I am currently testing a PR for module_utils/vmware.py which adds 'validate_certs' as an argument.
On Friday, January 15, 2016 at 11:30:23 AM UTC-6, Kesten Broughton wrote: > > vsphere_guest is based on pysphere and the ansible-extra-modules vmware > modules are based on psphere, (both of which are largely abandoned) > but this PR for pyVmomi supported by VWmare should work. > https://github.com/vmware/pyvmomi-community-samples/pull/213/files > > A thing you could do, but shouldn't do for security reasons is note from > the error which site-packages directory it is failing at. > Then add the following to the bottom of the sitecustomize.py file therein > > import ssl > > try: > _create_unverified_https_context = ssl._create_unverified_context > except AttributeError: > # Legacy Python that doesn't verify HTTPS certificates by default > pass > else: > # Handle target environment that doesn't support HTTPS verification > ssl._create_default_https_context = _create_unverified_https_context > > > On Friday, January 15, 2016 at 12:25:42 AM UTC-6, Brian Coca wrote: >> >> we should add validate_certs=yes|no option as we do in other modules. >> >> On Fri, Jan 15, 2016 at 1:09 AM, Larry Smith <[email protected]> wrote: >> > Yup. I know about the default self-signed but I would assume that >> either >> > pyvmomi module and/or the Ansible documentation might explain on how to >> get >> > around this error. Especially just for testing purposes. Thanks for the >> > reply though. >> > >> > On Thursday, January 14, 2016 at 3:35:47 AM UTC-5, Marcus Franke wrote: >> >> >> >> Hi, >> >> >> >> by default VMware uses a self signed certificate for the vcenter web >> >> interface. >> >> >> >> You could change this against an official one with a trust anchor your >> >> system can verify or configure your play not to verify the >> certificate. If >> >> that is possible, never used that module myself. >> >> >> >> Regards, >> >> Marcus >> >> >> >> >> >> Larry Smith <[email protected]> schrieb am Mi., 13. Jan. 2016 18:54: >> >>> >> >>> Just getting started messing with these new 2.0 VMWare modules and >> seem >> >>> to be stuck on an SSL error. Anyone know how to get around this? Any >> info >> >>> would be much appreciated. >> >>> >> >>> fatal: [localhost -> localhost]: FAILED! => {"apierror": "[Errno 1] >> >>> _ssl.c:510: error:14090086:SSL >> >>> routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed", >> "changed": >> >>> false, "failed": true, "msg": "Unable to connect to vCenter or ESXi >> API on >> >>> TCP/443."} >> >>> >> >>> >> >>> --- >> >>> >> >>> - hosts: all >> >>> >> >>> connection: local >> >>> >> >>> become: false >> >>> >> >>> vars: >> >>> >> >>> - datacenter_name: 'LAB' >> >>> >> >>> - esxi_user: 'root' >> >>> >> >>> - esxi_pass: 'vmware' >> >>> >> >>> - pri_domain_name: 'everythingshouldbevirtual.local' >> >>> >> >>> - vcenter_host: 'vcsa.{{ pri_domain_name }}' >> >>> >> >>> tasks: >> >>> >> >>> - name: create DataCenter >> >>> >> >>> local_action: > >> >>> >> >>> vmware_datacenter >> >>> >> >>> hostname="{{ vcenter_host }}" >> >>> >> >>> username="{{ esxi_user }}" >> >>> >> >>> password="{{ esxi_pass }}" >> >>> >> >>> datacenter_name="{{ datacenter_name }}" >> >>> >> >>> state=present >> >>> >> >>> -- >> >>> You received this message because you are subscribed to the Google >> Groups >> >>> "Ansible Project" group. >> >>> To unsubscribe from this group and stop receiving emails from it, >> send an >> >>> email to [email protected]. >> >>> To post to this group, send email to [email protected]. >> >>> To view this discussion on the web visit >> >>> >> https://groups.google.com/d/msgid/ansible-project/e3090414-fe2a-47e6-b8dd-77be4a19285e%40googlegroups.com. >> >> >> >>> For more options, visit https://groups.google.com/d/optout. >> > >> > -- >> > You received this message because you are subscribed to the Google >> Groups >> > "Ansible Project" group. >> > To unsubscribe from this group and stop receiving emails from it, send >> an >> > email to [email protected]. >> > To post to this group, send email to [email protected]. >> > To view this discussion on the web visit >> > >> https://groups.google.com/d/msgid/ansible-project/2d8a7b53-e845-4e81-9ac5-cae386b64b1e%40googlegroups.com. >> >> >> > >> > For more options, visit https://groups.google.com/d/optout. >> >> >> >> -- >> Brian Coca >> > -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/4f3ec1fb-7e08-45e6-bd60-b6d113ce96bf%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
