How to pass certificate via AWX credential

amvj · July 16, 2024, 10:53am

One of the user is trying to pass certificates via credential. For that he created credential type and credential in AWX. The credential contains ca_certificate, certificate, key etc.

However, the system is unable to identify the certificate upon execution.

Credential type:
fields:

id: ca_cert
type: string
label: CA Certificate
id: client_cert
type: string
label: Client Certificate
id: client_key
type: string
label: client Key

Injector config:
extra_vars:
ca_cert: ‘{{ ca_cert }}’
client_key: ‘{{ client_key }}’
client_cert: ‘{{ client_cert }}’

I have attached screenshot of the credential with this.

Error:
To see the full traceback, use -vvv. The error was: Exception: Task failed to complete. (failed; no start line: cadata does not contain a certificate (_ssl.c:4163))

23

fatal: [localhost]: FAILED! => {“changed”: false, “msg”: “Task failed to complete. (failed; no start line: cadata does not contain a certificate (_ssl.c:4163))”}

Please let me know whether any issue with this and how this can be resolved.

djyasin · July 17, 2024, 6:47pm

Hello @amvj,
Would you mind providing the specific credential type that you are using? We have quite a few different types and the configuration will vary based on that.

djyasin · July 17, 2024, 6:50pm

Would you mind also providing us with the version you are using as well, please? Thank you so much for your time!

tvo318 · July 17, 2024, 7:03pm

Also, have you tried to pass the CA certs the way it was described (syntax-wise) in the example from step 4 of Creating a New Custom Credential Type?

amvj · July 18, 2024, 5:16am

Hi
We are using a custom credential and the same has been provided above. I am repasting it once again:

Credential type:
fields:

id: ca_cert
type: string
label: CA Certificate
id: client_cert
type: string
label: Client Certificate
id: client_key
type: string
label: client Key

Injector config:
extra_vars:
ca_cert: ‘{{ ca_cert }}’
client_key: ‘{{ client_key }}’
client_cert: ‘{{ client_cert }}’

The AWX version is 24.2.0

amvj · July 18, 2024, 5:17am

Thanks for the link. This looks interesting. I will give a try.
If there are any known examples with this please let me know.

djyasin · July 24, 2024, 7:00pm

Please let us know if you were able to resolve this via the provided documentation. Thank you so much for your time!

amvj · August 7, 2024, 3:57am

Sorry for the late response. We are still looking into this.

For some reason I am not getting notified for the thread updates. Today I manually checked it seen your message.