It was found that Salt does not verify the certificate when connecting via the aliyun, proxmox, and splunk modules. This flaw has been fixed in version 2014.7.6: https://groups.google.com/forum/#!topic/salt-users/8Kv1bytGD6c
Created salt tracking bugs for this issue: Affects: fedora-all [bug 1222961] Affects: epel-all [bug 1222962]
This fix was part of 2015.5.0, which was packaged on 11 May 2015. Closing.
We still want this open for some Red Hat products. Thank you for updating Fedora/EPEL.
Why?
There are Red Hat products which include this component. They will still be looked at to determine if this issue needs fixing there. We want to keep this open until those are fully dealt with. You can un-CC from this bug if you have no further action here.
FWIW: Calamari (that uses salt) does not use any of these modules with salt, see: http://lists.ceph.com/pipermail/ceph-calamari-ceph.com/2015-May/000090.html
Salt package as shipped in ceph-1.2 and ceph-1.3 is affected , but it does not affect ceph in a way salt is used by calamari in ceph-1.2 and ceph-1.3 versions