verifycert option does not disable certificate signed by unknown authority error

[Arceoavs]

I have an API Endpoint that is signed with an unknown authority. According to the Wiki Entry, the verifycert should disable the "x509: certificate signed by unknown authority" error. This does not work as expected, since the error still occurs.

The verifysslcert from the old wiki does not work either.

Cloudmonkey Version: 6.2.0

[rohityadavcloud]

Thanks for reporting @Arceoavs just to reconfirm, setting the verifycert option makes no difference for you in using cmk ?

[Arceoavs]

Yes exactly. I get the error with and without setting the option.

[nvazquez]

Hi @Arceoavs I've tried replicating the issue on CMK 6.2.0 but I'm unable to replicate it with a self-signed certificate on the API endpoint. Can you please provide more information about the certificate and keystore generation on the CloudStack management server?

Apache CloudStack 🐵 CloudMonkey 6.2.0
Report issues: https://github.com/apache/cloudstack-cloudmonkey/issues

(localcloud) 🐱 > set url https://10.0.34.173:8443/client/api
(localcloud) 🐱 > sync
🙈 Error: Get "https://10.0.34.173:8443/client/api?apiKey=<API_KEY>&command=listApis&listall=true&response=json&signature=<SIGNATURE>": x509: cannot validate certificate for 10.0.34.173 because it doesn't contain any IP SANs
(localcloud) 🐱 > set verifycert false
(localcloud) 🐱 > sync
Discovered 693 APIs

[rohityadavcloud]

@Arceoavs the old wiki docs are applicable only for the python based cloudmonkey, the new docs are here https://github.com/apache/cloudstack-cloudmonkey/wiki/Usage for cmk 6.2.0+

Closing on the remark that this isn't a problem if you use the right parameter with cmk 6.2.0+. Thanks for reporting, however, let's re-open if we can reproduce this issue.