Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Ansible request for workaround to cacerts in CentOS6 playbooks #2342

Closed
1 of 3 tasks
sxa opened this issue Oct 7, 2021 · 1 comment · Fixed by #2344
Closed
1 of 3 tasks

Ansible request for workaround to cacerts in CentOS6 playbooks #2342

sxa opened this issue Oct 7, 2021 · 1 comment · Fixed by #2344
Assignees
@sxa
Labels
ansible
Milestone
October 2021

Comments

@sxa
Copy link
Member

sxa commented Oct 7, 2021
edited
Loading

Please put the name of the software product (and affected platforms if relevant) in the title of this issue

  • Missing install
  • Bug in ansible playbook
  • Request for new playbook addition

Details:
Ansible playbooks are currently failing on CentOS6 due to the expiry of the root certificate that was used by LetsEncrypt. This has caused multiple problems1 but critically it is no longer possible to update the docker build images because the playbooks won't work, meaning that any merged PRs that affect that system will not take effect.

I have looked at making some changes to address this in #2339 but it's rapidly getting to the point where it's just not a good idea. It will likely require openssl1.0.2 to be installed and used along with an appropriate CA store put in place, and python and possibly wget convinced to use the new one.

Footnotes

  1. https://github.com/adoptium/temurin-build/issues/2741, https://github.com/adoptium/temurin-build/issues/2747, https://github.com/adoptium/temurin-build/issues/2751 and PRs https://github.com/adoptium/temurin-build/pull/2742, https://github.com/adoptium/temurin-build/pull/2746 https://github.com/adoptium/infrastructure/issues/2345

@sxa sxa added the ansible label Oct 7, 2021
@sxa sxa added this to the October 2021 milestone Oct 7, 2021
@sxa
Copy link
Member Author

sxa commented Oct 7, 2021

May be possible to use the CentOS7 source packages to resolve this ...

@sxa sxa changed the title Ansible request for workaround CentOS6 playbooks Ansible request for workaround to cacerts in CentOS6 playbooks Oct 8, 2021
@sxa sxa self-assigned this Oct 8, 2021
@sxa sxa mentioned this issue Oct 8, 2021
Merged
5 tasks
@sxa sxa closed this as completed in #2344 Oct 12, 2021
@Willsparker Willsparker mentioned this issue Oct 29, 2021
Merged
5 tasks
@sxa sxa mentioned this issue Sep 25, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@sxa sxa

Labels
ansible
Projects
None yet
Milestone
October 2021
Development

Successfully merging a pull request may close this issue.

Install CentOS7's OpenSSL 1.0.2 package on CentOS6 to resolve certificate issues sxa/infrastructure
1 participant
@sxa