[
https://issues.apache.org/jira/browse/BROOKLYN-280?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15299467#comment-15299467
]
ASF GitHub Bot commented on BROOKLYN-280:
-----------------------------------------
Github user neykov commented on a diff in the pull request:
https://github.com/apache/brooklyn-client/pull/21#discussion_r64515968
--- Diff: app/app.go ---
@@ -39,7 +39,7 @@ var appConfig = configDefaults{
Name: os.Args[0],
HelpName: os.Args[0],
Usage: "A Brooklyn command line client application",
- Version: "0.9.0",
+ Version: "0.10.0-SNAPSHOT",
--- End diff --
Add an inline comment `BROOKLYN_VERSION`, or a comment on the line above
`BROOKLYN_VERSION_BELOW` to have this changed automatically.
> br cli fails to login to brooklyn instances with self-signed SSL certs
> ----------------------------------------------------------------------
>
> Key: BROOKLYN-280
> URL: https://issues.apache.org/jira/browse/BROOKLYN-280
> Project: Brooklyn
> Issue Type: Bug
> Reporter: John McCabe
> Assignee: John McCabe
>
> Attempt to log into Brooklyn with a cert generated following the instructions
> on {{ops/brooklyn_properties}}, results in the following error:
> {code}
> # br login https://10.10.10.100:8443 admin mypassword
> Get https://10.10.10.100:8443/v1/server/version: x509: cannot validate
> certificate for 10.10.10.100 because it doesn't contain any IP SANs
> {code}
> Adding the IP SAN (add {{-ext san=IP:10.10.10.100}} to the {{keytool}}
> invocation on JDK 1.7+) then results in:
> {code}
> # br login https://10.10.10.100:8443 admin mypassword
> Get https://10.10.10.100:8443/v1/server/version: x509: certificate signed by
> unknown authority
> {code}
> I suspect we may need to be tolerate of self-signed certs without a
> trustchain, but do so via a flag that the user must set explicitly, for
> example:
> {code}
> br login --trustall https://10.10.10.100 admin mypassword
> {code}
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
