Description of problem: It seems that ssl verification cannot be switched off with '--insecure' switch (checked with 'bkr whoami' and 'bkr job-submit job.xml). As for the commandline help I believe that ssl certificates verification can be switched off: $ bkr whoami --help ... --insecure Skip SSL certificate validity checks Version-Release number of selected component (if applicable): Beaker 26.1 on centos7 with kerberos authetication. How reproducible: always Steps to Reproduce: 1. run 'bkr whoami --insecure' against a system with unknown CA Actual results: Errror: SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:579) Expected results: ignore invalid ssl certificates and give me correct output Additional info: [root@centos7 temp]# cat /etc/beaker/client.conf HUB_URL="https://beaker.cluster-qe.lab.eng.brq.redhat.com/bkr/" AUTH_METHOD="krbv" KRB_SERVICE = "HTTP" KRB_REALM = "REDHAT.COM" [root@centos7 ~]# bkr whoami 2019-01-02 10:33:30,645 bkr.common.xmlrpc WARNING XML-RPC connection to beaker.cluster-qe.lab.eng.brq.redhat.com failed: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:579), 5 retries left Traceback (most recent call last): File "/usr/lib/python2.7/site-packages/bkr/common/xmlrpc.py", line 571, in request result = transport_class.request(self, *args, **kwargs) File "/usr/lib64/python2.7/xmlrpclib.py", line 1273, in request return self.single_request(host, handler, request_body, verbose) File "/usr/lib/python2.7/site-packages/bkr/common/xmlrpc.py", line 445, in _single_request self.send_content(h, request_body) File "/usr/lib64/python2.7/xmlrpclib.py", line 1448, in send_content connection.endheaders(request_body) File "/usr/lib64/python2.7/httplib.py", line 1037, in endheaders self._send_output(message_body) File "/usr/lib64/python2.7/httplib.py", line 881, in _send_output self.send(msg) File "/usr/lib64/python2.7/httplib.py", line 843, in send self.connect() File "/usr/lib64/python2.7/httplib.py", line 1260, in connect server_hostname=sni_hostname) File "/usr/lib64/python2.7/ssl.py", line 348, in wrap_socket _context=self) File "/usr/lib64/python2.7/ssl.py", line 609, in __init__ self.do_handshake() File "/usr/lib64/python2.7/ssl.py", line 831, in do_handshake self._sslobj.do_handshake() SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:579) ^CTraceback (most recent call last): File "/usr/bin/bkr", line 9, in <module> load_entry_point('beaker-client==26.1', 'console_scripts', 'bkr')() File "/usr/lib/python2.7/site-packages/bkr/client/main.py", line 103, in main return cmd.run(*cmd_args, **cmd_opts.__dict__) File "/usr/lib/python2.7/site-packages/bkr/client/commands/cmd_whoami.py", line 57, in run self.set_hub(**kwargs) File "/usr/lib/python2.7/site-packages/bkr/client/__init__.py", line 78, in set_hub proxy_user=proxy_user) File "/usr/lib/python2.7/site-packages/bkr/client/command.py", line 291, in set_hub self.hub = HubProxy(conf=self.conf, auto_login=auto_login) File "/usr/lib/python2.7/site-packages/bkr/common/hub.py", line 68, in __init__ self._login() File "/usr/lib/python2.7/site-packages/bkr/common/hub.py", line 95, in _login login_method() File "/usr/lib/python2.7/site-packages/bkr/common/hub.py", line 193, in _login_krbv self._hub.auth.login_krbv(req_enc, proxyuser) File "/usr/lib64/python2.7/xmlrpclib.py", line 1233, in __call__ return self.__send(self.__name, args) File "/usr/lib64/python2.7/xmlrpclib.py", line 1591, in __request verbose=self.__verbose File "/usr/lib/python2.7/site-packages/bkr/common/xmlrpc.py", line 585, in request time.sleep(self.retry_timeout) KeyboardInterrupt [root@centos7 ~]# bkr whoami --insecure 2019-01-02 10:33:26,244 bkr.common.xmlrpc WARNING XML-RPC connection to beaker.cluster-qe.lab.eng.brq.redhat.com failed: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:579), 5 retries left Traceback (most recent call last): File "/usr/lib/python2.7/site-packages/bkr/common/xmlrpc.py", line 571, in request result = transport_class.request(self, *args, **kwargs) File "/usr/lib64/python2.7/xmlrpclib.py", line 1273, in request return self.single_request(host, handler, request_body, verbose) File "/usr/lib/python2.7/site-packages/bkr/common/xmlrpc.py", line 445, in _single_request self.send_content(h, request_body) File "/usr/lib64/python2.7/xmlrpclib.py", line 1448, in send_content connection.endheaders(request_body) File "/usr/lib64/python2.7/httplib.py", line 1037, in endheaders self._send_output(message_body) File "/usr/lib64/python2.7/httplib.py", line 881, in _send_output self.send(msg) File "/usr/lib64/python2.7/httplib.py", line 843, in send self.connect() File "/usr/lib64/python2.7/httplib.py", line 1260, in connect server_hostname=sni_hostname) File "/usr/lib64/python2.7/ssl.py", line 348, in wrap_socket _context=self) File "/usr/lib64/python2.7/ssl.py", line 609, in __init__ self.do_handshake() File "/usr/lib64/python2.7/ssl.py", line 831, in do_handshake self._sslobj.do_handshake() SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:579) ^CTraceback (most recent call last): File "/usr/bin/bkr", line 9, in <module> load_entry_point('beaker-client==26.1', 'console_scripts', 'bkr')() File "/usr/lib/python2.7/site-packages/bkr/client/main.py", line 103, in main return cmd.run(*cmd_args, **cmd_opts.