Our apt installs of node on ubuntu are failing. Did something change?
Failed to download key at https://deb.nodesource.com/gpgkey/nodesource.gpg.key: Request failed: <urlopen error [Errno 1] _ssl.c:510: error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure>
Seem to not work for sslv3 anymore.
curl -3 https://deb.nodesource.com/gpgkey/nodesource.gpg.key
curl: (35) error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure
Hi @jamesongithub - we just recently moved repository hosting to CloudFront in order to increase availability and security. See https://github.com/nodesource/distributions/issues/353#issuecomment-245766143 for more information. The latest versions of curl and wget should be able to successfully connect.
Unfortunately we are using ansible / python2.
Pretty sure this will affect anyone installing node w/ ansible from nodesource. Will have to find a workaround.
Hey @jamesongithub did you find a workaround? This is blocking my deploys now
Okay if someone stumbles upon this, it seems if you're on Ubuntu Trusty, using Python 2.7.6, you'll need to bypass Python via e.g. curl: https://github.com/ansible/ansible/issues/9966#issuecomment-246373269
yeah just download the key with wget or curl and import the key manually
FYI: this is still happening, nearly 6mos later.
it was never "fixed" @t-readyroc see the workaround above
Yes @t-readyroc , this wasn't "fixed" nor will it be because it's not broken. We're using the TLS settings that are recommended by AWS for proper security. We don't feel that weakening this to support super old SSL implementations is in the best interests of anybody.
FWIW another solution (on Trusty at least) is to install an updated version of python.
add-apt-repository ppa:jonathonf/python-2.7
apt-get update
apt-get install -y python2.7
then re-run your Ansible play. You may need to purge package lists path (rm -rf /var/lib/apt/lists/*)
Most helpful comment
Pretty sure this will affect anyone installing node w/ ansible from nodesource. Will have to find a workaround.