Public bug reported:
[Environment]
Bionic
python3-httplib2 | 0.9.2+dfsg-1ubuntu0.2
[Description]
maas cli fails to work with apis over https with self-signed certificates due
to the lack
of disable_ssl_certificate_validation option with python 3.5.
[Distribution/Release, Package versions, Platform]
cat /etc/lsb-release; dpkg -l | grep maas
DISTRIB_ID=Ubuntu
DISTRIB_RELEASE=18.04
DISTRIB_CODENAME=bionic
DISTRIB_DESCRIPTION="Ubuntu 18.04.5 LTS"
ii maas 2.8.2-8577-g.a3e674063-0ubuntu1~18.04.1 all "Metal as a Service" is a
physical cloud and IPAM
ii maas-cli 2.8.2-8577-g.a3e674063-0ubuntu1~18.04.1 all MAAS client and
command-line interface
ii maas-common 2.8.2-8577-g.a3e674063-0ubuntu1~18.04.1 all MAAS server common
files
ii maas-dhcp 2.8.2-8577-g.a3e674063-0ubuntu1~18.04.1 all MAAS DHCP server
ii maas-proxy 2.8.2-8577-g.a3e674063-0ubuntu1~18.04.1 all MAAS Caching Proxy
ii maas-rack-controller 2.8.2-8577-g.a3e674063-0ubuntu1~18.04.1 all Rack
Controller for MAAS
ii maas-region-api 2.8.2-8577-g.a3e674063-0ubuntu1~18.04.1 all Region
controller API service for MAAS
ii maas-region-controller 2.8.2-8577-g.a3e674063-0ubuntu1~18.04.1 all Region
Controller for MAAS
ii python3-django-maas 2.8.2-8577-g.a3e674063-0ubuntu1~18.04.1 all MAAS server
Django web framework (Python 3)
ii python3-maas-client 2.8.2-8577-g.a3e674063-0ubuntu1~18.04.1 all MAAS python
API client (Python 3)
ii python3-maas-provisioningserver 2.8.2-8577-g.a3e674063-0ubuntu1~18.04.1 all
MAAS server provisioning libraries (Python 3)
[Steps to Reproduce]
- prepare a maas server(installed by packages for me and the customer). it
doesn't have to be HA to reproduce
- prepare a set of certificate, key and ca-bundle
- place a new conf[2] in /etc/nginx/sites-enabled and `sudo systemctl restart
nginx`
- add the ca certificates to the host
sudo mkdir /usr/share/ca-certificates/extra
sudo cp -v ca-bundle.crt /usr/share/ca-certificates/extra/
dpkg-reconfigure ca-certificates
- login with a new profile over https url
- when not added the ca-bundle to the trusted ca cert store, it fails to login
and '--insecure' flag also doesn't work[3]
[Known Workarounds]
None
** Affects: python-httplib2 (Ubuntu)
Importance: Undecided
Status: Fix Released
** Affects: python-httplib2 (Ubuntu Bionic)
Importance: Undecided
Status: Confirmed
** Affects: python-httplib2 (Ubuntu Focal)
Importance: Undecided
Status: Fix Released
** Affects: python-httplib2 (Ubuntu Groovy)
Importance: Undecided
Status: Fix Released
** Affects: python-httplib2 (Ubuntu Hirsute)
Importance: Undecided
Status: Fix Released
** Also affects: python-httplib2 (Ubuntu Focal)
Importance: Undecided
Status: New
** Also affects: python-httplib2 (Ubuntu Bionic)
Importance: Undecided
Status: New
** Also affects: python-httplib2 (Ubuntu Hirsute)
Importance: Undecided
Status: New
** Also affects: python-httplib2 (Ubuntu Groovy)
Importance: Undecided
Status: New
** Changed in: python-httplib2 (Ubuntu Hirsute)
Status: New => Fix Released
** Changed in: python-httplib2 (Ubuntu Groovy)
Status: New => Fix Released
** Changed in: python-httplib2 (Ubuntu Focal)
Status: New => Fix Released
** Changed in: python-httplib2 (Ubuntu Bionic)
Status: New => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1906720
Title:
Fix the disable_ssl_certificate_validation option
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/python-httplib2/+bug/1906720/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
