Bug 998334
Summary: | RFE: Provide a way to disable ssl cert checks | ||
---|---|---|---|
Product: | [Community] PressGang CCMS | Reporter: | Lee Newson <lnewson> |
Component: | CSProcessor | Assignee: | Lee Newson <lnewson> |
Status: | CLOSED CURRENTRELEASE | QA Contact: | |
Severity: | unspecified | Docs Contact: | |
Priority: | unspecified | ||
Version: | 1.x | CC: | mcaspers |
Target Milestone: | --- | ||
Target Release: | 1.3 | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2013-12-03 22:16:13 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Lee Newson
2013-08-19 05:01:24 UTC
Added in 1.3-SNAPSHOT build 201311081229 The csprocessor now has a --disable-ssl-cert option on the push-translation command to disable the ssl certification validation. I've also added this option to the sync-translation command for cspclient-1.3-3.noarch.rpm Additional testing notes: The best way to test this is to remove the Red Hat IS CA Cert by running the following command: keytool -delete -alias rhiscacert -keystore keystore.jks and then run a command that connects to the internal zanata instance with the --disable-ssl-cert option set. If you then get past the connecting stage (ie it'll say "Connection to Zanata server: ..."), then this option works. Forgot to mention that keystore.jks should be the location of your java installs cacerts file. The path below shows an example of the location of this file: /usr/lib/jvm/jre-1.7.0-openjdk.x86_64/lib/security/cacerts Note: For OpenJDK installs on Fedora/RHEL the above is normally a simlink to /etc/pki/java/cacerts There were no errors when I tried --disable-ssl-cert against the test zanata instance. The test zanata instance doesn't implement HTTPS though. Fixed in 1.3-SNAPSHOT build 201311280944 The name of the resource was incorrect and also I had missed passing through the disable option for sync-translation in the initial host check. Ignore the above error. I tested a sync without a cert against the dev server and it worked ok. |