openssl_certificate fail with acme provider #41396
Labels
affects_2.7
This issue/PR affects Ansible v2.7
bug
This issue/PR relates to a bug.
crypto
Crypto community (ACME, openssl, letsencrypt)
module
This issue/PR relates to a module.
support:community
This issue/PR relates to code supported by the Ansible community.
Comments
|
In fact, reverting is not enough, so ideally, deprecating and showing a warning is needed. And switching default to "false" as a backport would be quite great, because right now, that's broken with acme v2. |
ansibot
added
affects_2.7
mscherer
added a commit
to gluster/gluster.org_ansible_configuration
that referenced
this issue
Jun 11, 2018
See ansible/ansible#41396 for details
webknjaz
removed
the
needs_triage
ansibot
added
support:core
ansibot
added
support:community
|
@mscherer I've never used the acme provider; are you still using it? Is this still a problem? Do you want to work on this? |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
SUMMARY
Acme-tiny do seems to no longer support the --chain option, and so acme provider fail on every ansible version. I did sent the support for that as part of #35144 .
It seems to have been a downstream patch that got reverted https://src.fedoraproject.org/rpms/acme-tiny/c/ecd867acdf5380ade6874c160e8a00ce14d3f8ba?branch=master
I guess that mean we need to also get ride of the PR I have made. In the mean time, one work around is to use "acme_chain: False".
My fault for assuming that people wouldn't add downstream patch to Fedora package, and that I didn't
double check for it. I will send a email to the packager to signify that this was a move against the policy.
ISSUE TYPE
COMPONENT NAME
openssl_certificate
ANSIBLE VERSION
all
The text was updated successfully, but these errors were encountered: