Oracle SSL issue

[DavidWylie]

Hi, Been using this role on the latest release for the past week.

Today the role started to fail to download the RPM when using the following url:
oracle_java_rpm_url: http://download.oracle.com/otn-pub/java/jdk/8u121-b13/e9e7ea248e2c4826b92b3f075a80e441/jdk-8u121-linux-x64.rpm

If the validate_certs is set to no on the get_url request it will work successfully.
This has been working previously for the last week.

Error message:

docker: TASK [ansiblebit.oracle-java : download Java RPM] ******************************
    docker: fatal: [default]: FAILED! => {"changed": false, "failed": true, "msg": "Failed to validate the SSL certificate for edelivery.oracle.com:443. Make sure your managed systems have a valid CA certificate installed. You can use validate_certs=False if you do not need to confirm the servers identity but this is unsafe and not recommended. Paths checked for this platform: /etc/ssl/certs, /etc/pki/ca-trust/extracted/pem, /etc/pki/tls/certs, /usr/share/ca-certificates/cacert.org, /etc/ansible"}

I found the edeliverysite is only used when the unauthorised page is displayed.

[steenzout]

@DavidWylie this must be because I merged a PR to use get_url instead of command.

I'll fix this asap...

[steenzout]

funny thing was that it passed the tests so I'm guessing your system doesn't have CA certificates installed?

anyway, I'm adding a new variable.

[steenzout]

@DavidWylie please set oracle_java_rpm_validate_certs: no.

it should work.

the alternative is to setup the CA certificates on the server you are running the playbook.

[steenzout]

@DavidWylie could you do me a favor and star this repo? :)

thank you!

[DavidWylie]

@steenzout Thanks switched to the latest version with the variable you mentioned and all working now.