Bug 1345735 - [RFE] --insecure option to make bkr skip SSL certificate validity checks
Summary: [RFE] --insecure option to make bkr skip SSL certificate validity checks
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: Beaker
Classification: Retired
Component: command line
Version: 22
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: 23.1
Assignee: Dan Callaghan
QA Contact: tools-bugs
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2016-06-13 05:17 UTC by Dan Callaghan
Modified: 2016-08-11 01:24 UTC (History)
4 users (show)

Fixed In Version:
Doc Type: Enhancement
Doc Text:
Clone Of:
Environment:
Last Closed: 2016-08-11 01:24:55 UTC
Embargoed:

Attachments (Terms of Use)

Description Dan Callaghan 2016-06-13 05:17:31 UTC 
Similar to curl and the OpenStack CLIs, bkr should have an option --insecure which will skip validity checks for the server SSL certificate.

In particular this will make it possible to use bkr on Beaker-provisioned systems to talk to a Beaker server which is using an SSL cert issued by a private CA, like in our environment.

For background see https://gerrit.beaker-project.org/4934
Comment 1 Dan Callaghan 2016-06-13 06:42:42 UTC 
http://gerrit.beaker-project.org/4982
Comment 2 Dan Callaghan 2016-06-13 06:43:42 UTC 
I also made a config option for this, SSL_VERIFY defaulting to True. When set to False it tells requests to skip SSL cert checks (xmlrpclib already does no SSL cert checks...). The --insecure option is equivalent to setting SSL_VERIFY=False.
Comment 3 Dan Callaghan 2016-07-12 06:50:59 UTC 
This bug fix is included in beaker-client-23.1-0.git.3.f9ce229 which is currently available for download here:

https://beaker-project.org/nightlies/release-23/
Comment 5 Dan Callaghan 2016-08-11 01:24:55 UTC 
Beaker 23.1 has been released.
Note You need to log in before you can comment on or make changes to this bug.