Why Ansile Tower Setup Is Failing At 'Migrate the Tower database schema' Task With Errors 'Server does not support SSL' / 'certificate verify failed' / 'no pg_hba.conf entry for host' When Connecting To PostgreSQL Database With SSL Enabled ?

Solution Verified - Updated -

Issue

When connecting to an external PostgreSQL instance or when SSL is enabled for PostgreSQL in Ansible Tower setup installer inventory like below

# Server-side SSL settings for PostgreSQL (when we are installing it).
 postgres_use_ssl=True
 postgres_ssl_cert=/path/to/server.crt
 postgres_ssl_key=/path/to/server.key

,the setup fails at 'TASK [awx_install : Migrate the Tower database schema (may take awhile when upgrading).] with the following errors.

Certificate verify failed:

conn = _connect(dsn, connection_factory=connection_factory, **kwasync)", "django.db.utils.OperationalError: SSL error: certificate verify failed"], "stdout": "", "stdout_lines": []}

Server does not support SSL:

connection_factory=connection_factory, **kwasync)", "django.db.utils.OperationalError: server does not support SSL, but SSL was required"], "stdout": "", "stdout_lines": []}

Certificate verify failed, no pg_hba.conf entry for host:

"django.db.utils.OperationalError: SSL error: certificate verify failed", "FATAL:  no pg_hba.conf entry for host \"10.1.1.7\", user \"awx\", database \"awx\", SSL off"], "stdout": "", "stdout_lines": []}

Environment

Ansible Tower 3.6+

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content