Default to requests cert bundle instead of nothing
Bug #1362179 reported by
Rob Crittenden
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| Glance Client |
Fix Released
|
Undecided
|
Unassigned | ||
Bug Description
If no CA certificate was provided to a glance client call then verify is set to None which generally results in failure because there are no CA certs at all to validate against. It should instead default to requests.
From certs.py:
"This module returns the preferred default CA certificate bundle.
If you are packaging Requests, e.g., for a Linux distribution or a managed
environment, you can change the definition of where() to return a separately
packaged CA bundle."
In Fedora/RHEL this is set to /etc/pki/
In Ubuntu 14.04 and Debian Wheezy it is set to /etc/ssl/
Revision history for this message
| OpenStack Infra (hudson-openstack) wrote Fix merged to python-glanceclient (master) | #1 |
| Changed in python-glanceclient: | |
| status: | New → Fix Committed |
| Changed in python-glanceclient: | |
| status: | Fix Committed → Fix Released |
To post a comment you must log in.
Reviewed: https:/
Committed: https:/
Submitter: Jenkins
Branch: master
commit 929a72e76fe1dd7
Author: Rob Crittenden <email address hidden>
Date: Tue Aug 26 18:12:19 2014 -0400
Default to system CA bundle if no CA certificate is provided
If no CA certificate is provided to be used for validation then
fall back to the system-wide CA bundle as presented by
python-
Change-Id: I05206a868150d4
Closes-bug: #1362179