Actions
Issue #1091
closed
registering consumer prints a message about RSA key download failure
Start date:
Due date:
Estimated time:
Severity:
2. Medium
Version:
Platform Release:
OS:
Fedora 22
Triaged:
Yes
Groomed:
No
Sprint Candidate:
No
Tags:
Pulp 2
Sprint:
Quarter:
Description
sudo pulp-consumer -u admin -p admin register --consumer-id c1
Download server RSA key failed [<urlopen error [SSL: CERTIFICATE_VERIFY_FAILED]
certificate verify failed (_ssl.c:581)>]
Consumer [c1] successfully registered
Updated by bcourt over 8 years ago
- Priority changed from Normal to High
- Triaged changed from No to Yes
Updated by jcline@redhat.com almost 8 years ago
- Status changed from NEW to ASSIGNED
- Assignee set to jcline@redhat.com
Updated by jcline@redhat.com almost 8 years ago
The error in question is because the Apache server certificate is not trusted. On master (what will be 2.8) I see the following when I do not trust the CA that signed the apache certificate:
[vagrant@dev pulp]$ sudo pulp-consumer -u admin -p admin register --consumer-id c1
WARNING: The server's SSL certificate is untrusted!
The server's SSL certificate was not signed by a trusted authority. This could
be due to a man-in-the-middle attack, or it could be that the Pulp server needs
to have its certificate signed by a trusted authority. If you are willing to
accept the associated risks, you can set verify_ssl to False in the client
config's [server] section to disable this check.
And this when the certificate is trusted or you choose not to verify the signature:
[vagrant@dev pulp]$ sudo pulp-consumer -u admin -p admin register --consumer-id c1
Consumer [c1] successfully registered
[vagrant@dev pulp]$ sudo pulp-consumer -u admin -p admin unregister
Consumer [c1] successfully unregistered
Updated by jcline@redhat.com almost 8 years ago
I was unable to reproduce this on master or 2.7
Updated by jcline@redhat.com almost 8 years ago
- Status changed from ASSIGNED to CLOSED - WORKSFORME
Actions
.