sudeephb
commented
6 months ago (by pguimaraes) I did not run the same tests on focal.
Open sudeephb opened 6 months ago
sudeephb
commented
6 months ago (by pguimaraes) I did not run the same tests on focal.
Running latest charm of openstack-service-checks with TLS and ssl_* options for certificates.
When setting up trusted_ssl_ca to the same value as ssl_ca on my openstack charms, I start to get the following on juju logs:
requests.exceptions.SSLError: HTTPSConnectionPool(host='', port=35357): Max retries exceeded with url: /v3/auth/tokens (Caused by SSLError(SSLError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:852)'),))
Hooks eventually fail and charm goes to blocked status.
I've tested the following: OpenStack-service-checks on bionic, on its container, open a python3 cli and run:
That seems to work, although Keystone returns 401.
Now, if I source the .venv present on openstack-service-checks v4 and run the same commands as above, I am able to reproduce: [SSL: CERTIFICATE_VERIFY_FAILED]
Checking Bionic's python3-requests version, it is on 2.18, while o-s-c v4 is shipped with requests v2.25 within its wheelhouse folder.
I also did not need to run steps described on: https://bugs.launchpad.net/charm-openstack-service-checks/+bug/1924816
Imported from Launchpad using lp2gh.
date created: 2021-04-29T23:37:05Z
owner: pguimaraes
assignee: None
duplicate of: #5
the launchpad url