subject:"\[ansible\-project\] Re\: SSL\/Certificate errors when running playbooks against Azure"

[ansible-project] Re: SSL/Certificate errors when running playbooks against Azure

2018-08-25 Thread Stephane Emilien

Hi,
The OP most likely has an issue on his cacert (somekind of repository used 
for certificate validation)

Could you run the following command on the machine which is executing the 
code(in the OP case: 192.168.0.177) and send us the output
 curl -IvL https://login.microsoftonline.com


If your ansible version is >= 2.5, you can use the parameter ( 
cert_validation_mode: ignore ) to skip the error but this impend some 
security risk as it won't check for the certificate validity.

- SDE

On Wednesday, August 22, 2018 at 10:53:41 AM UTC+4, Mahaboob Basha wrote:
>
> Hi, I am getting the same exception now. Can you please help me, how you 
> have fixed this issue. 
>
> On Tuesday, 12 December 2017 13:03:40 UTC-8, JOS wrote:
>>
>> Hello,
>>
>> So I have an Azure free trial subscription and am trying to deploy VMs 
>> for it through ansible.  For reference, I mostly followed this guide: 
>> https://github.com/erjosito/ansible-azure-lab
>>
>> I am unable to execute any playbook task at all, even something as simple 
>> as merely creating a resource group with a network.  Here is the error I 
>> always get:
>>
>> fatal: [192.168.0.177]: FAILED! => {"changed": false, "failed": true, 
>> "module_stderr": "From cffi callback > 0x318b9b0>:\nTraceback (most recent call last):\n  File 
>> \"/usr/lib/python2.7/site-packages/OpenSSL/SSL.py\", line 313, in 
>> wrapper\n_lib.X509_up_ref(x509)\nAttributeError: 'module' object has no 
>> attribute 'X509_up_ref'\nTraceback (most recent call last):\n  File 
>> \"/tmp/ansible_uaTUwO/ansible_module_azure_rm_virtualnetwork.py\", line 
>> 354, in \nmain()\n  File 
>> \"/tmp/ansible_uaTUwO/ansible_module_azure_rm_virtualnetwork.py\", line 
>> 351, in main\nAzureRMVirtualNetwork()\n  File 
>> \"/tmp/ansible_uaTUwO/ansible_module_azure_rm_virtualnetwork.py\", line 
>> 206, in __init__\nsupports_check_mode=True)\n  File 
>> \"/tmp/ansible_uaTUwO/ansible_modlib.zip/ansible/module_utils/azure_rm_common.py\",
>>  
>> line 235, in __init__\n  File 
>> \"/usr/lib/python2.7/site-packages/msrestazure/azure_active_directory.py\", 
>> line 440, in __init__\nself.set_token()\n  File 
>> \"/usr/lib/python2.7/site-packages/msrestazure/azure_active_directory.py\", 
>> line 473, in set_token\nraise_with_traceback(AuthenticationError, \"\", 
>> err)\n  File \"/usr/lib/python2.7/site-packages/msrest/exceptions.py\", 
