SSL Handshake Errors with vmware_deploy_ovf in Ansible – Other Modules Work Fine

capzulu · October 9, 2024, 2:23pm

Hey everyone,

I’ve been facing SSL handshake errors when trying to deploy an OVA to vSphere using the community.vmware.vmware_deploy_ovf module in Ansible. Oddly enough, other modules like vmware_vm_info work just fine, and I can retrieve VM information without any issues. However, when it comes to deploying the OVA, the playbook fails every time with an SSL error.

Here’s what I’ve tried so far:

Set validate_certs: false
Added the vCenter CA to the system trust store
Verified the SSL certificate manually using openssl s_client -connect <vcenter>, and it shows that the certificate is validated
Added the vCenter to the NO_PROXY environment variable to bypass the proxy

Despite all of this, I still get SSL handshake errors with vmware_deploy_ovf, even though other tasks are working as expected.

Has anyone experienced something similar or have any suggestions on how to resolve this?

Thanks in advance!

daemenseth · October 9, 2024, 5:53pm

I have the same issue.
See: Vmware deploy ovf Authenticity of the host's SSL certificate is not verified

mikemorency · October 10, 2024, 12:29pm

Can you post your task here? For the other user, they were trying to deploy an OVF/OVA from a URL. In that case, the file is downloaded directly to your vCenter and there is no option to skip certificate validation.

In that case, you must either update the vCenter cert store or download the file locally first and then deploy from your filesystem

daemenseth · October 10, 2024, 6:29pm

    - name: download ova, delegate to localhost (linux)
      get_url:
        url: "{{ ova_location }}"
        dest: /mnt/share/ova.ova
      delegate_to: localhost
      environment:
        ANSIBLE_LOCAL_TEMP: /mnt/share # Change this to your desired temp directory

    - name: install pyvomi
      pip:
        name: pyvmomi

    - name: deploy ova
      vmware_deploy_ovf:
        hostname: "{{ vcenter_hostname }}"
        username: "{{ vcenter_username }}"
        password: "{{ vcenter_password }}"
        datacenter: "{{ datacenter_name }}"
        datastore: "VMFS-01"
        networks: "{u'VM Network':u'{{ ProvisioningNetworkLabel }}'}"
        folder: "{{ folder }}"
        name: "{{ vm_hostname }}"
        validate_certs: false
        disk_provisioning: thin
        power_on: yes
        ovf: /mnt/share/ova.ova
        wait_for_ip_address: yes
      delegate_to: localhost
      register: deploy_ovf
      tags: vmware_ovf

Topic		Replies	Views
Vmware deploy ovf Authenticity of the host's SSL certificate is not verified Get Help ubuntu , vmware	6	108	October 10, 2024
Vmware ssl certs (works in one module, not the other!) Get Help collections , vmware	13	620	January 18, 2024
Community VMware Deploy OVF With AWX Get Help awx , vmware	3	226	May 13, 2024
Issue with AWX EE and Connecting to vcenter Get Help awx , rhel , windows , vmware , openssl , ee	7	592	April 20, 2024
Connection error: HTTPSConnectionPool(host='192.168.X.X', port=443 Get Help awx	13	471	February 21, 2024

SSL Handshake Errors with vmware_deploy_ovf in Ansible – Other Modules Work Fine

Related topics