Bug 995592 - pywbem fails to verify any server certificate
Summary: pywbem fails to verify any server certificate
Keywords:
Status: CLOSED NEXTRELEASE
Alias: None
Product: Fedora
Classification: Fedora
Component: pywbem
Version: 19
Hardware: All
OS: Linux
unspecified
medium
Target Milestone: ---
Assignee: Michal Minar
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2013-08-09 19:19 UTC by Michal Minar
Modified: 2013-08-09 19:30 UTC (History)
4 users (show)

Fixed In Version: pywbem-0.7.0-15.20130723svn623.fc20
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2013-08-09 19:30:55 UTC
Type: Bug
Embargoed:

Attachments (Terms of Use)
fix for pywbem (626 bytes, patch)
2013-08-09 19:19 UTC, Michal Minar 		no flags Details | Diff
View All

Description Michal Minar 2013-08-09 19:19:52 UTC 
Created attachment 784952 [details]
fix for pywbem

Description of problem:
  When using secured connection (over https), pywbem fails to verify server's certificate.

Version-Release number of selected component (if applicable):
  pywbem-0.7.0-11.20130702svn622.fc19


How reproducible:
  Always

Steps to Reproduce:
1. install tog-pegasus on server
2. install openlmi-tools client
3. install server's pem certificate (/etc/Pegasus/server.pem on server) to client's certificates dir (/etc/pki/tls/certs on client)
4. rehash certificates on client:
      $ cacertdir_rehash /etc/pki/tls/certs
5. try to instantiate secure connection to server:
6.    $ lmishell
      > c = connect(server_address, 'user', 'password')

Actual results:
  Error: [('SSL routines', 'SSL3_GET_SERVER_CERTIFICATE', 'certificate verify failed')]

Expected results:
  No error

Additional info:
  OpenSSL library invoked by pywbem does not know, where to search for certificates, attached patch solves this by setting *defaults* search paths to context.
Note You need to log in before you can comment on or make changes to this bug.