Bug 887041 - Document the unfortunate error message that can happen during sync over SSL if no CA certificate is provided
Summary: Document the unfortunate error message that can happen during sync over SSL i...
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: Pulp
Classification: Retired
Component: documentation
Version: 2.0.6
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
: 2.4.0
Assignee: Randy Barlow
QA Contact: Preethi Thomas
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2012-12-13 22:11 UTC by Randy Barlow
Modified: 2014-08-09 06:56 UTC (History)
0 users

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2014-08-09 06:56:31 UTC


Attachments (Terms of Use)

Description Randy Barlow 2012-12-13 22:11:31 UTC
We have an unfortunate bug[0] wherein we don't give the user an informative error message if they initiate a sync with an SSL feed without providing the CA certificate for the feed.

We aren't going to fix [0] before the release of Pulp 2.0, so we should document this behavior. I recommend a "Known Issues" section where we can link to this and perhaps other bugs. I also recommend that we put a "TIP" or "NOTE" or "CAUTION" block near any places in the docs where we talk about creating repos or syncing them. We can link to the bug in those blocks too.

[0] https://bugzilla.redhat.com/show_bug.cgi?id=887039

Comment 1 Randy Barlow 2012-12-13 22:12:23 UTC
We should write about this in the quick start guide as well.

Comment 2 Randy Barlow 2013-01-04 19:21:22 UTC
https://github.com/pulp/pulp_rpm/pull/88

Comment 3 Randy Barlow 2014-03-17 21:58:58 UTC
I'm going to set this to the 2.4.0 release so that it can be in line to get verified.

Comment 4 Preethi Thomas 2014-04-11 09:38:25 UTC
verified
[root@hp-dl380pgen8-02-vm-1 ~]# rpm -qa pulp-server
pulp-server-2.4.0-0.8.beta.el6.noarch
[root@hp-dl380pgen8-02-vm-1 ~]# 


[root@hp-dl380pgen8-02-vm-1 ~]#  pulp-admin rpm repo create --repo-id SAM --feed https://cdn.redhat.com/content/dist/rhel/rhui/server/6/6Server/x86_64/subscription-asset-manager/1/os/
Successfully created repository [SAM]

[root@hp-dl380pgen8-02-vm-1 ~]# 
[root@hp-dl380pgen8-02-vm-1 ~]# 
[root@hp-dl380pgen8-02-vm-1 ~]# pulp-admin rpm repo sync run --repo-id SAM
+----------------------------------------------------------------------+
                     Synchronizing Repository [SAM]
+----------------------------------------------------------------------+

This command may be exited via ctrl+c without affecting the request.


Downloading metadata...
[-]
... failed

[Errno 1] _ssl.c:492: error:14090086:SSL
routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed

[Errno 1] _ssl.c:492: error:14090086:SSL
routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed


Task Failed

Importer indicated a failed response

[root@hp-dl380pgen8-02-vm-1 ~]#

Comment 5 Randy Barlow 2014-08-09 06:56:31 UTC
This has been fixed in Pulp 2.4.0-1.


Note You need to log in before you can comment on or make changes to this bug.