Issue #531
closed
pulp.bindings.server.DEFAULT_CA_PATH does not point to a valid certificate pack
Description
Description of problem:
pulp.bindings.server.DEFAULT_CA_PATH is set to '/etc/pki/tls/certs/' when it should be set to '/etc/pki/tls/certs/ca-bundle.crt'. This means that the bindings will not work with real root certificates unless the user explicitly sets the PulpConnection's ca_path init parameter explicitly.
Version-Release number of selected component (if applicable):
2.4.0-1
How reproducible:
Every time
Steps to Reproduce:
1. Use the Pulp bindings to make a connection to a server that is using an SSL certificate that is signed by a CA that you have installed into /etc/pki/tls/certs/ca-bundle.crt, but do not pass the ca_path parameter to PulpConnection.__init__().
Actual results:
You should see an SSL trust failure raised from M2Crypto.
Expected results:
By default, we should work with root certificates installed at /etc/pki/tls/certs/ca-bundle.crt with no additional configuration.
+ This bug was cloned from Bugzilla Bug #1142376 +
.