On-premises Ansible Services Catalog fail to sync with Ansible Automation Controller due being unable to get local issuer certificate

Solution Verified - Updated -

Issue

  • After changing the Automation Controller self-signed certificate for a certificate signed by an external CA, Services Catalog fails to synchronize with Controller with the following error message seeing at Platforms > Automation Controller > Summary > Availability in the Web UI:

    Error: HTTPSConnectionPool(host='ansibletower.example.local', port=443): Max retries exceeded with url: /api/v2/ping/ (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1129)')))

  • Automation Controller has a status of Unavailable in the Platforms view of the Web UI, as shown in the following image:

Automation Controller with status of Unavailable
Automation Controller with status of Unavailable

Environment

  • Red Hat Ansible Automation Platform (AAP)
    • 2.1
    • 2.2
  • Ansible Automation Platform Controller
    • 4.2.0
  • Ansible Automation Services Catalog
    • 4.x

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content