** Changed in: python-urllib3 (Ubuntu Xenial) Status: Fix Released => In Progress
-- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1771988 Title: certificate validation with IP address based SAN's fails Status in Ubuntu Cloud Archive: Fix Released Status in Ubuntu Cloud Archive mitaka series: Triaged Status in Ubuntu Cloud Archive newton series: Triaged Status in python-urllib3 package in Ubuntu: Fix Released Status in python-urllib3 source package in Xenial: In Progress Bug description: [Impact] Users of urllib3 are unable to securely access websites who's certificates use IP based subject alternative names; this includes openstack client tooling which uses urllib3 via requests. [Test Case] Deploy and configure a server with TLS and an IP based SAN cert with a locally trusted CA. import urllib3 http = urllib3.PoolManager() r = http.request('GET', 'https://192.168.1.2') will fail [Regression Potential] Cherry picked fix comes from a later urllib3 release which has tested fine for IP SAN usage in later OpenStack release deployments. [Original Bug Report] urllib3 fails to validate certificates with IP address based SAN's. Fixed upstream: https://github.com/urllib3/urllib3/commit/c74bd70c3a97e30f0560bee9b7fa1bfc767ebf0b To manage notifications about this bug go to: https://bugs.launchpad.net/cloud-archive/+bug/1771988/+subscriptions _______________________________________________ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp