Maybe I wasn't clear. I said I initially *thought* it was a MitM type proxy but then I replicated the problem with polipo an open source proxy that is not MitM.
Also, ansible and other Python tools get through our corporate proxy fine, so it may not be MitMing at all. -troy On Fri, Jul 29, 2016 at 3:41 PM, Troy Cauble <[email protected]> wrote: > I'm using libcloud 1.1.0 on python 2.7.10 and > ubuntu 15.10. > > Here's hoping this is a mismatched package > > $ pip list > apache-libcloud (1.1.0) > argparse (1.2.1) > boto (2.42.0) > certifi (2016.2.28) > cffi (1.7.0) > cryptography (1.4) > docopt (0.6.2) > enum34 (1.1.6) > idna (2.1) > ipaddress (1.0.16) > paramiko (2.0.2) > pip (1.5.6) > pyasn1 (0.1.9) > pycparser (2.14) > setuptools (18.4) > six (1.10.0) > wsgiref (0.1.2) > > > When I don't set > libcloud.security.VERIFY_SSL_CERT = False > I see the following exception using the proxy at work. > > ... > sg = driver.ex_get_security_groups(group_names=[sg_nm]) > File > "/home/troy/B2/local/lib/python2.7/site-packages/libcloud/compute/drivers/ec2.py", > line 3818, in ex_get_security_groups > response = self.connection.request(self.path, params=params) > File > "/home/troy/B2/local/lib/python2.7/site-packages/libcloud/common/base.py", > line 851, in request > raise ssl.SSLError(str(e)) > ssl.SSLError: ('("Failed to verify hostname: hostname \'proxy. > <http://proxy.proxy.alcatel-lucent.com/>MYCOMPANY.com\' doesn\'t match > either of \'us-west-2.ec2.amazonaws.com\', \'ec2.us-west-2.amazonaws.com > \'",)',) > > > > It's complaining that the company proxy FQDN doesn't match > the amazonaws FQDNs. > > At first I thought it might be a man-in-the-middle style corporate proxy > cert issue. > But then I replicated it using polipo. > > Any ideas? > Thanks, > -troy > > -troy >
