There should be a way to make insecure request if ca-certificate path is not set in cfn transport

Bug #1549797 reported by Ishant Tyagi
10
This bug affects 2 people
Affects Status Importance Assigned to Milestone
os-collect-config
Undecided
Ishant Tyagi

Bug Description

My cfn server is configured for https and os-collect-config fails with error.

/opt/stack/venvs/os-collect-config/local/lib/python2.7/site-packages/requests/packages/urllib3/util/ssl_.py:100: InsecurePlatformWarning: A true SSLContext object is not available. This prevents urllib3 from configuring SSL appropriately and may cause certain SSL connections to fail. For more information, see https://urllib3.readthedocs.org/en/latest/security.html#insecureplatformwarning.
  InsecurePlatformWarning
2016-02-25 11:47:48.086 3607 WARNING os_collect_config.cfn [-] [Errno 1] _ssl.c:510: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
2016-02-25 11:47:48.087 3607 WARNING os-collect-config [-] Source [cfn] Unavailable.
2016-02-25 11:47:48.087 3607 INFO os_collect_config.heat [-] No auth_url configured.
2016-02-25 11:47:48.088 3607 DEBUG os-collect-config [-] Source [heat] Not configured. collect_all /opt/stack/venvs/os-collect-config/local/l

ca-certificate is not set in the os-collect-config.conf as it is not available in the image.

There should be a way to make insecure request if ca-certificate path is not set in the conf.

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to os-collect-config (master)

Fix proposed to branch: master
Review: https://review.openstack.org/284725

Changed in os-collect-config:
assignee: nobody → Ishant Tyagi (ishant-tyagi)
status: New → In Progress
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Change abandoned on os-collect-config (master)

Change abandoned by Emilien Macchi (<email address hidden>) on branch: master
Review: https://review.openstack.org/284725
Reason: Per policy documented here: http://specs.openstack.org/openstack/tripleo-specs/specs/policy/patch-abandomment.html - we decided to abandon this patch. If you want to work on it again, feel free to restore it. Any question about that can be asked on #tripleo.

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers