I had a old Trellis stack working perfectly and today I was tried to use it but when I run vagrant up I got this error:
default: Running ansible-galaxy...
- downloading role 'composer', owned by geerlingguy
- downloading role from https://github.com/geerlingguy/ansible-role-composer/archive/1.5.0.tar.gz
[ERROR]: failed to download the file: Failed to validate the SSL certificate
for github.com:443. Make sure your managed systems have a valid CA certificate
installed. You can use validate_certs=False if you do not need to confirm the
servers identity but this is unsafe and not recommended. Paths checked for this
platform: /etc/ssl/certs, /etc/ansible, /usr/local/etc/openssl. The exception
msg was: [SSL: TLSV1_ALERT_PROTOCOL_VERSION] tlsv1 alert protocol version
(_ssl.c:590).
[WARNING]: - composer was NOT installed successfully.
ERROR! - you can use --ignore-errors to skip failed roles and finish processing the list.
Ansible failed to complete successfully. Any error output should be
visible above. Please fix these errors and try again.
I can use vagrant ssh and see all files there but if I try to access example.dev I get This site can’t be reached
But even after I followed your instructions I’m still getting the same error:
Here some debugs:
$ python --version
Python 2.7.14
$ python -c "import ssl; print(ssl.OPENSSL_VERSION)"
OpenSSL 1.0.2n 7 Dec 2017
$ ssh -T git@github.com
Hi gtso86! You've successfully authenticated, but GitHub does not provide shell access.
$ ansible-galaxy install -r requirements.yml
- downloading role 'composer', owned by geerlingguy
- downloading role from https://github.com/geerlingguy/ansible-role-composer/archive/1.5.0.tar.gz
[ERROR]: failed to download the file: Failed to validate the SSL certificate for github.com:443. Make sure your managed systems have a valid CA
certificate installed. You can use validate_certs=False if you do not need to confirm the servers identity but this is unsafe and not recommended.
Paths checked for this platform: /etc/ssl/certs, /etc/ansible, /usr/local/etc/openssl. The exception msg was: [SSL: TLSV1_ALERT_PROTOCOL_VERSION]
tlsv1 alert protocol version (_ssl.c:590).
[WARNING]: - composer was NOT installed successfully.
ERROR! - you can use --ignore-errors to skip failed roles and finish processing the list.
Any detail may I missed?
Extra info:
$ which openssl
/usr/bin/openssl
$ openssl version
OpenSSL 0.9.8zh 14 Jan 2016
Im having the same problem on one machine (Mac) but works fine on another (Mac too).
I’ve been two days trying to fix this but Im lost.
Could you help me to debug this? I can provide all the outputs that you need. My problem now is I don’t know what to try or if Im doing something wrong.
Currently Im at this state (I won’t change anything until answer): Error
$ ansible-galaxy install -r requirements.yml
- downloading role 'composer', owned by geerlingguy
- downloading role from https://github.com/geerlingguy/ansible-role-composer/archive/1.6.1.tar.gz
[ERROR]: failed to download the file: Failed to validate the SSL certificate
for github.com:443. Make sure your managed systems have a valid CA certificate
installed. You can use validate_certs=False if you do not need to confirm the
servers identity but this is unsafe and not recommended. Paths checked for this
platform: /etc/ssl/certs, /etc/ansible, /usr/local/etc/openssl. The exception
msg was: [SSL: TLSV1_ALERT_PROTOCOL_VERSION] tlsv1 alert protocol version
(_ssl.c:590).
[WARNING]: - composer was NOT installed successfully.
ERROR! - you can use --ignore-errors to skip failed roles and finish processing the list.
- downloading role from https://github.com/geerlingguy/ansible-role-composer/archive/1.7.0.tar.gz
[ERROR]: failed to download the file: Failed to validate the SSL certificate
for github.com:443. Make sure your managed systems have a valid CA certificate
installed. You can use validate_certs=False if you do not need to confirm the
servers identity but this is unsafe and not recommended. Paths checked for this
platform: /etc/ssl/certs, /etc/ansible, /usr/local/etc/openssl. The exception
msg was: [SSL: TLSV1_ALERT_PROTOCOL_VERSION] tlsv1 alert protocol version
(_ssl.c:590).
[WARNING]: - composer was NOT installed successfully.
ERROR! - you can use --ignore-errors to skip failed roles and finish processing the list.
Ansible failed to complete successfully. Any error output should be
visible above. Please fix these errors and try again.
$ ansible --version
ansible 2.5.4
config file = /Users/nick/Code/site.com/trellis/ansible.cfg
configured module search path = [u'/Users/nick/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
ansible python module location = /Library/Python/2.7/site-packages/ansible
executable location = /usr/local/bin/ansible
python version = 2.7.10 (default, Feb 7 2017, 00:08:15) [GCC 4.2.1 Compatible Apple LLVM 8.0.0 (clang-800.0.34)]
This seems to happen only when ssl is enabled on my dev machine using the self-signed option.