I am trying to installing an ubuntu instance hosted in Vultr Apparently my SSL certificate is failing

0 votes

I am trying to installing this algo on an ubuntu instance hosted in Vultr. Apparently my SSL certificate is failing. 

algo-master cat ~/.vultr.ini
[default]
key = B-censored-for-privacy-Q
algo-master ./algo
[WARNING]: Could not match supplied host pattern, ignoring: vpn-host

PLAY [localhost] *******************************************************************************************************************************************************************************************

TASK [Gathering Facts] *************************************************************************************************************************************************************************************
ok: [localhost]

TASK [Ensure the requirements installed] *******************************************************************************************************************************************************************
ok: [localhost]

TASK [Set required ansible version as a fact] **************************************************************************************************************************************************************
ok: [localhost] => (item=ansible==2.8.3)

TASK [Verify Python meets Algo VPN requirements] ***********************************************************************************************************************************************************
ok: [localhost] => {
"changed": false,
"msg": "All assertions passed"
}

TASK [Verify Ansible meets Algo VPN requirements] **********************************************************************************************************************************************************
ok: [localhost] => {
"changed": false,
"msg": "All assertions passed"
}

PLAY [Ask user for the input] ******************************************************************************************************************************************************************************

TASK [Gathering Facts] *************************************************************************************************************************************************************************************
ok: [localhost]
[Cloud prompt]
What provider would you like to use?
1. DigitalOcean
2. Amazon Lightsail
3. Amazon EC2
4. Microsoft Azure
5. Google Compute Engine
6. Hetzner Cloud
7. Vultr
8. Scaleway
9. OpenStack (DreamCompute optimised)
10. CloudStack (Exoscale optimised)
11. Install to existing Ubuntu 18.04 or 19.04 server (Advanced)

Enter the number of your desired provider
:

TASK [Cloud prompt] ****************************************************************************************************************************************************************************************
ok: [localhost]

TASK [Set facts based on the input] ************************************************************************************************************************************************************************
ok: [localhost]
[VPN server name prompt]
Name the vpn server
[algo]
:

TASK [VPN server name prompt] ******************************************************************************************************************************************************************************
ok: [localhost]
[Cellular On Demand prompt]
Do you want macOS/iOS IPsec clients to enable "Connect On Demand" when connected to cellular networks?
[y/N]
:

TASK [Cellular On Demand prompt] ***************************************************************************************************************************************************************************
ok: [localhost]
[Wi-Fi On Demand prompt]
Do you want macOS/iOS IPsec clients to enable "Connect On Demand" when connected to Wi-Fi?
[y/N]
:

TASK [Wi-Fi On Demand prompt] ******************************************************************************************************************************************************************************
ok: [localhost]
[Retain the PKI prompt]
Do you want to retain the keys (PKI)? (required to add users in the future, but less secure)
[y/N]
:

TASK [Retain the PKI prompt] *******************************************************************************************************************************************************************************
ok: [localhost]
[DNS adblocking prompt]
Do you want to enable DNS ad blocking on this VPN server?
[y/N]
:

TASK [DNS adblocking prompt] *******************************************************************************************************************************************************************************
ok: [localhost]
[SSH tunneling prompt]
Do you want each user to have their own account for SSH tunneling?
[y/N]
:

TASK [SSH tunneling prompt] ********************************************************************************************************************************************************************************
ok: [localhost]

TASK [Set facts based on the input] ************************************************************************************************************************************************************************
ok: [localhost]

PLAY [Provision the server] ********************************************************************************************************************************************************************************

TASK [Gathering Facts] *************************************************************************************************************************************************************************************
ok: [localhost]

TASK [Display the invocation environment] ******************************************************************************************************************************************************************
changed: [localhost -> localhost]

TASK [Install the requirements] ****************************************************************************************************************************************************************************
ok: [localhost -> localhost]

TASK [Generate the SSH private key] ************************************************************************************************************************************************************************
ok: [localhost]

TASK [Generate the SSH public key] *************************************************************************************************************************************************************************
ok: [localhost]
[cloud-vultr : pause]

TASK [cloud-vultr : pause] *********************************************************************************************************************************************************************************
ok: [localhost]

TASK [cloud-vultr : Set the token as a fact] ***************************************************************************************************************************************************************
ok: [localhost]

TASK [cloud-vultr : Get regions] ***************************************************************************************************************************************************************************
fatal: [localhost]: FAILED! => {"changed": false, "content": "", "elapsed": 1, "msg": "Status code was -1 and not [200]: Request failed: <urlopen error [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1076)>", "redirected": false, "status": -1, "url": "https://api.vultr.com/v1/regions/list"}
included: /Users/jroland/workspace/algo-master/playbooks/rescue.yml for localhost

TASK [debug] ***********************************************************************************************************************************************************************************************
ok: [localhost] => {
"fail_hint": [
"Sorry, but something went wrong!",
"Please check the troubleshooting guide.",
"https://trailofbits.github.io/algo/troubleshooting.html"
]
}

TASK [Fail the installation] *******************************************************************************************************************************************************************************
fatal: [localhost]: FAILED! => {"changed": false, "msg": "Failed as requested from task"}

PLAY RECAP *************************************************************************************************************************************************************************************************
localhost : ok=24 changed=1 unreachable=0 failed=1 skipped=1 rescued=1 ignored=0

Oct 15, 2019 in Ansible by Hannah
• 18,520 points
1,579 views

1 answer to this question.

0 votes

The cert.pem file is a somehow moving to the root certificates. Running brew info openssl displays:

A CA file has been bootstrapped using certificates from the SystemRoots
keychain.

and I'm assuming that's what this cert.pem file is. I think you just trashed yours.

brew reinstall openssl
answered Oct 15, 2019 by Yogesh

edited Oct 15, 2019

Related Questions In Ansible

0 votes
1 answer

Is it possible to run an Ansible Playbook in python script?

Hey @Cerci, Of course its possible. You ...READ MORE

answered Jan 17, 2019 in Ansible by Nicolas
15,667 views
0 votes
1 answer
0 votes
1 answer
0 votes
2 answers
+15 votes
2 answers

Git management technique when there are multiple customers and need multiple customization?

Consider this - In 'extended' Git-Flow, (Git-Multi-Flow, ...READ MORE

answered Mar 27, 2018 in DevOps & Agile by DragonLord999
• 8,450 points
4,035 views
webinar REGISTER FOR FREE WEBINAR X
REGISTER NOW
webinar_success Thank you for registering Join Edureka Meetup community for 100+ Free Webinars each month JOIN MEETUP GROUP