>> line 48, in raise_with_traceback\nraise 
>> error\nmsrest.exceptions.AuthenticationError: , SSLError: 
>> HTTPSConnectionPool(host='login.microsoftonline.com', port=443): Max 
>> retries exceeded with url: /*b4f64759-blah-blah*/oauth2/token (Caused by 
>> SSLError(SSLError(\"bad handshake: Error([('SSL routines', 
>> 'ssl3_get_server_certificate', 'certificate verify failed')],)\",),))\n", 
>> "module_stdout": "", "msg": "MODULE FAILURE", "rc": 0}
>>
>>
>> I am able to connect to azure via the azure CLI create VMs and such 
>> through a bash script, but I need to get this working with ansible.
>>
>>
>> My credentials file
>>
>> subscription_id=5eff-blah-blah
>> client_id=83e09b01-blah-blah
>> secret=passwordblahblah
>> tenant=b4f64759-blah-blah
>>
>>
>>
>> Sample yml
>>
>> - name: whatever
>>   hosts: localhost
>>   connection: local
>>
>>   tasks:
>>   - name: Create virtual network
>> azure_rm_virtualnetwork:
>>   resource_group: myResourceGroup
>>   name: myVnet
>>   address_prefixes: "10.10.0.0/16"
>>
>> I have even tried modifying my credentials file to include the azure AD 
>> username & password (yes, I know this is considered bad practice, but I got 
>> desperate) and it still fails with a certificate error:
>>
>> ad_user=du...@dummy.com
>> password=DummyLab
>> subscription_id=5eff-blah-blah
>>
>> fatal: [192.168.0.177]: FAILED! => {"changed": false, "failed": true, 
>> "module_stderr": "From cffi callback > 0x30f3938>:\nTraceback (most recent call last):\n  File 
>> \"/usr/lib/python2.7/site-packages/OpenSSL/SSL.py\", line 313, in 
>> wrapper\n_lib.X509_up_ref(x509)\nAttributeError: 'module' object has no 
>> attribute 'X509_up_ref'\nTraceback (most recent call last):\n  File 
>> \"/tmp/ansible_B6bKF3/ansible_module_azure_rm_virtualnetwork.py\", line 
>> 354, in \nmain()\n  File 
>> \"/tmp/ansible_B6bKF3/ansible_module_azure_rm_virtualnetwork.py\", line 
>> 351, in main\nAzureRMVirtualNetwork()\n  File 
>> \"/tmp/ansible_B6bKF3/ansible_module_azure_rm_virtualnetwork.py\", line 
>> 206, in __init__\nsupports_check_mode=True)\n  File 
>> \"/tmp/ansible_B6bKF3/ansible_modlib.zip/ansible/module_utils/azure_rm_common.py\",
>>  
>> line 245, in __init__\n  File 
>> \"/usr/lib/python2.7/site-packages/msrestazure/azure_active_directory.py\", 
>> line 367, in __init__\nself.set_token()\n  File 
>> \"/usr/lib/python2.7/site-packages/msrestazure/azure_active_directory.py\", 
>> line 404, in set_token\nraise_with_traceback(AuthenticationError, \"\", 
>> err)\n  File

[ansible-project] Re: SSL/Certificate errors when running playbooks against Azure

2018-08-22 Thread Mahaboob Basha

Hi, I am getting the same exception now. Can you please help me, how you 
have fixed this issue. 

On Tuesday, 12 December 2017 13:03:40 UTC-8, JOS wrote:
>
> Hello,
>
> So I have an Azure free trial subscription and am trying to deploy VMs for 
> it through ansible.  For reference, I mostly followed this guide: 
> https://github.com/erjosito/ansible-azure-lab
>
> I am unable to execute any playbook task at all, even something as simple 
> as merely creating a resource group with a network.  Here is the error I 
> always get:
>
> fatal: [192.168.0.177]: FAILED! => {"changed": false, "failed": true, 
> "module_stderr": "From cffi callback  0x318b9b0>:\nTraceback (most recent call last):\n  File 
> \"/usr/lib/python2.7/site-packages/OpenSSL/SSL.py\", line 313, in 
> wrapper\n_lib.X509_up_ref(x509)\nAttributeError: 'module' object has no 
> attribute 'X509_up_ref'\nTraceback (most recent call last):\n  File 
> \"/tmp/ansible_uaTUwO/ansible_module_azure_rm_virtualnetwork.py\", line 
> 354, in \nmain()\n  File 
> \"/tmp/ansible_uaTUwO/ansible_module_azure_rm_virtualnetwork.py\", line 
> 351, in main\nAzureRMVirtualNetwork()\n  File 
> \"/tmp/ansible_uaTUwO/ansible_module_azure_rm_virtualnetwork.py\", line 
> 206, in __init__\nsupports_check_mode=True)\n  File 
> \"/tmp/ansible_uaTUwO/ansible_modlib.zip/ansible/module_utils/azure_rm_common.py\",
>  
> line 235, in __init__\n  File 
> \"/usr/lib/python2.7/site-packages/msrestazure/azure_active_directory.py\", 
> line 440, in __init__\nself.set_token()\n  File 
> \"/usr/lib/python2.7/site-packages/msrestazure/azure_active_directory.py\", 
> line 473, in set_token\nraise_with_traceback(AuthenticationError, \"\", 
> err)\n  File \"/usr/lib/python2.7/site-packages/msrest/exceptions.py\", 
> line 48, in raise_with_traceback\nraise 
> error\nmsrest.exceptions.AuthenticationError: , SSLError: 
> HTTPSConnectionPool(host='login.microsoftonline.com', port=443): Max 
> retries exceeded with url: /*b4f64759-blah-blah*/oauth2/token (Caused by 
> SSLError(SSLError(\"bad handshake: Error([('SSL routines', 
> 'ssl3_get_server_certificate', 'certificate verify failed')],)\",),))\n", 
> "module_stdout": "", "msg": "MODULE FAILURE", "rc": 0}
>
>
> I am able to connect to azure via the azure CLI create VMs and such 
> through a bash script, but I need to get this working with ansible.
>
>
> My credentials file
>
> subscription_id=5eff-blah-blah
> client_id=83e09b01-blah-blah
> secret=passwordblahblah
> tenant=b4f64759-blah-blah
>
>
>
> Sample yml
>
> - name: whatever
>   hosts: localhost
>   connection: local
>
>   tasks:
>   - name: Create virtual network
> azure_rm_virtualnetwork:
>   resource_group: myResourceGroup
>   name: myVnet
>   address_prefixes: "10.10.0.0/16"
>
> I have even tried modifying my credentials file to include the azure AD 
> username & password (yes, I know this is considered bad practice, but I got 
> desperate) and it still fails with a certificate error:
>
> ad_user=du...@dummy.com 
> password=DummyLab
> subscription_id=5eff-blah-blah
>
> fatal: [192.168.0.177]: FAILED! => {"changed": false, "failed": true, 
> "module_stderr": "From cffi callback  0x30f3938>:\nTraceback (most recent call last):\n  File 
> \"/usr/lib/python2.7/site-packages/OpenSSL/SSL.py\", line 313, in 
> wrapper\n_lib.X509_up_ref(x509)\nAttributeError: 'module' object has no 
> attribute 'X509_up_ref'\nTraceback (most recent call last):\n  File 
> \"/tmp/ansible_B6bKF3/ansible_module_azure_rm_virtualnetwork.py\", line 
> 354, in \nmain()\n  File 
> \"/tmp/ansible_B6bKF3/ansible_module_azure_rm_virtualnetwork.py\", line 
> 351, in main\nAzureRMVirtualNetwork()\n  File 
> \"/tmp/ansible_B6bKF3/ansible_module_azure_rm_virtualnetwork.py\", line 
> 206, in __init__\nsupports_check_mode=True)\n  File 
> \"/tmp/ansible_B6bKF3/ansible_modlib.zip/ansible/module_utils/azure_rm_common.py\",
>  
> line 245, in __init__\n  File 
> \"/usr/lib/python2.7/site-packages/msrestazure/azure_active_directory.py\", 
> line 367, in __init__\nself.set_token()\n  File 
> \"/usr/lib/python2.7/site-packages/msrestazure/azure_active_directory.py\", 
> line 404, in set_token\nraise_with_traceback(AuthenticationError, \"\", 
> err)\n  File \"/usr/lib/python2.7/site-packages/msrest/exceptions.py\", 
> line 48, in raise_with_traceback\nraise 
> error\nmsrest.exceptions.AuthenticationError: , SSLError: 
> HTTPSConnectionPool(host='login.microsoftonline.com', port=443): Max 
> retries exceeded with url: /common/oauth2/token (Caused by 
> SSLError(SSLError(\"bad handshake: Error([('SSL routines', 
> 'ssl3_get_server_certificate', 'certificate verify failed')],)\",),))\n", 
> "module_stdout": "", "msg": "MODULE FAILURE", "rc": 0}
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to

[ansible-project] Re: SSL/Certificate errors when running playbooks against Azure

2018-01-23 Thread david diez

Hi Jos,
Could you please specify what version of python and what components were 
outdated? I seem to be running into the same problem 

