Ansible installed from yum is unable to connect to windows while Ansible installed via source file is working fine from the same host

ishan_jain · September 1, 2016, 10:13am

I am making some centOS based docker containers to be used as Ansible host. Initially, i created a container and installed Ansible from source files. To connect to windows hosts, i installed some modules as and when required. (honestly, i am not sure what all modules i installed)

Now i created another similar docker container only that i installed Ansible and other things via yum, all latest versions. The scripts for linux hosts works fine but the scripts for windows which are working on same host (and same target windows machine) are not working in this new container. Below is the error i get for setup module.

Loaded callback minimal of type stdout, v2.0
<10.10.10.10> ESTABLISH WINRM CONNECTION FOR USER: test on PORT 5986 TO 10.10.10.10
<10.10.10.10> WINRM CONNECT: transport=ssl endpoint=https://10.10.10.10:5986/wsman
<10.10.10.10> WINRM CONNECTION ERROR: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:765)
Traceback (most recent call last):
File “/usr/lib/python2.7/site-packages/ansible/plugins/connection/winrm.py”, line 151, in _winrm_connect
self.shell_id = protocol.open_shell(codepage=65001) # UTF-8
File “/usr/lib/python2.7/site-packages/winrm/protocol.py”, line 132, in open_shell
res = self.send_message(xmltodict.unparse(req))
File “/usr/lib/python2.7/site-packages/winrm/protocol.py”, line 207, in send_message
return self.transport.send_message(message)
File “/usr/lib/python2.7/site-packages/winrm/transport.py”, line 173, in send_message
response = self.session.send(prepared_request, timeout=self.read_timeout_sec)
File “/usr/lib/python2.7/site-packages/requests/sessions.py”, line 596, in send
r = adapter.send(request, **kwargs)
File “/usr/lib/python2.7/site-packages/requests/adapters.py”, line 497, in send
raise SSLError(e, request=request)
SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:765)

windows1 | UNREACHABLE! => {
“changed”: false,
“msg”: “ssl: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:765)”,
“unreachable”: true
}

j.r.hawkesworth · September 1, 2016, 1:30pm

to get round that issue you need to set

ansible_winrm_server_cert_validation: ignore

In your inventory / group vars

its documented here:

http://docs.ansible.com/ansible/intro_windows.html#inventory

Hope this helps,

Jon

ishan_jain · September 2, 2016, 10:29am

Thanks, this works.

What i do not understand is why does it work ? Is this something that i will have to put in my inventory files always now ?

Topic		Replies	Views
Windows integration Ansible Project windows	6	0	August 14, 2015
establishing winrm connection failing Ansible Project windows	2	3	March 26, 2016
Ansible Windows Winrm Authentication or permission failure. Ansible Project windows	5	0	June 9, 2016
ping windows - ssl: the specified credentials were rejected by the serve Ansible Project windows	7	0	March 3, 2020
Failed to connect to a Windows server using Ansible Ansible Project windows	2	7	June 14, 2024

Ansible installed from yum is unable to connect to windows while Ansible installed via source file is working fine from the same host

Related topics