python-keystoneclient SSL CA certificate validation
Bug #1012591 reported by
Jose Castro Leon
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
python-keystoneclient |
Fix Released
|
Medium
|
Unassigned |
Bug Description
Following the commit by Adam Young, we discover that python-
(https:/
So in case that the CA certificate is not bundled with the distribution, it refuses to do any operation due to the invalid certificate chain.
This could be solved by specifying an extra parameter with the CA chain in python-
This also affects horizon when using keystone api to check the user during login.
summary: |
- python-keystoneclient SSLCA certificate validation + python-keystoneclient SSL CA certificate validation |
tags: |
added: python-keystoneclient removed: keystone |
Changed in keystone: | |
status: | New → Triaged |
importance: | Undecided → Medium |
affects: | keystone → python-keystoneclient |
Changed in python-keystoneclient: | |
assignee: | nobody → Adam Young (ayoung) |
Changed in python-keystoneclient: | |
assignee: | Adam Young (ayoung) → Liem Nguyen (liemmn) |
Changed in python-keystoneclient: | |
assignee: | Liem Nguyen (liemmn) → Sascha Peilicke (saschpe) |
Changed in python-keystoneclient: | |
status: | Fix Committed → Fix Released |
To post a comment you must log in.
you can also disable CA validation by
--- keystoneclient/ client. py 2012-07-17 18:02:33.910494211 +0200 client. py.orig 2012-07-17 18:02:22.525503421 +0200
+++ keystoneclient/
@@ -55,6 +55,7 @@
# httplib2 overrides
self. force_exception _to_status_ code = True ssl_certificate _validation = True
+ self.disable_
def authenticate(self):
""" Authenticate against the keystone API.