Created attachment 916527 [details] Test CA that will reproduce the bug Description of problem: Given two servers A and B configured using rhc, if A uses a custom CA and B does not use the same CA then switching from A to B will fail. Here's how to reproduce using the attahced test CA: ~/.openshift/express.conf libra_server=broker.example.com --- - server: hostname: openshift.redhat.com use_authorization_tokens: true nickname: online insecure: false login: XXXXXX - server: hostname: broker.example.com use_authorization_tokens: true nickname: ose ssl_ca_file: [see attached] insecure: false login: XXXXXXX $ rhc server use online => "The server's certificate could not be verified..." Version-Release number of selected component (if applicable): 1.26.9 Additional info: This appears to be due to the following logic: https://github.com/openshift/rhc/blob/master/lib/rhc/commands/server.rb#L210 'options' behaves like a global variable and is set to broker.example.com's setting when rhc starts up. When the use command is run it then triggers this logic but the CA setting is not removed when the new setting is nil.
Commit pushed to master at https://github.com/openshift/rhc https://github.com/openshift/rhc/commit/0676da829522112196044a670210998805990c9b Bug 1117466 - should not reuse SSL certs from different server configs
Verified on the lastest rhc build from devenv_4950 Could switch servers when they have different CA files. --- - server: hostname: openshift.redhat.com nickname: online login: XXXXXXXXX use_authorization_tokens: true insecure: false - server: hostname: int.openshift.redhat.com nickname: int login: XXXXXXXX use_authorization_tokens: true insecure: true ssl_version: SSLv3 ssl_client_cert_file: ./cert/server.crt ssl_ca_file: ./root-ca.crt.pem Mark bug as verified.
rhc-1.28.0 build from devenv_4962 Given two servers A and B configured using rhc, if A uses timeout parameter and B does not use the same parameter.Then switching from A to B, B will use A server's timeout value. step 1: Server list Server 'online' (in use) ------------------------ Hostname: openshift.redhat.com Login: XXXXXXXXXXX Use Auth Tokens: true Insecure: false Timeout: 22 Server 'stg' ------------ Hostname: stg.openshift.redhat.com Login: XXXXXXXXXX Use Auth Tokens: true Insecure: true 2.Switch online to stg 3.Server list, stg shares online's timeout parameter. Server 'online' --------------- Hostname: openshift.redhat.com Login: xiuwang+6 Use Auth Tokens: true Insecure: false Timeout: 22 Server 'stg' (in use) --------------------- Hostname: stg.openshift.redhat.com Login: xiuwang Use Auth Tokens: true Insecure: true Timeout: 22
Timeout issue fixed in https://github.com/openshift/rhc/pull/625
Commit pushed to master at https://github.com/openshift/rhc https://github.com/openshift/rhc/commit/96a22b95112402476c401568cc1ba796f39ffe2e Bug 1117466 - fixes overriding timeout config
rhc build from devenv_4967 Can't reproduce this issue of comment 3. Move bug to verified. Thanks!