There should be a way to make insecure request if ca-certificate path is not set in cfn transport

Bug #1549797 reported by Ishant Tyagi
10
This bug affects 2 people
Affects Status Importance Assigned to Milestone
os-collect-config
In Progress
Undecided
Ishant Tyagi

Bug Description

My cfn server is configured for https and os-collect-config fails with error.

/opt/stack/venvs/os-collect-config/local/lib/python2.7/site-packages/requests/packages/urllib3/util/ssl_.py:100: InsecurePlatformWarning: A true SSLContext object is not available. This prevents urllib3 from configuring SSL appropriately and may cause certain SSL connections to fail. For more information, see https://urllib3.readthedocs.org/en/latest/security.html#insecureplatformwarning.
  InsecurePlatformWarning
2016-02-25 11:47:48.086 3607 WARNING os_collect_config.cfn [-] [Errno 1] _ssl.c:510: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
2016-02-25 11:47:48.087 3607 WARNING os-collect-config [-] Source [cfn] Unavailable.
2016-02-25 11:47:48.087 3607 INFO os_collect_config.heat [-] No auth_url configured.
2016-02-25 11:47:48.088 3607 DEBUG os-collect-config [-] Source [heat] Not configured. collect_all /opt/stack/venvs/os-collect-config/local/l

ca-certificate is not set in the os-collect-config.conf as it is not available in the image.

There should be a way to make insecure request if ca-certificate path is not set in the conf.

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to os-collect-config (master)

Fix proposed to branch: master
Review: https://review.openstack.org/284725

Changed in os-collect-config:
assignee: nobody → Ishant Tyagi (ishant-tyagi)
status: New → In Progress
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Change abandoned on os-collect-config (master)

Change abandoned by Emilien Macchi (<email address hidden>) on branch: master
Review: https://review.openstack.org/284725
Reason: Per policy documented here: http://specs.openstack.org/openstack/tripleo-specs/specs/policy/patch-abandomment.html - we decided to abandon this patch. If you want to work on it again, feel free to restore it. Any question about that can be asked on #tripleo.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.