Bugzilla (bugzilla.redhat.com) will be under maintenance for infrastructure upgrades and will not be unavailable on July 31st between 12:30 AM - 05:30 AM UTC. We appreciate your understanding and patience. You can follow status.redhat.com for details.
Bug 818573 - curl command for looking at templates incorrect
Summary: curl command for looking at templates incorrect
Alias: None
Product: CloudForms Cloud Engine
Classification: Retired
Component: Docs User Guide
Version: 1.0.0
Hardware: Unspecified
OS: Unspecified
Target Milestone: beta6
Assignee: Dan Macpherson
QA Contact: ecs-bugs
Depends On:
TreeView+ depends on / blocked
Reported: 2012-05-03 12:14 UTC by james labocki
Modified: 2012-12-10 21:53 UTC (History)
4 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Last Closed: 2012-12-10 21:53:24 UTC

Attachments (Terms of Use)

Description james labocki 2012-05-03 12:14:06 UTC
Section 5.5 of the Cloud Engine User Guide

# curl https://[RHEVM-HOST]:8443/api/templates --user [USER]@[DOMAIN]:[PASSWORD]

should read

# curl -k https://[RHEVM-HOST]:8443/api/templates --user [USER]@[DOMAIN]:[PASSWORD]

without the -k option (for insecure) curl will output the following

# curl https://rhevm2.rhev.local:8443/api/templates --user admin@internal:redacted
curl: (60) Peer certificate cannot be authenticated with known CA certificates
More details here: http://curl.haxx.se/docs/sslcerts.html

curl performs SSL certificate verification by default, using a "bundle"
 of Certificate Authority (CA) public keys (CA certs). If the default
 bundle file isn't adequate, you can specify an alternate file
 using the --cacert option.
If this HTTPS server uses a certificate signed by a CA represented in
 the bundle, the certificate verification probably failed due to a
 problem with the certificate (it might be expired, or the name might
 not match the domain name in the URL).
If you'd like to turn off curl's verification of the certificate, use
 the -k (or --insecure) option.

Comment 2 Dan Macpherson 2012-08-29 02:59:51 UTC
Added -k switch.

My only minor reservation with this bug is that it's using an insecure method to communicate with the RHEVM server. Although I doubt there'd be any chance of a man in the middle attack when communicating between Cloud Engine and a private cloud, I still feel a little uncomfortable documenting the use of -k switch. I don't want customers to get the impression that this is standard practice.

Comment 13 Lana Brindley 2012-11-19 02:45:30 UTC
This documentation has now been dropped to translation ahead of publication. For any further issues, please open a new a bug.


Comment 14 Lana Brindley 2012-12-10 21:53:24 UTC
This document is now publicly available on access.redhat.com. For any further issues, please raise a new bug.


Note You need to log in before you can comment on or make changes to this bug.