Project

General

Profile

Bug #8527

Proxy SSL verification fails with rest-client 1.7 and rbovirt's rest-client extensions

Added by Dominic Cleal about 7 years ago. Updated over 3 years ago.

Status:
Closed
Priority:
High
Assignee:
Category:
Smart Proxy
Target version:
Difficulty:
Triaged:
Bugzilla link:
Fixed in Releases:
Found in Releases:

Description

Since #7233, when Foreman is installed with rest-client 1.7 and oVirt support, SSL connections to the smart proxy fail to verify.

ERF12-2749 [ProxyAPI::ProxyException]: Unable to get environments from Puppet ([OpenSSL::SSL::SSLError]: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verif...) for proxy https://foreman-trusty.example.com:8443/puppet"

It appears that the rest-client extensions that are added in rbovirt cause some sort of conflict. These extensions aren't needed on rest-client 1.7 and above, as the patch was merged, but they're added anyway.

https://github.com/abenari/rbovirt/blob/v0.0.30/lib/restclient_ext/request.rb

If I comment out the require for restclient_ext, the SSL comms between Foreman and the proxy work fine.

Associated revisions

Revision e0af9fdc (diff)
Added by Dominic Cleal about 7 years ago

fixes #8527 - pin rest-client to version compatible with current rbovirt

Pin rbovirt a bit in preparation for a jump in versions.

Revision 9cbc8be0 (diff)
Added by Dominic Cleal about 7 years ago

refs #8527 - update rest-client/rbovirt versions

History

#1 Updated by Ohad Levy about 7 years ago

  • Pull request https://github.com/abenari/rbovirt/pull/45 added
  • Pull request deleted ()

#2 Updated by Dominic Cleal about 7 years ago

  • Pull request added
  • Pull request deleted (https://github.com/abenari/rbovirt/pull/45)

https://github.com/abenari/rbovirt/pull/45 changes to rest-client 1.7.x, a bit of a jump.

#3 Updated by The Foreman Bot about 7 years ago

  • Status changed from Assigned to Ready For Testing
  • Pull request https://github.com/theforeman/foreman/pull/1987 added
  • Pull request deleted ()

#4 Updated by Dominic Cleal about 7 years ago

  • % Done changed from 0 to 100
  • Status changed from Ready For Testing to Closed

#5 Updated by Dominic Cleal about 7 years ago

  • Legacy Backlogs Release (now unused) set to 28

Also available in: Atom PDF