Hi, I'm running Tower 3.8.2 and Ansible 2.9.18 on RHEL 8 VM. Along side of GitLab 13.10.2 on another VM.
Both instances have a Hashicorp Vault hosted CA and cert applied (GitLab, has a nginx reverse proxy in front of it which is SSL terminated). However, when adding a new project and add in the git repo where the role is defined (pointing to the local gitlab instance, I run into SSL cert issues. *"cmd": "/usr/bin/git clone --origin origin https://gitlab.basement.lab/ansible/update-and-reboot.git /var/lib/awx/projects/_14__update_and_reboot",* results in: *'https://gitlab.basement.lab/ansible/update-and-reboot.git/': SSL certificate problem: unable to get local issuer certificate\n"* I have added my ca_chain.pem to /etc/pki/ca-trust/source/anchors/ and ran the update-ca-trust ... the ca_chain.pem does show in /etc/pki/ca-trust/extracted/openssl. Is there another step or place where I need to include the CA chain to get git accept the certification WITHOUT having to turn off SSL verification? If I need to turn off SSL I rather do it as a last resort. Thanks. -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/25cd0c8c-2096-4f80-998d-f00e52e032c3n%40googlegroups.com.
