troykelly
commented
2 months ago Can you share the config (without tokens) that you are using?
Closed pablomarquesmendez closed 2 weeks ago
troykelly
commented
2 months ago Can you share the config (without tokens) that you are using?
pablomarquesmendez
commented
2 months ago Can you share the config (without tokens) that you are using?
sure
email: pmarques@miamilinux.net
updatedelay: 100
domains:
- ha.example.com
certfile: fullchain.pem
keyfile: privkey.pem
dns:
provider: infoblox
infoblox_auth_psw: password
infoblox_auth_user: infobloxuser
infoblox_ib_host: gridman.example.com
infoblox_ib_view: ExternalThank you
troykelly
commented
2 months ago I can't see a way sorry @pablomarquesmendez There's nothing in the lexicon documentation
troykelly
commented
2 weeks ago Closing this for now, let me know if you need anything else.
Problem/Motivation
It does not work when a cert in the infoblox (and others maybe) server is a self signed cert.
Expected behavior
To succeed
Actual behavior
I am getting requests.exceptions.SSLError: HTTPSConnectionPool(host='infoblox.example.com', port=443): Max retries exceeded with url: /wapi/v2.6.1/zone_auth?fqdn=example.com&view=default (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1000)'))) ERROR: deploy_challenge hook returned with non-zero exit code [15:21:45] WARNING: certificate refresh crashed, halting add-on
Steps to reproduce
Connect to a infoblox with a recent SSL or selfsigned certificate
Proposed changes
Can a checkSSL=False variable be implemented in the config ?