Skip to content
This repository has been archived by the owner on Feb 13, 2023. It is now read-only.

installed_extras npm "Failed to validate the SSL certificate for deb.nodesource.com:443" #896

Closed
fluxsauce opened this issue Sep 9, 2016 · 3 comments

Comments

@fluxsauce
Copy link

#844 was closed citing Drupal Console, but the issue is still occurring and isn't related to Drupal Console.

If you add npm to installed_extras using ansible_local on 3.2.1 with geerlingguy/ubuntu1404, you get the following error:

TASK [geerlingguy.nodejs : Add Nodesource apt key.] **************************** fatal: [nyu-wagner.local]: FAILED! => {"changed": false, "failed": true, "msg": "Failed to validate the SSL certificate for deb.nodesource.com:443. Make sure your managed systems have a valid CA certificate installed. If the website serving the url uses SNI you need python >= 2.7.9 on your managed machine or you can install theurllib3,pyopenssl,ndg-httpsclient, andpyasn1python modules to perform SNI verification in python >= 2.6. You can use validate_certs=False if you do not need to confirm the servers identity but this is unsafe and not recommended. Paths checked for this platform: /etc/ssl/certs, /etc/pki/ca-trust/extracted/pem, /etc/pki/tls/certs, /usr/share/ca-certificates/cacert.org, /etc/ansible"}

Based on that error, the Python version and/or lack of python modules looks to be the culprit.

python --version
Python 2.7.6

python-urllib3 is already installed, python-pyasn1 and python-openssl aren't installed, but python-ndg-httpsclient doesn't look like it's available as a package in Ubuntu 14.04 LTS.

@levsoroka
Copy link

I am having same issue, I am running geerlingguy/ubuntu1204.

@geerlingguy
Copy link
Owner

Working on a fix in upstream role https://github.com/geerlingguy/ansible-role-nodejs — apparently Nodesource recently switched how they were hosting and delivering SSL using SNI, which broke the key distribution on older distros like CentOS 6 and Ubuntu 12.04.

@geerlingguy
Copy link
Owner

Ubuntu versions are fixed... I might mark the CentOS < 7 support as temporarily deprecated because I can't find a quick way to fix it. I'll tag a new upstream release. See for CentOS 6: geerlingguy/ansible-role-nodejs#46

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
Development

No branches or pull requests

3 participants