On Monday, December 18, 2017 at 2:15:58 PM UTC-5, JOS wrote:
>
> For anyone else that runs into this, it  looks like I had several 
> different versions of python and out dated components, I reinstalled 
> everything from scratch and no longer have this issue.
>
> On Tuesday, December 12, 2017 at 2:03:40 PM UTC-7, JOS wrote:
>>
>> Hello,
>>
>> So I have an Azure free trial subscription and am trying to deploy VMs 
>> for it through ansible.  For reference, I mostly followed this guide: 
>> https://github.com/erjosito/ansible-azure-lab
>>
>> I am unable to execute any playbook task at all, even something as simple 
>> as merely creating a resource group with a network.  Here is the error I 
>> always get:
>>
>> fatal: [192.168.0.177]: FAILED! => {"changed": false, "failed": true, 
>> "module_stderr": "From cffi callback > 0x318b9b0>:\nTraceback (most recent call last):\n  File 
>> \"/usr/lib/python2.7/site-packages/OpenSSL/SSL.py\", line 313, in 
>> wrapper\n_lib.X509_up_ref(x509)\nAttributeError: 'module' object has no 
>> attribute 'X509_up_ref'\nTraceback (most recent call last):\n  File 
>> \"/tmp/ansible_uaTUwO/ansible_module_azure_rm_virtualnetwork.py\", line 
>> 354, in \nmain()\n  File 
>> \"/tmp/ansible_uaTUwO/ansible_module_azure_rm_virtualnetwork.py\", line 
>> 351, in main\nAzureRMVirtualNetwork()\n  File 
>> \"/tmp/ansible_uaTUwO/ansible_module_azure_rm_virtualnetwork.py\", line 
>> 206, in __init__\nsupports_check_mode=True)\n  File 
>> \"/tmp/ansible_uaTUwO/ansible_modlib.zip/ansible/module_utils/azure_rm_common.py\",
>>  
>> line 235, in __init__\n  File 
>> \"/usr/lib/python2.7/site-packages/msrestazure/azure_active_directory.py\", 
>> line 440, in __init__\nself.set_token()\n  File 
>> \"/usr/lib/python2.7/site-packages/msrestazure/azure_active_directory.py\", 
>> line 473, in set_token\nraise_with_traceback(AuthenticationError, \"\", 
>> err)\n  File \"/usr/lib/python2.7/site-packages/msrest/exceptions.py\", 
>> line 48, in raise_with_traceback\nraise 
>> error\nmsrest.exceptions.AuthenticationError: , SSLError: 
>> HTTPSConnectionPool(host='login.microsoftonline.com', port=443): Max 
>> retries exceeded with url: /*b4f64759-blah-blah*/oauth2/token (Caused by 
>> SSLError(SSLError(\"bad handshake: Error([('SSL routines', 
>> 'ssl3_get_server_certificate', 'certificate verify failed')],)\",),))\n", 
>> "module_stdout": "", "msg": "MODULE FAILURE", "rc": 0}
>>
>>
>> I am able to connect to azure via the azure CLI create VMs and such 
>> through a bash script, but I need to get this working with ansible.
>>
>>
>> My credentials file
>>
>> subscription_id=5eff-blah-blah
>> client_id=83e09b01-blah-blah
>> secret=passwordblahblah
>> tenant=b4f64759-blah-blah
>>
>>
>>
>> Sample yml
>>
>> - name: whatever
>>   hosts: localhost
>>   connection: local
>>
>>   tasks:
>>   - name: Create virtual network
>> azure_rm_virtualnetwork:
>>   resource_group: myResourceGroup
>>   name: myVnet
>>   address_prefixes: "10.10.0.0/16"
>>
>> I have even tried modifying my credentials file to include the azure AD 
>> username & password (yes, I know this is considered bad practice, but I got 
>> desperate) and it still fails with a certificate error:
>>
>> ad_user=du...@dummy.com 
>> password=DummyLab
>> subscription_id=5eff-blah-blah
>>
>> fatal: [192.168.0.177]: FAILED! => {"changed": false, "failed": true, 
>> "module_stderr": "From cffi callback > 0x30f3938>:\nTraceback (most recent call last):\n  File 
>> \"/usr/lib/python2.7/site-packages/OpenSSL/SSL.py\", line 313, in 
>> wrapper\n_lib.X509_up_ref(x509)\nAttributeError: 'module' object has no 
>> attribute 'X509_up_ref'\nTraceback (most recent call last):\n  File 
>> \"/tmp/ansible_B6bKF3/ansible_module_azure_rm_virtualnetwork.py\", line 
>> 354, in \nmain()\n  File 
>> \"/tmp/ansible_B6bKF3/ansible_module_azure_rm_virtualnetwork.py\", line 
>> 351, in main\nAzureRMVirtualNetwork()\n  File 
>> \"/tmp/ansible_B6bKF3/ansible_module_azure_rm_virtualnetwork.py\", line 
>> 206, in __init__\nsupports_check_mode=True)\n  File 
>> \"/tmp/ansible_B6bKF3/ansible_modlib.zip/ansible/module_utils/azure_rm_common.py\",
>>  
>> line 245, in __init__\n  File 
>> \"/usr/lib/python2.7/site-packages/msrestazure/azure_active_directory.py\", 
>> line 367, in __init__\nself.set_token()\n  File 
>> \"/usr/lib/python2.7/site-packages/msrestazure/azure_active_directory.py\", 
>> line 404, in set_token\nraise_with_traceback(AuthenticationError, \"\", 
>> err)\n  File \"/usr/lib/python2.7/site-packages/msrest/exceptions.py\", 
>> line 48, in raise_with_traceback\nraise 
>> error\nmsrest.exceptions.AuthenticationError: , SSLError: 
>> HTTPSConnectionPool(host='login.microsoftonline.com', port=443): Max 
>> retries exceeded with url: /common/oauth2/token (Caused by 
>>

