Giters

geerlingguy / ansible-role-nodejs

Ansible Role - Node.js

Home Page:https://galaxy.ansible.com/geerlingguy/nodejs/

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Regression for Ubuntu 14.04? SSL certificate error on adding nodesource key

jpstacey opened this issue · comments

commented

I seem to be getting a regression of #43 on Ubuntu 14.04 LTS:

TASK: [geerlingguy.nodejs | Add Nodesource apt key.] ************************** <localhost> REMOTE_MODULE apt_key id=68576280 state=present url='https://keyserver.ubuntu.com/pks/lookup?op=get&fingerprint=on&search=0x1655A0AB68576280' failed: [localhost] => {"failed": true, "item": ""} msg: Failed to validate the SSL certificate for keyserver.ubuntu.com:443. Use validate_certs=no or make sure your managed systems have a valid CA certificate installed. Paths checked for this platform: /etc/ssl/certs, /etc/pki/ca-trust/extracted/pem, /etc/pki/tls/certs, /usr/share/ca-certificates/cacert.org, /etc/ansible

This seems to be the case for both master and 4.0.x branches. ca-certificates is as up to date as Trusty Tahr wants it to be:

$ sudo dpkg -l ca-certificates Desired=Unknown/Install/Remove/Purge/Hold | Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend |/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad) ||/ Name Version Architecture Description +++-=============================================-===========================-===========================-=============================================================================================== ii ca-certificates 20160104ubuntu0.14.04.1 all Common CA certificates

vs. https://launchpad.net/ubuntu/+source/ca-certificates

However, running the following directly allows me to proceed:

wget -qO - 'https://keyserver.ubuntu.com/pks/lookup?op=get&fingerprint=on&search=0x1655A0AB68576280' | sudo apt-key add -

Does that not do the same certificate checks? Is it that they're running the HTTPS call as different users?

I then get a separate error on "Ensure Node.js and npm are installed" ("this module requires key=value arguments") but I'll check separately for any existing bug reports rather than complicate this issue!

commented

@jpstacey - The automated cron builds seem to be running fine under Ubuntu 14.04: https://travis-ci.org/geerlingguy/ansible-role-nodejs

I know 12.04 is starting to have tons of issues with various projects as SNI support isn't there, and many PPAs are dropping support... but 14.04 should still be working fine.

If you try using this role in a brand new environment, do you still get this error?

commented

Closing as 14.04 is out of support in a couple weeks.