kolla-ansible

CloudKitty keystone fetcher authentication fails with internal TLS

Bug #2000096 reported by Pierre Riteau on 2022-12-19

This bug affects 4 people

Affects		Status	Importance	Assigned to	Milestone
	kolla-ansible	Confirmed	Undecided	Unassigned

Bug Description

When internal TLS is enabled with a local CA, CloudKitty's keystone fetcher fails with authenticate with Keystone:

WARNING keystoneauth.identity.generic.base [-] Failed to discover available identity versions when contacting https://<VIP>:35357. Attempting to parse version from URL.: keystoneauth1.exceptions.connection.SSLError: SSL exception connecting to https://<VIP>:35357: HTTPSConnectionPool(host='<VIP>', port=35357): Max retries exceeded with url: / (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1131)')))

Noticed on Wallaby but likely to apply to all versions.

Gaël THEROND (gtherond) on 2023-05-31

Changed in kolla-ansible:
status:	New → Confirmed

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.