libcloud should never disable HTTPS
-----------------------------------
Key: LIBCLOUD-100
URL: https://issues.apache.org/jira/browse/LIBCLOUD-100
Project: Libcloud
Issue Type: Improvement
Components: Core
Affects Versions: 0.5.0
Reporter: Chris Adams
As documented on http://wiki.apache.org/incubator/LibcloudSSL, libcloud will
simply disable HTTPS checks when there are no valid CAs on the current system:
"libcloud/httplib_ssl.py:75: UserWarning: Warning: No CA Certificates were
found in CA_CERTS_PATH. Toggling VERIFY_SSL_CERT to False.
warnings.warn(libcloud.security.CA_CERTS_UNAVAILABLE_MSG)"
This is bad as it's easy to assume you're operating in a secure manner if you
don't (or can't) see the warning message. If VERIFY_SSL_CERT is true, libcloud
should simply toss a runtime error and force the user to provide a CA rather
than making it easy to assume things are working as desired.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
