juju login on unregistered controller fails with cert errors
Bug #1921557 reported by
Garry Lawrence
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| Canonical Juju |
Fix Released
|
High
|
Thomas Miller | ||
| 2.8 |
Fix Released
|
High
|
Thomas Miller | ||
Bug Description
Steps to reproduce:
Prepare to bootstrap on localhost cloud as usual.
Run bootstrap command, note controller IP address in output
Run juju change-
Run juju login [IP-ADDRESS]:17070 -c test_name --debug
This will prompt the user to decide whether they trust the CA fingerprint on 2.6.x and 2.7.x, debug output from 2.8.x is in an attachment.
Openssl s_client indicates that the CA certificate is not being sent by the controller as part of its cert chain during the TLS handshake.
Revision history for this message
| Garry Lawrence (invalidinterrupt) wrote | #1 |
Revision history for this message
| Garry Lawrence (invalidinterrupt) wrote | #2 |
| description: | updated |
| Changed in juju: | |
| status: | New → Triaged |
| importance: | Undecided → High |
| milestone: | none → 2.9-rc9 |
| assignee: | nobody → John A Meinel (jameinel) |
| assignee: | John A Meinel (jameinel) → Thomas Miller (tlmiller) |
| Changed in juju: | |
| status: | Triaged → In Progress |
Revision history for this message
| Thomas Miller (tlmiller) wrote | #3 |
| Changed in juju: | |
| milestone: | 2.9-rc9 → 2.9-rc10 |
Revision history for this message
| Thomas Miller (tlmiller) wrote | #4 |
| Changed in juju: | |
| status: | In Progress → Fix Committed |
| status: | Fix Committed → In Progress |
| Changed in juju: | |
| status: | In Progress → Fix Committed |
| Changed in juju: | |
| status: | Fix Committed → Fix Released |
To post a comment you must log in.
I don't have a build chain for juju set up to test with yet so I can't test my theory, but I haven't found a replacement for the logic removed here: https:/