Closed The-Loeki closed 5 years ago
Ping @erjohnso.
@tonybaloney - isn't this the same thing you were discussing in https://github.com/saltstack/salt/pull/40837?
Yes it is. That needs to get merged first. Or a version of it. There's a hack for SuSE that no longer applies or works in 2.0>
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.
If this issue is closed prematurely, please leave a comment and we will gladly reopen the issue.
Description of Issue/Question
A couple of months ago, apparently someone had some real issue with YAST's CA certs; they're now hardcoded appended to
libcloud.security.CA_CERT_PATHS
to a number of drivers (e.g. CloudStack, Dimension Data, GCE).However, at
libcloud
they recently refactored the lot to default CA_CERT_PATHS to None.Discussion
I don't think the certificates should be hardcoded across the board, there must be a more elegant way to do that. Secondly, the reason the
libcloud
guys now set it toNone
(which arguably could be[]
to solve this as well) is because they're enthousiastic aboutcertifi
; maybe it's not such a bad idea to keep with that convention as that package provides a much-better curated list of CA's than a few distro's out there doRelated
https://github.com/apache/libcloud/commit/a4ad8d4a44dbf6069d924cdadabfff522ed703e6 https://github.com/saltstack/salt/issues/32743
Steps to Reproduce Issue
Versions Report