Zun

TLS does not work

Bug #2016917 reported by Damian Dąbrowski on 2023-04-18

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	Zun	Confirmed	High	Unassigned

Bug Description

According to the documentation, zun provides [ssl] section that allows to enable TLS.

I have defined cert_file and key_file but seems like they are not passed correctly to websockifyserver:

DEBUG zun.websocket.websocketproxy [-] exception vmsg /openstack/venvs/zun-26.1.0.dev111/lib/python3.8/site-packages/websockify/websockifyserver.py:606
ERROR zun.websocket.websocketproxy Traceback (most recent call last):
ERROR zun.websocket.websocketproxy File "/openstack/venvs/zun-26.1.0.dev111/lib/python3.8/site-packages/websockify/websockifyserver.py", line 663, in top_new_client
ERROR zun.websocket.websocketproxy client = self.do_handshake(startsock, address)
ERROR zun.websocket.websocketproxy File "/openstack/venvs/zun-26.1.0.dev111/lib/python3.8/site-packages/websockify/websockifyserver.py", line 559, in do_handshake
ERROR zun.websocket.websocketproxy context.load_cert_chain(certfile=self.cert, keyfile=self.key, password=self.key_password)
ERROR zun.websocket.websocketproxy IsADirectoryError: [Errno 21] Is a directory

During my initial troubleshooting, I noticed that these variables have following values:

self.cert = /
self.key = None

It's not a big issue for zun-api, because TLS may be enabled on uWSGI, but for zun-wsproxy I couldn't find any way to enable TLS.

I'm using master branch.

hongbin (hongbin034) on 2023-04-22

Changed in zun:
status:	New → Confirmed
importance:	Undecided → High

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.