python-openstackclient

Misleading error message when ssl certificate untrusted

Bug #1749144 reported by André Nähring on 2018-02-13

This bug affects 2 people

Affects		Status	Importance	Assigned to	Milestone
	keystoneauth	Fix Released	Undecided	Dr. Jens Harbott
	python-openstackclient	Invalid	Undecided	Dr. Jens Harbott

Bug Description

Using openstackclient I receive the following error:

Failed to discover available identity versions when contacting https://<HOST>:5000. Attempting to parse version from URL.
Could not determine a suitable URL for the plugin

The solution is to call openstack with the additional parameter "--insecure". The self signed certificate on the identity host is not trusted.

The error message is misleading and should be changed to reflect the problem with the trust.

Revision history for this message

André Nähring (halbbalda) wrote on 2018-02-13:

This affects

openstack 3.14.1 (git clone)

and

openstack 3.12.0

Don't know if older versions are affected too.

Dr. Jens Harbott (j-harbott) on 2018-03-16

Changed in python-openstackclient:
assignee:	nobody → Dr. Jens Harbott (j-harbott)
status:	New → Confirmed

Dr. Jens Harbott (j-harbott) on 2018-03-18

Changed in keystoneauth:
assignee:	nobody → Dr. Jens Harbott (j-harbott)
Changed in python-openstackclient:
status:	Confirmed → Invalid

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2018-03-18: Fix proposed to keystoneauth (master)

Fix proposed to branch: master
Review: https://review.openstack.org/554044

Changed in keystoneauth:
status:	New → In Progress

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2018-03-28: Fix merged to keystoneauth (master)

Reviewed: https://review.openstack.org/554044
Committed: https://git.openstack.org/cgit/openstack/keystoneauth/commit/?id=26cb0f6fcbdc96c25a3ec6abcf6d6785cfec15df
Submitter: Zuul
Branch: master

commit 26cb0f6fcbdc96c25a3ec6abcf6d6785cfec15df
Author: Jens Harbott <email address hidden>
Date: Sun Mar 18 09:33:19 2018 +0000

Be more helpful when version discovery fails

Modify the error message for failed discovery in an attempt to better
help the user fixing the issue.

    Include a reference to the actual exception that occured in the
    error message. Add SSLError to the list of caught exceptions so that
    we can log this case, too.

Add some unit tests to verify the handling of possible exceptions during
version discovery.

Change-Id: I9c26ab35d5515a937e016421e26e844212cb0bb3
Closes-Bug: 1749144

Changed in keystoneauth:
status:	In Progress → Fix Released

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2018-04-19: Fix included in openstack/keystoneauth 3.5.0

This issue was fixed in the openstack/keystoneauth 3.5.0 release.

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.