How Do You Solve an Ansible Problem about an SSL Certificate Error?

Problem scenario
You run an Ansible playbook.  You receive an error about the SSL certificate not being valid.  What should you do to get the playbook to transfer a file from a website using SSL or TLS to a managed node?

Possible Solution #1
If the problem pertains to retrieving a file from a website URL, this may apply. If the problem is between the managed node and the website and not between the control node and the website, use the get_url module to download the file to the Ansible control server.  It can be easy to get one server (the control node) to have the SSL certificate. To learn how to bypass the managed node for bringing down the file from the website to the client (e.g., in situations where the control node has the SSL certificate), this posting has explicit directions for using the get_url module.
Once the file is brought down to the control node, the playbook could then use the copy module to transfer the file to the managed node.  There is an intermediate copy step, but this can save time if you have many managed nodes that need a big file.

Possible Solution #2
Modify the playbook and use "validate_certs: false" with the get_url module (underneath it and indented).

Possible Solution #3
Update the certificate on the managed node.

Leave a comment

Your email address will not be published.