlm": true,
>>>>> "winrm_insecure": true,
>>>>> "winrm_use_ssl": true,
>>>>>
>>>>> Any help on how I can debug it will be greatly appreciated.
>>>>>
>>>>> --
>>>>> This mailing list is governed under the HashiCorp Community Guidelines
>>>>> - https://www.hashicorp.com/community-guidelines.html. Behavior in
>>>>> violation of those guidelines may result in your removal from this
>>>>> mailing
>>>>> list.
>>>>>
>>>>> GitHub Issues: https://github.com/mitchellh/packer/issues
>>>>> IRC: #packer-tool on Freenode
>>>>> ---
>>>>> You received this message because you are subscribed to the Google
>>>>> Groups "Packer" group.
>>>>> To unsubscribe from this group and stop receiving emails from it, send
>>>>> an email to [email protected].
>>>>> To view this discussion on the web visit
>>>>> https://groups.google.com/d/msgid/packer-tool/bb2174f6-1757-4db3-9225-a7cc80fe52c0%40googlegroups.com
>>>>>
>>>>> <https://groups.google.com/d/msgid/packer-tool/bb2174f6-1757-4db3-9225-a7cc80fe52c0%40googlegroups.com?utm_medium=email&utm_source=footer>
>>>>> .
>>>>> For more options, visit https://groups.google.com/d/optout.
>>>>>
>>>> --
>>> This mailing list is governed under the HashiCorp Community Guidelines -
>>> https://www.hashicorp.com/community-guidelines.html. Behavior in
>>> violation of those guidelines may result in your removal from this mailing
>>> list.
>>>
>>> GitHub Issues: https://github.com/mitchellh/packer/issues
>>> IRC: #packer-tool on Freenode
>>> ---
>>> You received this message because you are subscribed to the Google
>>> Groups "Packer" group.
>>> To unsubscribe from this group and stop receiving emails from it, send
>>> an email to [email protected] <javascript:>.
>>> To view this discussion on the web visit
>>> https://groups.google.com/d/msgid/packer-tool/075a2325-dd65-40e6-ad04-789c53eb2b7a%40googlegroups.com
>>>
>>> <https://groups.google.com/d/msgid/packer-tool/075a2325-dd65-40e6-ad04-789c53eb2b7a%40googlegroups.com?utm_medium=email&utm_source=footer>
>>> .
>>>
>>> For more options, visit https://groups.google.com/d/optout.
>>>
>>
>>
--
This mailing list is governed under the HashiCorp Community Guidelines -
https://www.hashicorp.com/community-guidelines.html. Behavior in violation of
those guidelines may result in your removal from this mailing list.
GitHub Issues: https://github.com/mitchellh/packer/issues
IRC: #packer-tool on Freenode
---
You received this message because you are subscribed to the Google Groups
"Packer" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/packer-tool/09979918-bb23-4999-8c9a-0065ae7ecc41%40googlegroups.com.
