AWX cli problem

Get Help
1

Hi all,
I have some problems with awxkit after some changes in the k8s configuration (SSL has been added). Previously it was working fine, but now it’s not.

awx --conf.host https://my-domain.com --conf.username user–conf.password pass --conf.insecure export

I am getting the following error:

This endpoint raised an error: /api/v2/users/
This endpoint raised an error: /api/v2/organizations/
This endpoint raised an error: /api/v2/teams/
This endpoint raised an error: /api/v2/credential_types/
This endpoint raised an error: /api/v2/credentials/
This endpoint raised an error: /api/v2/notification_templates/
This endpoint raised an error: /api/v2/projects/
This endpoint raised an error: /api/v2/inventories/
This endpoint raised an error: /api/v2/inventory_sources/
This endpoint raised an error: /api/v2/job_templates/
This endpoint raised an error: /api/v2/workflow_job_templates/
This endpoint raised an error: /api/v2/execution_environments/
This endpoint raised an error: /api/v2/applications/
This endpoint raised an error: /api/v2/schedules/
{
     "users": null,
     "organizations": null,
     "teams": null,
     "credential_types": null,
     "credentials": null,
     "notification_templates": null,
     "projects": null,
     "inventory": null,
     "inventory_sources": null,
     "job_templates": null,
     "workflow_job_templates": null,
     "execution_environments": null,
     "applications": null,
     "schedules": null
}

Without ‘conf.insecure’:

Could not establish a secure connection.
Please add your server to your certificate authority.
You can also run this command by specifying -k or --conf.insecure

HTTPSConnectionPool(host='my-domain', port=443): Max retries exceeded with url: /api/ (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1131)')))

I have also testing the environment (without access over https) where the mentioned commands work fine.

awxkit version - 23.2.0

Any ideas?

2

Hello @dawid.grygrzc welcome to the Community!

just a quick thought…

HTTPSConnectionPool(host='my-domain', port=443): Max retries exceeded with url: /api/ (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1131)')))

I did hit this error a few times in a totally random manner, and I tell you that I got mad trying to workaround these… The last time I saw it, the problem was caused by an intermediate layer 7 firewall (zscaler). Can you double-check that there are no firewalls messing around in between your ansible node and AWX before investigating further?

1 Like
3

Thanks @jbericat for your respond.
Unfortunately, firewall has been stopped previously.

4

Hello @dawid.grygrzc,

Welcome!! Congratulations on your first post!

We are happy to give you some additional information. There is an environment variable that you can set that sets which cert to look for and use.

export REQUESTS_CA_BUNDLE=/path/to/your/certificate.pem
python script.py

Please let us know if this helps resolve the issue for you!

3 Likes
5

Thanks @djyasin for your sugesstion, but I solved it in another way.

For me below steps works fine:

  1. Login via - awx login --conf.host https://my-domain/ --conf.username $USER --conf.password $PASSWORD --conf.insecure
  2. Export token generated by upper command (export TOWER_OAUTH_TOKEN=$TOKEN)
  3. awx --conf.token $TOKEN_GENERATED_PREVIOUSLY --conf.username $USER --conf.insecure
1 Like
6

Hi @dawid.grygrzc glad to see you have found the fix for that issue.

Can you mark this topic as resolved :heart: thanks!

7

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.