Bug 1345735

Summary: [RFE] --insecure option to make bkr skip SSL certificate validity checks
Product: [Retired] Beaker Reporter: Dan Callaghan <dcallagh>
Component: command lineAssignee: Dan Callaghan <dcallagh>
Status: CLOSED CURRENTRELEASE QA Contact: tools-bugs <tools-bugs>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 22CC: dcallagh, dowang, mjia, rjoost
Target Milestone: 23.1Keywords: FutureFeature, Patch
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2016-08-11 01:24:55 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Dan Callaghan 2016-06-13 05:17:31 UTC 
Similar to curl and the OpenStack CLIs, bkr should have an option --insecure which will skip validity checks for the server SSL certificate.

In particular this will make it possible to use bkr on Beaker-provisioned systems to talk to a Beaker server which is using an SSL cert issued by a private CA, like in our environment.

For background see https://gerrit.beaker-project.org/4934
Comment 1 Dan Callaghan 2016-06-13 06:42:42 UTC 
http://gerrit.beaker-project.org/4982
Comment 2 Dan Callaghan 2016-06-13 06:43:42 UTC 
I also made a config option for this, SSL_VERIFY defaulting to True. When set to False it tells requests to skip SSL cert checks (xmlrpclib already does no SSL cert checks...). The --insecure option is equivalent to setting SSL_VERIFY=False.
Comment 3 Dan Callaghan 2016-07-12 06:50:59 UTC 
This bug fix is included in beaker-client-23.1-0.git.3.f9ce229 which is currently available for download here:

https://beaker-project.org/nightlies/release-23/
Comment 5 Dan Callaghan 2016-08-11 01:24:55 UTC 
Beaker 23.1 has been released.