Bug 1136434
Summary: | rhevm-image-uploader ignores insecure option | |||
---|---|---|---|---|
Product: | Red Hat Enterprise Virtualization Manager | Reporter: | akotov | |
Component: | ovirt-image-uploader | Assignee: | Simone Tiraboschi <stirabos> | |
Status: | CLOSED ERRATA | QA Contact: | Pavel Stehlik <pstehlik> | |
Severity: | medium | Docs Contact: | ||
Priority: | urgent | |||
Version: | 3.4.0 | CC: | adahms, ecohen, gklein, iheim, jbuchta, pstehlik, rbalakri, rdlugyhe, Rhev-m-bugs, sbonazzo, sherold, slitmano, stirabos, yeylon | |
Target Milestone: | --- | Keywords: | ZStream | |
Target Release: | 3.5.0 | |||
Hardware: | Unspecified | |||
OS: | Unspecified | |||
Whiteboard: | integration | |||
Fixed In Version: | Doc Type: | Bug Fix | ||
Doc Text: |
Previously, the rhevm-image-uploader tool would ignore the --insecure option, causing image upload operations to fail and display an unnecessary trace. With this update, the --insecure option now functions correctly.
|
Story Points: | --- | |
Clone Of: | ||||
: | 1138558 (view as bug list) | Environment: | ||
Last Closed: | 2015-02-11 17:46:54 UTC | Type: | Bug | |
Regression: | --- | Mount Type: | --- | |
Documentation: | --- | CRM: | ||
Verified Versions: | Category: | --- | ||
oVirt Team: | External | RHEL 7.3 requirements from Atomic Host: | ||
Cloudforms Team: | --- | Target Upstream Version: | ||
Embargoed: | ||||
Bug Depends On: | ||||
Bug Blocks: | 1138558, 1142923, 1156165 |
Description
akotov
2014-09-02 14:39:08 UTC
Simone, can you check what's going on? This bug is supposed to be fixed as per bug #1104500 on rhevm-image-uploader-3.4.1-1.el6ev It's a bit tricky indeed and not so easy to found. Python SDK insecure parameter simply skips hostname validation from API cert; if, at the same, we also pass a CA cert it still tries to validate that cert against that CA (independently from the hostname). By default image-uploader is trying to read the CA file from /etc/pki/ovirt-engine/ca.pem so, if your are running image-uploader from another engine host, it founds another CA cert witch make API cert verification failing. I'm not sure if it's better to fix it here or on python SDK side. It also fails if ca.pem is missing completely, not just if CA does not match the host in rhevm-image-uploader-3.5.0-0.3.beta.el6ev.noarch Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://rhn.redhat.com/errata/RHBA-2015-0192.html > upstream ovirt-engine-uploader fails too Disambiguation: The upstream utility is called "engine-iso-uploader" rather than "ovirt-engine-uploader." Red Hat calls the downstream utility "engine-image-uploader." Additional resources: * https://www.ovirt.org/documentation/admin-guide/chap-Utilities.html#the-iso-uploader-tool * https://access.redhat.com/discussions/3068711 |