← Back to team overview

yahoo-eng-team team mailing list archive

  1. yahoo-eng-team team
  2. Mailing list archive
  3. Message #70486

[Bug 1744494] [NEW] Swift backend does not support insecure Keystone v3 with SSL

  Thread PreviousDate PreviousThread Next 
Public bug reported:

The swift glance_store client does not create an insecure auth client
when using Keystone v3 with an unsigned cert delivering Swift service
endpoints. With keystone authtoken insecure=true and
swift_store_auth_insecure=true, Glance returns the following error when
uploading a new image:

http://paste.openstack.org/show/648868/

glance-api_1 | 2018-01-20 19:50:43.409 208 ERROR glance.common.wsgi
BackendException: Cannot find swift service endpoint : Unable to
establish connection to https://192.168.1.44:35357/v3/auth/tokens:
HTTPSConnectionPool(host='192.168.1.44', port=35357): Max retries
exceeded with url: /v3/auth/tokens (Caused by SSLError(SSLError("bad
handshake: Error([('SSL routines', 'tls_process_server_certificate',
'certificate verify failed')],)",),))

** Affects: glance
     Importance: Undecided
         Status: New

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to Glance.
https://bugs.launchpad.net/bugs/1744494

Title:
  Swift backend does not support insecure Keystone v3 with SSL

Status in Glance:
  New

Bug description:
  The swift glance_store client does not create an insecure auth client
  when using Keystone v3 with an unsigned cert delivering Swift service
  endpoints. With keystone authtoken insecure=true and
  swift_store_auth_insecure=true, Glance returns the following error
  when uploading a new image:

  http://paste.openstack.org/show/648868/

  glance-api_1 | 2018-01-20 19:50:43.409 208 ERROR glance.common.wsgi
  BackendException: Cannot find swift service endpoint : Unable to
  establish connection to https://192.168.1.44:35357/v3/auth/tokens:
  HTTPSConnectionPool(host='192.168.1.44', port=35357): Max retries
  exceeded with url: /v3/auth/tokens (Caused by SSLError(SSLError("bad
  handshake: Error([('SSL routines', 'tls_process_server_certificate',
  'certificate verify failed')],)",),))

To manage notifications about this bug go to:
https://bugs.launchpad.net/glance/+bug/1744494/+subscriptions

Follow ups

  Thread PreviousDate PreviousThread Next