Task #6224
Updated by daviddavis over 3 years ago
In Automation Hub, we're syncing against a remote server using a ca cert. The remote server redirects to an S3 location which throws a SSLCertVerificationError. It appears that when setting a remote ca_cert[0], the system ca is ignored. Talking with bmbouter, we think this is the correct behavior but it should be documented that setting a ca_cert on remote will cause the system ca cert to be ignored. Also, we should also add a note such as "When syncing from a Pulp that has S3 set up (or any Remote or one that redirects to a different domain with a different cert), involves redirects, the CA chain will need to include all necessary certs." [0] https://github.com/pulp/pulpcore/blob/bcbe95319d66772070a44ca5bd0987e712b93099/pulpcore/download/factory.py#L84-L85