--skip-ssl-validation is not working

smarsh-tim commented 2 years ago

I am attempting to follow the documentation listed here on rotating TLS certificates via uaac: https://community.pivotal.io/s/article/How-to-Regenerate-the-Bosh-Director-SSL-Certificate?language=en_US

But I am receiving this:

% uaac token owner get                                          

Client ID:  opsman
Client secret:  

CF::UAA::SSLException: Invalid SSL Cert for https://10.10.1.6:8844/uaa/login. Use '--skip-ssl-validation' to continue with an insecure target

attempt to get token failed
%
%
% uaac token owner get --skip-ssl-validation

Invalid option: skip_ssl_validation

  token owner get [client] [user]  Gets a token with a resource owner password grant
                                   -s | --secret <secret>, client secret
                                   -p | --password <password>, user password
                                   --scope <list>

This similar issue has been opened several times, but keeps getting closed without resolution:

How are we intended to execute these steps if the SSL certificate has expired or become corrupted? There must be a way to skip the SSL validation in order to correct the SSL certificates.

cf-gitbot commented 2 years ago

We have created an issue in Pivotal Tracker to manage this:

https://www.pivotaltracker.com/story/show/181899847

The labels on this github issue will be updated when the story is started.

strehle commented 2 years ago

Hi, you need to add the skip... option to target see https://github.com/cloudfoundry/cf-uaac#caveats-in-connecting

I tested this on a ruby 2.7.4 with ubuntu 20.x and it works as expected.

In this way it should work uaac target https://10.10.1.6:8844/uaa --skip-ssl-validatio uaac token owner get

If not, then you can describe your environment, e.g. ruby version.... or do you use a Mac ?

strehle commented 2 years ago

close after 2 weeks now

cloudfoundry / cf-uaac

--skip-ssl-validation is not working #110