group.of.nepali.translators team mailing list archive
-
group.of.nepali.translators team
-
Mailing list archive
-
Message #28435
[Bug 1814911] Re: charm deployment fails, when using self-signed certificate, which has IP address only (SAN)
Recommends are install when packages are upgraded:
# apt install python-urllib3
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following packages were automatically installed and are no longer required:
libfreetype6 os-prober
Use 'apt-get autoremove' to remove them.
The following extra packages will be installed:
python-ipaddress python-pyasn1
Suggested packages:
doc-base python-ntlm
Recommended packages:
python-ndg-httpsclient
The following NEW packages will be installed:
python-ipaddress python-pyasn1
The following packages will be upgraded:
python-urllib3
1 upgraded, 2 newly installed, 0 to remove and 9 not upgraded.
Need to get 131 kB of archives.
After this operation, 596 kB of additional disk space will be used.
Do you want to continue? [Y/n]
So the right fix here is to update python-urllib3 to have a Recommends
on python-ipaddress.
** Also affects: python-urllib3 (Ubuntu)
Importance: Undecided
Status: New
** Also affects: python-urllib3 (Ubuntu Xenial)
Importance: Undecided
Status: New
** Changed in: python-urllib3 (Ubuntu)
Status: New => Invalid
** Changed in: charm-helpers
Status: New => Invalid
** Changed in: cloud-archive/mitaka
Status: New => Triaged
** Changed in: python-urllib3 (Ubuntu Xenial)
Status: New => Triaged
** Changed in: cloud-archive/mitaka
Importance: Undecided => High
** Changed in: python-urllib3 (Ubuntu Xenial)
Importance: Undecided => High
** Changed in: python-urllib3 (Ubuntu Xenial)
Assignee: (unassigned) => James Page (james-page)
--
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1814911
Title:
charm deployment fails, when using self-signed certificate, which has
IP address only (SAN)
Status in Charm Helpers:
Invalid
Status in Ubuntu Cloud Archive:
Invalid
Status in Ubuntu Cloud Archive mitaka series:
Triaged
Status in python-urllib3 package in Ubuntu:
Invalid
Status in python-urllib3 source package in Xenial:
Triaged
Bug description:
E.g. radosgw charm fails, when self-signed SSL certificate has IP
address only (not hostname based).
2019-02-06 13:05:46 DEBUG identity-service-relation-changed Traceback (most recent call last):
2019-02-06 13:05:46 DEBUG identity-service-relation-changed File "/var/lib/juju/agents/unit-radosgw-int-0/charm/hooks/identity-service-relation-changed", line 400, in <module>
2019-02-06 13:05:46 DEBUG identity-service-relation-changed hooks.execute(sys.argv)
2019-02-06 13:05:46 DEBUG identity-service-relation-changed File "/var/lib/juju/agents/unit-radosgw-int-0/charm/hooks/charmhelpers/core/hookenv.py", line 800, in execute
2019-02-06 13:05:46 DEBUG identity-service-relation-changed self._hooks[hook_name]()
2019-02-06 13:05:46 DEBUG identity-service-relation-changed File "/var/lib/juju/agents/unit-radosgw-int-0/charm/hooks/charmhelpers/contrib/openstack/utils.py", line 1891, in wrapped_f
2019-02-06 13:05:46 DEBUG identity-service-relation-changed restart_functions)
2019-02-06 13:05:46 DEBUG identity-service-relation-changed File "/var/lib/juju/agents/unit-radosgw-int-0/charm/hooks/charmhelpers/core/host.py", line 730, in restart_on_change_helper
2019-02-06 13:05:46 DEBUG identity-service-relation-changed r = lambda_f()
2019-02-06 13:05:46 DEBUG identity-service-relation-changed File "/var/lib/juju/agents/unit-radosgw-int-0/charm/hooks/charmhelpers/contrib/openstack/utils.py", line 1890, in <lambda>
2019-02-06 13:05:46 DEBUG identity-service-relation-changed (lambda: f(*args, **kwargs)), restart_map, stopstart,
2019-02-06 13:05:46 DEBUG identity-service-relation-changed File "/var/lib/juju/agents/unit-radosgw-int-0/charm/hooks/identity-service-relation-changed", line 245, in identity_changed
2019-02-06 13:05:46 DEBUG identity-service-relation-changed configure_https()
