python-novaclient SSL CA certificate validation
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
python-novaclient |
Invalid
|
Undecided
|
Unassigned |
Bug Description
Following the commit by Adam Young, we discover that python-novaclient tries to validate the CA chain
(https:/
So in case that the CA certificate is not bundled with the distribution, it refuses to do any operation due to the invalid certificate chain.
This could be solved by specifying an extra parameter with the CA chain in python-novaclient and pass it to httplib2 component.
or bypass the CA certificate validation
--- novaclient/
+++ novaclient/
@@ -57,7 +57,7 @@
# httplib2 overrides
- self.disable_
+ self.disable_
def http_log(self, args, kwargs, resp, body):
if 'NOVACLIENT_DEBUG' in os.environ and os.environ[
Changed in python-novaclient: | |
status: | New → Invalid |
I have just noticed that if --insecure is specified it does not validate the CA chain.