Description of problem: ssl_version in server.yml need upper cases in the beginning of the value, e.g."SSLv3".If you enter the wrong format,such as 'sslv3', rhc will say "An unexpected error occured: unknown SSL method `sslv3'. Customers will be confused.Why still get error, even have picked up one value from the promption which comes out for a totally wrong value. If enter a totally wrong value, will get friendly message: "The configuration file /home/openshift/.openshift/express.conf contains an invalid setting: The provided SSL version 'v3' is not valid. Supported values: tlsv1, tlsv1_server, tlsv1_client, tlsv1_2,tlsv1_2_server, tlsv1_2_client, tlsv1_1, tlsv1_1_server, tlsv1_1_client, sslv2, sslv2_server,sslv2_client, sslv3, sslv3_server, sslv3_client, sslv23, sslv23_server, sslv23_client". Version-Release number of selected component (if applicable): rhc-1.27.4 How reproducible: always Steps to Reproduce: 1.Add ssl_version and ssl_ca_file in server.yml as following: - server: hostname: stg.openshift.redhat.com nickname: stg login: XXXXXXXX use_authorization_tokens: true insecure: true ssl_ca_file: ~/.openshift/root-ca.crt.pem ssl_version: sslv3 2.List server 3. Actual results: at step 2: An unexpected error occured: unknown SSL method `sslv3'. Expected results: Should prompt some friendly message. Additional info:
Fixed in https://github.com/openshift/rhc/pull/624
Commit pushed to master at https://github.com/openshift/rhc https://github.com/openshift/rhc/commit/0b7eee5035e15c73ff075d578b15461f123163da Bug 1118712 and Bug 1118500 - makes global ssl options explicit on rhc server commands
Check it in rhc-1.28.0 build from devenv_4962 scenarion1: Don't work Add a server and use the option '--ssl-version sslv3', show error: #rhc server add openshift.redhat.com -l XXXXX --ssl-version sslv3 invalid option: The provided SSL version 'SSLv3' is not valid. Supported values: tlsv1,tlsv1_server, tlsv1_client, sslv2, sslv2_server, sslv2_client, sslv3, sslv3_server, sslv3_client,sslv23, sslv23_server, sslv23_client scenario 2: works Add ssl_version paramter in server.yml directly, and the value is downcases supported one.No error show when list servers. scenario 3: works Configure a server with '--ssl-version sslv3' Move bug to assigned
Adding server issue fixed in https://github.com/openshift/rhc/pull/626
Commit pushed to master at https://github.com/openshift/rhc https://github.com/openshift/rhc/commit/a9825a87172cb1c787e6e5f91314335e450f6718 Bug 1118712 - fixes ssl version parse when adding new servers
rhc build from devenv_4967 Can't reproduce scenario 1's issue from comment 3. Move bug to verified.