__dict__) File "/usr/lib/python2.7/site-packages/bkr/client/commands/cmd_whoami.py", line 57, in run self.set_hub(**kwargs) File "/usr/lib/python2.7/site-packages/bkr/client/__init__.py", line 78, in set_hub proxy_user=proxy_user) File "/usr/lib/python2.7/site-packages/bkr/client/command.py", line 291, in set_hub self.hub = HubProxy(conf=self.conf, auto_login=auto_login) File "/usr/lib/python2.7/site-packages/bkr/common/hub.py", line 68, in __init__ self._login() File "/usr/lib/python2.7/site-packages/bkr/common/hub.py", line 95, in _login login_method() File "/usr/lib/python2.7/site-packages/bkr/common/hub.py", line 193, in _login_krbv self._hub.auth.login_krbv(req_enc, proxyuser) File "/usr/lib64/python2.7/xmlrpclib.py", line 1233, in __call__ return self.__send(self.__name, args) File "/usr/lib64/python2.7/xmlrpclib.py", line 1591, in __request verbose=self.__verbose File "/usr/lib/python2.7/site-packages/bkr/common/xmlrpc.py", line 585, in request time.sleep(self.retry_timeout) KeyboardInterrupt [root@centos7 temp]# bkr job-submit --insecure a.xml 2019-01-02 10:41:27,469 bkr.common.xmlrpc WARNING XML-RPC connection to beaker.cluster-qe.lab.eng.brq.redhat.com failed: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:579), 5 retries left Traceback (most recent call last): File "/usr/lib/python2.7/site-packages/bkr/common/xmlrpc.py", line 571, in request result = transport_class.request(self, *args, **kwargs) File "/usr/lib64/python2.7/xmlrpclib.py", line 1273, in request return self.single_request(host, handler, request_body, verbose) File "/usr/lib/python2.7/site-packages/bkr/common/xmlrpc.py", line 445, in _single_request self.send_content(h, request_body) File "/usr/lib64/python2.7/xmlrpclib.py", line 1448, in send_content connection.endheaders(request_body) File "/usr/lib64/python2.7/httplib.py", line 1037, in endheaders self._send_output(message_body) File "/usr/lib64/python2.7/httplib.py", line 881, in _send_output self.send(msg) File "/usr/lib64/python2.7/httplib.py", line 843, in send self.connect() File "/usr/lib64/python2.7/httplib.py", line 1260, in connect server_hostname=sni_hostname) File "/usr/lib64/python2.7/ssl.py", line 348, in wrap_socket _context=self) File "/usr/lib64/python2.7/ssl.py", line 609, in __init__ self.do_handshake() File "/usr/lib64/python2.7/ssl.py", line 831, in do_handshake self._sslobj.do_handshake() SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:579) ^CTraceback (most recent call last): File "/usr/bin/bkr", line 9, in <module> load_entry_point('beaker-client==26.1', 'console_scripts', 'bkr')() File "/usr/lib/python2.7/site-packages/bkr/client/main.py", line 103, in main return cmd.run(*cmd_args, **cmd_opts.__dict__) File "/usr/lib/python2.7/site-packages/bkr/client/commands/cmd_job_submit.py", line 200, in run self.set_hub(**kwargs) File "/usr/lib/python2.7/site-packages/bkr/client/__init__.py", line 78, in set_hub proxy_user=proxy_user) File "/usr/lib/python2.7/site-packages/bkr/client/command.py", line 291, in set_hub self.hub = HubProxy(conf=self.conf, auto_login=auto_login) File "/usr/lib/python2.7/site-packages/bkr/common/hub.py", line 68, in __init__ self._login() File "/usr/lib/python2.7/site-packages/bkr/common/hub.py", line 95, in _login login_method() File "/usr/lib/python2.7/site-packages/bkr/common/hub.py", line 193, in _login_krbv self._hub.auth.login_krbv(req_enc, proxyuser) File "/usr/lib64/python2.7/xmlrpclib.py", line 1233, in __call__ return self.__send(self.__name, args) File "/usr/lib64/python2.7/xmlrpclib.py", line 1591, in __request verbose=self.__verbose File "/usr/lib/python2.7/site-packages/bkr/common/xmlrpc.py", line 585, in request time.sleep(self.retry_timeout) KeyboardInterrupt Using env variable PYTHONHTTPSVERIFY=0 solves the problem for job-submit: [root@centos7 temp]# PYTHONHTTPSVERIFY=0 bkr job-submit a.xml Submitted: ['J:90244']
Beaker 26.3 has been released.