2019-02-06 13:05:46 DEBUG identity-service-relation-changed File "/var/lib/juju/agents/unit-radosgw-int-0/charm/hooks/identity-service-relation-changed", line 389, in configure_https
2019-02-06 13:05:46 DEBUG identity-service-relation-changed setup_keystone_certs(CONFIGS)
2019-02-06 13:05:46 DEBUG identity-service-relation-changed File "/var/lib/juju/agents/unit-radosgw-int-0/charm/hooks/utils.py", line 356, in _inner2_defer_if_unavailable
2019-02-06 13:05:46 DEBUG identity-service-relation-changed return f(*args, **kwargs)
2019-02-06 13:05:46 DEBUG identity-service-relation-changed File "/var/lib/juju/agents/unit-radosgw-int-0/charm/hooks/utils.py", line 496, in setup_keystone_certs
2019-02-06 13:05:46 DEBUG identity-service-relation-changed get_ks_ca_cert(ksclient, auth_endpoint, certs_path)
2019-02-06 13:05:46 DEBUG identity-service-relation-changed File "/var/lib/juju/agents/unit-radosgw-int-0/charm/hooks/utils.py", line 356, in _inner2_defer_if_unavailable
2019-02-06 13:05:46 DEBUG identity-service-relation-changed return f(*args, **kwargs)
2019-02-06 13:05:46 DEBUG identity-service-relation-changed File "/var/lib/juju/agents/unit-radosgw-int-0/charm/hooks/utils.py", line 414, in get_ks_ca_cert
2019-02-06 13:05:46 DEBUG identity-service-relation-changed ca_cert = get_ks_cert(ksclient, auth_endpoint, 'ca')
2019-02-06 13:05:46 DEBUG identity-service-relation-changed File "/var/lib/juju/agents/unit-radosgw-int-0/charm/hooks/utils.py", line 356, in _inner2_defer_if_unavailable
2019-02-06 13:05:46 DEBUG identity-service-relation-changed return f(*args, **kwargs)
2019-02-06 13:05:46 DEBUG identity-service-relation-changed File "/var/lib/juju/agents/unit-radosgw-int-0/charm/hooks/utils.py", line 384, in get_ks_cert
2019-02-06 13:05:46 DEBUG identity-service-relation-changed cert = ksclient.certificates.get_ca_certificate()
2019-02-06 13:05:46 DEBUG identity-service-relation-changed File "/usr/lib/python2.7/dist-packages/keystoneclient/v2_0/certificates.py", line 29, in get_ca_certificate
2019-02-06 13:05:46 DEBUG identity-service-relation-changed resp, body = self._client.get('/certificates/ca', authenticated=False)
2019-02-06 13:05:46 DEBUG identity-service-relation-changed File "/usr/lib/python2.7/dist-packages/keystoneauth1/adapter.py", line 173, in get
2019-02-06 13:05:46 DEBUG identity-service-relation-changed return self.request(url, 'GET', **kwargs)
2019-02-06 13:05:46 DEBUG identity-service-relation-changed File "/usr/lib/python2.7/dist-packages/keystoneauth1/adapter.py", line 331, in request
2019-02-06 13:05:46 DEBUG identity-service-relation-changed resp = super(LegacyJsonAdapter, self).request(*args, **kwargs)
2019-02-06 13:05:46 DEBUG identity-service-relation-changed File "/usr/lib/python2.7/dist-packages/keystoneauth1/adapter.py", line 98, in request
2019-02-06 13:05:46 DEBUG identity-service-relation-changed return self.session.request(url, method, **kwargs)
2019-02-06 13:05:46 DEBUG identity-service-relation-changed File "/usr/lib/python2.7/dist-packages/positional/__init__.py", line 94, in inner
2019-02-06 13:05:46 DEBUG identity-service-relation-changed return func(*args, **kwargs)
2019-02-06 13:05:46 DEBUG identity-service-relation-changed File "/usr/lib/python2.7/dist-packages/keystoneclient/session.py", line 405, in request
2019-02-06 13:05:46 DEBUG identity-service-relation-changed resp = send(**kwargs)
2019-02-06 13:05:46 DEBUG identity-service-relation-changed File "/usr/lib/python2.7/dist-packages/keystoneclient/session.py", line 443, in _send_request
2019-02-06 13:05:46 DEBUG identity-service-relation-changed raise exceptions.SSLError(msg)
2019-02-06 13:05:46 DEBUG identity-service-relation-changed keystoneauth1.exceptions.connection.SSLError: SSL exception connecting to https://100.86.0.2:35357/v2.0/certificates/ca: hostname '100.86.0.2' doesn't
match '100.86.0.2'
To manage notifications about this bug go to:
https://bugs.launchpad.net/charm-helpers/+bug/1814911/+subscriptions
