#4703 Again ssl problem on lockbox
Closed: Fixed None Opened 9 years ago by msuchy.

sudo rbac-playbook groups/copr-backend-newcloud.yml
...
TASK: [shell nova --os-cacert="{{ files }}/fedora-cloud/fed-cloud09.pem" --os-auth-url="{{os_auth_url}}" --os-username="admin" --os-password="{{ADMIN_PASS}}" --os-tenant-name={{inventory_tenant}} volume-list | grep ' {{item.volume_id}} ' | grep 'available' && echo nova --insecure --os-auth-url="{{os_auth_url}}" --os-username="admin" --os-password="{{ADMIN_PASS}}" --os-tenant-name={{inventory_tenant}} volume-attach "{{inventory_instance_name}}" "{{item.volume_id}}" "{{item.device}}"] ***
[...SNIPPED for security reason ...]
stderr: ERROR: [Errno 185090050] _ssl.c:344: error:0B084002:x509 certificate routines:X509_load_cert_crl_file:system lib

FATAL: all hosts have already failed -- aborting

when I try to execute the same command on lockbox under my own user, it runs without problem.

I tried to pass --insecure, --os-cacert... but nothing works.
Under my own user on lockbox it works even without --insecure or --os-ccert.
So there must be some issue in rbac or running this command under root identity.

Can someone please investigate it?
Feel free to run that playback as many times you want (or even modify it).


This is not a problem on lockbox, the playbook has: "hosts: 209.132.184.53".

This means that the play gets started on that remote server, and this error is saying that /srv/web/infra/ansible/files/fedora-cloud/fed-cloud09.pem doesn't exist there.

Login to comment on this ticket.

Metadata