Actions
Issue #7268
closed
Pulp can't connect to server with self signed certificates
Status:
CLOSED - WORKSFORME
Priority:
Normal
Assignee:
-
Category:
-
Sprint/Milestone:
-
Start date:
Due date:
Estimated time:
Severity:
2. Medium
Version:
Master
Platform Release:
OS:
Triaged:
No
Groomed:
No
Sprint Candidate:
No
Tags:
Single Container
Sprint:
Quarter:
Description
We try the scripts from pulp-rpm and we get the following error:
{
"pulp_href": "/pulp/api/v3/tasks/7279ef70-2ec6-43a4-8f67-a2b3bc8bea29/",
"pulp_created": "2020-08-04T12:55:33.163985Z",
"state": "failed",
"name": "pulp_rpm.app.tasks.synchronizing.synchronize",
"started_at": "2020-08-04T12:55:33.240388Z",
"finished_at": "2020-08-04T12:55:33.778391Z",
"error": {
"traceback": " File \"/usr/local/lib/python3.7/site-packages/rq/worker.py\", line 883, in perform_job\n rv = job.perform()\n File \"/usr/local/lib/python3.7/site-packages/rq/job.py\", line 657, in perform\n self._result = self._execute()\n File \"/usr/local/lib/python3.7/site-packages/rq/job.py\", line 663, in _execute\n return self.func(*self.args, **self.kwargs)\n File \"/usr/local/lib/python3.7/site-packages/pulp_rpm/app/tasks/synchronizing.py\", line 129, in synchronize\n treeinfo = get_treeinfo_data(remote)\n File \"/usr/local/lib/python3.7/site-packages/pulp_rpm/app/kickstart/treeinfo.py\", line 24, in get_treeinfo_data\n result = downloader.fetch()\n File \"/usr/local/lib/python3.7/site-packages/pulpcore/download/base.py\", line 160, in fetch\n return done.pop().result()\n File \"/usr/local/lib/python3.7/site-packages/pulpcore/download/base.py\", line 227, in run\n return await self._run(extra_data=extra_data)\n File \"/usr/local/lib/python3.7/site-packages/backoff/_async.py\", line 133, in retry\n ret = await target(*args, **kwargs)\n File \"/usr/local/lib/python3.7/site-packages/pulpcore/download/http.py\", line 197, in _run\n async with self.session.get(self.url, proxy=self.proxy, auth=self.auth) as response:\n File \"/usr/local/lib64/python3.7/site-packages/aiohttp/client.py\", line 1012, in __aenter__\n self._resp = await self._coro\n File \"/usr/local/lib64/python3.7/site-packages/aiohttp/client.py\", line 483, in _request\n timeout=real_timeout\n File \"/usr/local/lib64/python3.7/site-packages/aiohttp/connector.py\", line 523, in connect\n proto = await self._create_connection(req, traces, timeout)\n File \"/usr/local/lib64/python3.7/site-packages/aiohttp/connector.py\", line 859, in _create_connection\n req, traces, timeout)\n File \"/usr/local/lib64/python3.7/site-packages/aiohttp/connector.py\", line 1004, in _create_direct_connection\n raise last_exc\n File \"/usr/local/lib64/python3.7/site-packages/aiohttp/connector.py\", line 986, in _create_direct_connection\n req=req, client_error=client_error)\n File \"/usr/local/lib64/python3.7/site-packages/aiohttp/connector.py\", line 939, in _wrap_create_connection\n req.connection_key, exc) from exc\n",
"description": "Cannot connect to host fixtures.pulpproject.org:443 ssl:True [SSLCertVerificationError: (1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1091)')]"
},
"worker": "/pulp/api/v3/workers/d20ffb20-545c-4d65-b7e3-6185f7d25b89/",
"parent_task": null,
"child_tasks": [],
"task_group": null,
"progress_reports": [],
"created_resources": [],
"reserved_resources_record": [
"/pulp/api/v3/repositories/rpm/rpm/0c392a49-6b82-4171-a393-c64e0f544399/",
"/pulp/api/v3/remotes/rpm/rpm/ad6ca5ac-d2d8-4d05-90a2-4b39f1ea1f36/"
]
}
Obviously pulp can't connect to a server which use a self signed certificate. We looked in documentation but there seems no configuration option to make pulp able to handle self signed certificates or don't verify such kind of certificates.
Is there an option to configure pulp to don't verify ssl certificates?
Actions
.