[ansible-project] Re: SSL/Certificate errors when running playbooks against Azure

2017-12-18 Thread JOS

For anyone else that runs into this, it  looks like I had several different 
versions of python and out dated components, I reinstalled everything from 
scratch and no longer have this issue.

On Tuesday, December 12, 2017 at 2:03:40 PM UTC-7, JOS wrote:
>
> Hello,
>
> So I have an Azure free trial subscription and am trying to deploy VMs for 
> it through ansible.  For reference, I mostly followed this guide: 
> https://github.com/erjosito/ansible-azure-lab
>
> I am unable to execute any playbook task at all, even something as simple 
> as merely creating a resource group with a network.  Here is the error I 
> always get:
>
> fatal: [192.168.0.177]: FAILED! => {"changed": false, "failed": true, 
> "module_stderr": "From cffi callback  0x318b9b0>:\nTraceback (most recent call last):\n  File 
> \"/usr/lib/python2.7/site-packages/OpenSSL/SSL.py\", line 313, in 
> wrapper\n_lib.X509_up_ref(x509)\nAttributeError: 'module' object has no 
> attribute 'X509_up_ref'\nTraceback (most recent call last):\n  File 
> \"/tmp/ansible_uaTUwO/ansible_module_azure_rm_virtualnetwork.py\", line 
> 354, in \nmain()\n  File 
> \"/tmp/ansible_uaTUwO/ansible_module_azure_rm_virtualnetwork.py\", line 
> 351, in main\nAzureRMVirtualNetwork()\n  File 
> \"/tmp/ansible_uaTUwO/ansible_module_azure_rm_virtualnetwork.py\", line 
> 206, in __init__\nsupports_check_mode=True)\n  File 
> \"/tmp/ansible_uaTUwO/ansible_modlib.zip/ansible/module_utils/azure_rm_common.py\",
>  
> line 235, in __init__\n  File 
> \"/usr/lib/python2.7/site-packages/msrestazure/azure_active_directory.py\", 
> line 440, in __init__\nself.set_token()\n  File 
> \"/usr/lib/python2.7/site-packages/msrestazure/azure_active_directory.py\", 
> line 473, in set_token\nraise_with_traceback(AuthenticationError, \"\", 
> err)\n  File \"/usr/lib/python2.7/site-packages/msrest/exceptions.py\", 
> line 48, in raise_with_traceback\nraise 
> error\nmsrest.exceptions.AuthenticationError: , SSLError: 
> HTTPSConnectionPool(host='login.microsoftonline.com', port=443): Max 
> retries exceeded with url: /*b4f64759-blah-blah*/oauth2/token (Caused by 
> SSLError(SSLError(\"bad handshake: Error([('SSL routines', 
> 'ssl3_get_server_certificate', 'certificate verify failed')],)\",),))\n", 
> "module_stdout": "", "msg": "MODULE FAILURE", "rc": 0}
>
>
> I am able to connect to azure via the azure CLI create VMs and such 
> through a bash script, but I need to get this working with ansible.
>
>
> My credentials file
>
> subscription_id=5eff-blah-blah
> client_id=83e09b01-blah-blah
> secret=passwordblahblah
