wenottingham
commented
3 years ago Closing as a duplicate of https://github.com/ansible/awx/issues/10787
Closed derhoeppi closed 3 years ago
wenottingham
commented
3 years ago Closing as a duplicate of https://github.com/ansible/awx/issues/10787
I use AWX 19.2.2 (same problem in 19.3 with ee 0.5.0) and try to connect to our Microsoft system with winrm and credssp. Python request uses certifi to connect to Microosft systems and certifi has its own bundle with ca certs (path: /usr/local/lib/python3.8/site-packages/certifi/cacert.pem). I use the awx-operator option to define bundle_cacert_secret as spec to deploy awx. This secret will be enrolled to the awx-ee container. Now my question. Is it possible to create a filesystem softlink like "ln -s" so the certifi pem file is linked to /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem? It would be fantastic if i get a solution to use our own ca to connect Microsoft systems. To resolve that issue i also tested an environment variable passed by ee_extra_env with the name REQUESTS_CA_BUNDLE but it would be ignored by certifi. Also the ansible parameter ansible_winrm_ca_trust_path: /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem does not work.