Affected Puppet, Ruby, OS and module versions/distributions
- Puppet: 6
- Ruby: -
- Distribution: Debian 11.3 (Bullseye)
- Module version: v8.0.0
How to reproduce (e.g Puppet code you use)
using elastic_stack to manage repo at fresh debian bullseye installation:
class { 'elastic_stack::repo':
version => 7,
}
What are you seeing
Error: certificate verify failed (unable to get local issuer certificate)
What behaviour did you expect instead
like to have "weak_ssl" option for apt::source module as workaround:
Boolean $apt_weak_ssl = false,
.. and then:
case $facts['os']['family'] {
'Debian': {
include apt
apt::source { 'elastic':
ensure => 'present',
comment => $description,
location => $base_url,
release => 'stable',
repos => 'main',
key => {
'id' => $key_id,
'source' => $key_source,
'weak_ssl' => $apt_weak_ssl,
},
include => {
'deb' => true,
'src' => false,
},
pin => $priority,
}
}
Output log
Error: Could not set 'present' on ensure: SSL_connect returned=1 errno=0 state=error: certificate verify failed (unable to get local issuer certificate) (file: /etc/puppetlabs/code/environments/production/modules/apt/manifests/key.pp, line: 55)
Error: Could not set 'present' on ensure: SSL_connect returned=1 errno=0 state=error: certificate verify failed (unable to get local issuer certificate) (file: /etc/puppetlabs/code/environments/production/modules/apt/manifests/key.pp, line: 55)
Wrapped exception:
SSL_connect returned=1 errno=0 state=error: certificate verify failed (unable to get local issuer certificate)
Error: /Stage[first]/Elastic_stack::Repo/Apt::Source[elastic]/Apt::Key[Add key: 46095ACC8548582C1A2699A9D27D666CD88E42B4 from Apt::Source elastic]/Apt_key[Add key: 46095ACC8548582C1A2699A9D27D666CD88E42B4 from Apt::Source elastic]/ensure: change from 'absent' to 'present' failed: Could not set 'present' on ensure: SSL_connect returned=1 errno=0 state=error: certificate verify failed (unable to get local issuer certificate) (file: /etc/puppetlabs/code/environments/production/modules/apt/manifests/key.pp, line: 55)
Any additional information you'd like to impart
Affected Puppet, Ruby, OS and module versions/distributions
How to reproduce (e.g Puppet code you use)
using elastic_stack to manage repo at fresh debian bullseye installation:
What are you seeing
Error: certificate verify failed (unable to get local issuer certificate)
What behaviour did you expect instead
like to have "weak_ssl" option for apt::source module as workaround:
.. and then:
Output log
Error: Could not set 'present' on ensure: SSL_connect returned=1 errno=0 state=error: certificate verify failed (unable to get local issuer certificate) (file: /etc/puppetlabs/code/environments/production/modules/apt/manifests/key.pp, line: 55)
Error: Could not set 'present' on ensure: SSL_connect returned=1 errno=0 state=error: certificate verify failed (unable to get local issuer certificate) (file: /etc/puppetlabs/code/environments/production/modules/apt/manifests/key.pp, line: 55)
Wrapped exception:
SSL_connect returned=1 errno=0 state=error: certificate verify failed (unable to get local issuer certificate)
Error: /Stage[first]/Elastic_stack::Repo/Apt::Source[elastic]/Apt::Key[Add key: 46095ACC8548582C1A2699A9D27D666CD88E42B4 from Apt::Source elastic]/Apt_key[Add key: 46095ACC8548582C1A2699A9D27D666CD88E42B4 from Apt::Source elastic]/ensure: change from 'absent' to 'present' failed: Could not set 'present' on ensure: SSL_connect returned=1 errno=0 state=error: certificate verify failed (unable to get local issuer certificate) (file: /etc/puppetlabs/code/environments/production/modules/apt/manifests/key.pp, line: 55)
Any additional information you'd like to impart