Failed to validate SSL certificates

[avpines]

Hi,

I'm getting the following error when attempting to download the rpm and tar.gz (fetch.yml get JDK tarball (as RPM file) and get JDK tarball (as tar.gz file)

fatal: [my.domain]: FAILED! => {
  "changed": false, 
  "failed": true, 
  "msg": "Failed to validate the SSL certificate for edelivery.oracle.com:443. Make sure your managed systems have a valid CA certificate installed. If the website serving the url uses SNI you need python >= 2.7.9 on your managed machine or you can install the `urllib3`, `pyopenssl`, `ndg-httpsclient`, and `pyasn1` python modules to perform SNI verification in python >= 2.6. You can use validate_certs=False if you do not need to confirm the servers identity but this is unsafe and not recommended. Paths checked for this platform: /etc/ssl/certs, /etc/pki/ca-trust/extracted/pem, /etc/pki/tls/certs, /usr/share/ca-certificates/cacert.org, /etc/ansible"
}

(not using mac but it will probably happen there as well?) Simple wget from the machine works. For now I could only make it work by adding to these tasks validate_certs: no, but I wonder if there's a better solution.

Using ansible 2.1.0.0, Python on some of the Ubuntu machines is 2.7.3, on the Centos machines is Python 2.6.6.

Let me know if any other information is needed.

Thanks, Aviad

[afeld]

Try updating the ca-certificates and python packages (and the equivalent on Ubuntu).