Re: common role: suddenly commented out most certs in ca-certificates.conf
Am 25.05.20 um 12:40 schrieb Jan Kowalsky:
Am 24.05.20 um 23:40 schrieb Jan Kowalsky:
> Hi all,
>
> after running bootstrap and during common role adding of additional apt
> sources failed because of unknown certificates.
> I inspect the problem and found that most of certificates configured in
> /etc/ca-certificates.conf where commented out suddenly.
ok, the problem is here:
ansible/roles/pki/tasks/ca_certificates.yml
- name: Get list of trusted certificates
shell: set -o nounset -o pipefail -o errexit &&
grep -E -e '^[^#!].*$' /etc/ca-certificates.conf | sed -e
's/^!//' || true
args:
executable: 'bash'
register: pki_register_ca_certificates_trusted
changed_when: False
check_mode: False
If the locales of the server is not set correctly a
grep -E -e '^[^#].*$' /etc/ca-certificates.conf
fails after the first utf8 encoded certificate line.
So in pki_register_ca_certificates_trusted are only the first
certificates above this cert.
I have to find out, why my server didn't have any default locales.
Regards
Jan