Hi,
I try to create an playbook look like to this command:
Can you post the output of:
echo foo | openssl s_client -showcerts -servername 172.17.0.1 -connect 172.17.0.1:8200
Hello,
bash-5.1# echo foo | openssl s_client -showcerts -servername 172.17.0.1 -connect 172.17.0.1:8200
CONNECTED(00000003)
depth=0 CN = *.dc1.vault
verify error:num=20:unable to get local issuer certificate
verify return:1
depth=0 CN = *.dc1.vault
verify error:num=21:unable to verify the first certificate
verify return:1
depth=0 CN = *.dc1.vault
verify return:1
I’m thinking that the SSL verification error could be caused by ansible not having access to the CA certificate, perhaps the path inside your container is different from the path outside the container? I would check that.
Once you disable verification, you can reach the API, and that “error 207” looks like it is the HTTP response from the API.
What that exactly means depends on the API that you’re calling.
I would check the logs of the system at 172.17.0.1 that implements the API and see what that says.
Dick
Hi,
I found solution.
Too old docker image I built (10 months…).
I updated all components .
Sorry I wirite wrong code I previous message. it wasn’t 207, but 307.
My working dockerfile:
FROM python:alpine3.17
RUN echo ‘http://dl-cdn.alpinelinux.org/alpine/edge/testing’ >> /etc/apk/repositories
RUN apk add --update alpine-sdk
RUN apk add --update --no-cache bash mariadb-client tar restic rclone ca-certificates fuse tzdata shellinabox msmtp mongodb-tools openssl curl vim python3-dev libc-dev gcc libffi-dev
RUN pip3 install --no-cache-dir PyMySQL ansible python-consul python-nomad hvac pyopenssl
RUN ansible-galaxy collection install community.general
Thanks for your help Dick!