Comment 2 for bug 1697163

Kam Nasim (knasim-wrs) wrote :

Any plans to pull this fix back into PIKE?

Also seeing it on Pike for both the Glance and the Murano clients:

glance --debug image-list
Traceback (most recent call last):
  File "/usr/local/lib/python2.7/dist-packages/glanceclient/shell.py", line 707, in main
    OpenStackImagesShell().main(argv)
  File "/usr/local/lib/python2.7/dist-packages/glanceclient/shell.py", line 564, in main
    client = self._get_versioned_client('2', args)
  File "/usr/local/lib/python2.7/dist-packages/glanceclient/shell.py", line 453, in _get_versioned_client
    region_name=args.os_region_name)
  File "/usr/local/lib/python2.7/dist-packages/keystoneauth1/session.py", line 947, in get_endpoint
    return auth.get_endpoint(self, **kwargs)
  File "/usr/local/lib/python2.7/dist-packages/keystoneauth1/identity/base.py", line 378, in get_endpoint
    allow_version_hack=allow_version_hack, **kwargs)
  File "/usr/local/lib/python2.7/dist-packages/keystoneauth1/identity/base.py", line 269, in get_endpoint_data
    service_catalog = self.get_access(session).service_catalog
  File "/usr/local/lib/python2.7/dist-packages/keystoneauth1/identity/base.py", line 135, in get_access
    self.auth_ref = self.get_auth_ref(session)
  File "/usr/local/lib/python2.7/dist-packages/keystoneauth1/identity/v3/base.py", line 167, in get_auth_ref
    authenticated=False, log=False, **rkwargs)
  File "/usr/local/lib/python2.7/dist-packages/keystoneauth1/session.py", line 853, in post
    return self.request(url, 'POST', **kwargs)
  File "/usr/local/lib/python2.7/dist-packages/positional/__init__.py", line 108, in inner
    return wrapped(*args, **kwargs)
  File "/usr/local/lib/python2.7/dist-packages/keystoneauth1/session.py", line 703, in request
    resp = send(**kwargs)
  File "/usr/local/lib/python2.7/dist-packages/keystoneauth1/session.py", line 777, in _send_request
    raise exceptions.ConnectFailure(msg)
ConnectFailure: Unable to establish connection to https://128.224.150.89:5000/v3/auth/tokens: HTTPSConnectionPool(host='128.224.150.89', port=5000): Max retries exceeded with url: /v3/auth/tokens (Caused by SSLError(SSLError("bad handshake: Error([('SSL routines', 'tls_process_server_certificate', 'certificate verify failed')],)",),))
Unable to establish connection to https://128.224.150.89:5000/v3/auth/tokens: HTTPSConnectionPool(host='128.224.150.89', port=5000): Max retries exceeded with url: /v3/auth/tokens (Caused by SSLError(SSLError("bad handshake: Error([('SSL routines', 'tls_process_server_certificate', 'certificate verify failed')],)",),))

WORKAROUND: Pass the cacert with the cmd:
glance --debug --os-cacert /home/ubuntu/wrs-remote-clients-2.0.0/wrs-remote-clients-2.0.0/server-with-key.pem image-list