Role hangs on "coffeeitworks.burp2_server : wait for burpca to get all server certificates", Debian10

[marcin-github]

Hi! When I run this role on Debian 10 (I didn't add any variables specific for this role, I rely on defaults) ssl certificates are not created:

TASK [coffeeitworks.burp2_server : wait for burpca to get all server certificates] ***************************************************************************************************************************

failed: [xxxx] (item=/etc/burp/ssl_cert_ca-server.pem) => {"ansible_loop_var": "item", "changed": false, "elapsed": 300, "item": "/etc/burp/ssl_cert_ca-server.pem", "msg": "Timeout when waiting for file /etc/burp/ssl_cert_ca-server.pem"}
failed: [xxxx] (item=/etc/burp/ssl_cert-server.key) => {"ansible_loop_var": "item", "changed": false, "elapsed": 300, "item": "/etc/burp/ssl_cert-server.key", "msg": "Timeout when waiting for file /etc/burp/ssl_cert-server.key"}
failed: [xxxx] (item=/etc/burp/ssl_cert-server.pem) => {"ansible_loop_var": "item", "changed": false, "elapsed": 300, "item": "/etc/burp/ssl_cert-server.pem", "msg": "Timeout when waiting for file /etc/burp/ssl_cert-server.pem"}
[WARNING]: Failure using method (v2_runner_on_failed) in callback plugin (<ansible.plugins.callback.mail.CallbackModule object at 0x7f57860d8d50>): [Errno 111] Connection refused

RUNNING HANDLER [coffeeitworks.burp2_server : restart burp server] *******************************************************************************************************************************************

RUNNING HANDLER [coffeeitworks.burp2_server : restart burp server systemd] ***********************************************************************************************************************************

RUNNING HANDLER [coffeeitworks.burp2_server : restart cron server] *******************************************************************************************************************************************

PLAY RECAP ***************************************************************************************************************************************************************************************************
xxxxx   : ok=38   changed=25   unreachable=0    failed=1    skipped=28   rescued=0    ignored=0

[pablodav]

Is your role updated?

I have fixed that 12hs ago.

El jue., 14 de mayo de 2020 8:06 a. m., Marcin notifications@github.com escribió:

Hi! When I run this role on Debian 10 (I didn't add any variables specific for this role, I rely on defaults) ssl certificates are not created:

TASK [coffeeitworks.burp2_server : wait for burpca to get all server certificates] ***

failed: [xxxx] (item=/etc/burp/ssl_cert_ca-server.pem) => {"ansible_loop_var": "item", "changed": false, "elapsed": 300, "item": "/etc/burp/ssl_cert_ca-server.pem", "msg": "Timeout when waiting for file /etc/burp/ssl_cert_ca-server.pem"} failed: [xxxx] (item=/etc/burp/ssl_cert-server.key) => {"ansible_loop_var": "item", "changed": false, "elapsed": 300, "item": "/etc/burp/ssl_cert-server.key", "msg": "Timeout when waiting for file /etc/burp/ssl_cert-server.key"} failed: [xxxx] (item=/etc/burp/ssl_cert-server.pem) => {"ansible_loop_var": "item", "changed": false, "elapsed": 300, "item": "/etc/burp/ssl_cert-server.pem", "msg": "Timeout when waiting for file /etc/burp/ssl_cert-server.pem"} [WARNING]: Failure using method (v2_runner_on_failed) in callback plugin (<ansible.plugins.callback.mail.CallbackModule object at 0x7f57860d8d50>): [Errno 111] Connection refused

RUNNING HANDLER [coffeeitworks.burp2_server : restart burp server] ***

RUNNING HANDLER [coffeeitworks.burp2_server : restart burp server systemd] ***

RUNNING HANDLER [coffeeitworks.burp2_server : restart cron server] ***

PLAY RECAP *** xxxxx : ok=38 changed=25 unreachable=0 failed=1 skipped=28 rescued=0 ignored=0

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/CoffeeITWorks/ansible_burp2_server/issues/60, or unsubscribe https://github.com/notifications/unsubscribe-auth/ABCA7HYWQ5ODEVEFQZ3ZLDDRRPGDLANCNFSM4NASYCPA .

[pablodav]

This was the fix:

https://github.com/CoffeeITWorks/ansible_burp2_server/commit/d41b03dfd62ddf7a867b8008d1f0c670fb1a9da5

Also reported here: https://github.com/grke/burp/issues/861

You can check if file /usr/local/sbin/burp_ca has that line.

Also you can thest with command:

burp -c /etc/burp/burp-server.conf -F

2018-02-02 20:23:24 +0000: burp[10607] Creating /etc/burp/dhfile.pem
2018-02-02 20:23:24 +0000: burp[10607] Running '/usr/sbin/burp_ca --dhfile /etc/burp/dhfile.pem --dir /etc/burp/CA'
2018-02-02 20:23:24 +0000: burp[10607] /usr/sbin/burp_ca returned: 1
2018-02-02 20:23:24 +0000: burp[10607] Error running /usr/sbin/burp_ca

If you see error like the above, then you can debug with:

bash -x /usr/sbin/burp_ca --dhfile /etc/burp/dhfile.pem --dir /etc/burp/CA

And send the output of the command.

Also send the output of ls -l /etc/burp

[marcin-github]

Hi! If role wouldn't be updated then I would stuck at libssl1.0.0 error. I set burp_version: master then role finished installing of burp server, thank you!

[pablodav]

Great!

El vie., 15 de mayo de 2020 6:17 a. m., Marcin notifications@github.com escribió:

Hi! If role wouldn't be updated then I would stuck at libssl1.0.0 error. I set burp_version: master then role finished installing of burp server, thank you!

— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/CoffeeITWorks/ansible_burp2_server/issues/60#issuecomment-629128375, or unsubscribe https://github.com/notifications/unsubscribe-auth/ABCA7HZYW7NKGMHRHHOLUXDRRUCDFANCNFSM4NASYCPA .