> tenant=b4f64759-blah-blah
>
>
>
> Sample yml
>
> - name: whatever
>   hosts: localhost
>   connection: local
>
>   tasks:
>   - name: Create virtual network
> azure_rm_virtualnetwork:
>   resource_group: myResourceGroup
>   name: myVnet
>   address_prefixes: "10.10.0.0/16"
>
> I have even tried modifying my credentials file to include the azure AD 
> username & password (yes, I know this is considered bad practice, but I got 
> desperate) and it still fails with a certificate error:
>
> ad_user=du...@dummy.com
> password=DummyLab
> subscription_id=5eff-blah-blah
>
> fatal: [192.168.0.177]: FAILED! => {"changed": false, "failed": true, 
> "module_stderr": "From cffi callback  0x30f3938>:\nTraceback (most recent call last):\n  File 
> \"/usr/lib/python2.7/site-packages/OpenSSL/SSL.py\", line 313, in 
> wrapper\n_lib.X509_up_ref(x509)\nAttributeError: 'module' object has no 
> attribute 'X509_up_ref'\nTraceback (most recent call last):\n  File 
> \"/tmp/ansible_B6bKF3/ansible_module_azure_rm_virtualnetwork.py\", line 
> 354, in \nmain()\n  File 
> \"/tmp/ansible_B6bKF3/ansible_module_azure_rm_virtualnetwork.py\", line 
> 351, in main\nAzureRMVirtualNetwork()\n  File 
> \"/tmp/ansible_B6bKF3/ansible_module_azure_rm_virtualnetwork.py\", line 
> 206, in __init__\nsupports_check_mode=True)\n  File 
> \"/tmp/ansible_B6bKF3/ansible_modlib.zip/ansible/module_utils/azure_rm_common.py\",
>  
> line 245, in __init__\n  File 
> \"/usr/lib/python2.7/site-packages/msrestazure/azure_active_directory.py\", 
> line 367, in __init__\nself.set_token()\n  File 
> \"/usr/lib/python2.7/site-packages/msrestazure/azure_active_directory.py\", 
> line 404, in set_token\nraise_with_traceback(AuthenticationError, \"\", 
> err)\n  File \"/usr/lib/python2.7/site-packages/msrest/exceptions.py\", 
> line 48, in raise_with_traceback\nraise 
> error\nmsrest.exceptions.AuthenticationError: , SSLError: 
> HTTPSConnectionPool(host='login.microsoftonline.com', port=443): Max 
> retries exceeded with url: /common/oauth2/token (Caused by 
> SSLError(SSLError(\"bad handshake: Error([('SSL routines', 
> 'ssl3_get_server_certificate', 'certificate verify failed')],)\",),))\n", 
> "module_stdout": "", "msg": "MODULE FAILURE", "rc": 0}
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe

[ansible-project] Re: SSL/Certificate errors when running playbooks against Azure

[ansible-project] Re: SSL/Certificate errors when running playbooks against Azure

[ansible-project] Re: SSL/Certificate errors when running playbooks against Azure

[ansible-project] Re: SSL/Certificate errors when running playbooks against Azure

4 matches

Site Navigation

Mail list logo

Footer information