Reputation: 6038
Ansible, how to trust certificates?
Im using the following from svn module:
- subversion:
repo: https://subversion:80/repos/xt_tools/
dest: ~/.build/xt_tools
I am getting this error: "Server certificate verification failed: certificate issued for a different hostname, issuer is not trusted (https://subversion:80)"
As these are VMs (CentOS/7) i spin up as needed, this is a problem i will continually run into. Im thinking there must be a way to either automatically generate a certificate or auto accept when prompted.
Any ideas?
Upvotes: 2
Views: 3859
Answers (1)
Reputation: 33203
I would think it's either that you add those CA certs to the machine's trust store, or use the executable: option to point to a custom script that runs svn along with providing the --trust-server-cert-failures=unknown-ca,cn-mismatch,other or whatever is appropriate for your specific CA mismatch. You may even be able to get away with executable: /path/to/svn --trust-server-cert-failure=and-so-forth but that depends on the nuances of self.run_command so ... try it, I guess?
There seems to be some options that are available via a per-user config file, but given that the subversion documentation is all but abandoned, you'll have to read the source to discover whether trust-server-cert-failures is included in that config somewhere
Upvotes: 1
Related Questions
- Certificate Auth. : the specified credentials were rejected by the server
- Ansible: Create a Self-Signed SSL Certificate and Key
- Module apt_repository: Why is validate_certs not working?
- Copying SSL certificate with Ansible
- Copy the ssl certificate from a server to a host in ansible
- Install OpenSSL using Ansible playbook
- Make Ansible trust my custom CA on macOS and CentOS
- Generating a certificate chain in Ansible
- Ansible X509 certificate missing Subject Alternative Name
- Create an SSL key which signed by CA in CentOS