[UG] Hostname being verified with sslverify=0

Kaushik Muthuravichandran Wed, 07 Jan 2015 09:02:00 -0800

Hello,

The parameter sslverify=0 tries to verify the hostname specified in the
baseurl  option with the subject in ssl certificate, and causes the
following error to be thrown when yum commands are run:


[Errno 14] PYCURL ERROR 51 - "SSL: certificate subject name 'xxxxxxx.xxxx'
does not match target host name '10.10.10.10"

I am using python-urlgrabber-3.9.1-8.el6.noarch.

This patch fixes the issue:

--- grabber.py.old    2015-01-07 12:50:40.194922557 +0000
+++ grabber.py.new    2015-01-07 12:51:34.707163121 +0000
@@ -1198,6 +1198,8 @@
             self.curl_obj.setopt(pycurl.SSL_VERIFYPEER,
opts.ssl_verify_peer)
             if opts.ssl_verify_host: # 1 is meaningless to curl
                 self.curl_obj.setopt(pycurl.SSL_VERIFYHOST, 2)
+            else:
+                self.curl_obj.setopt(pycurl.SSL_VERIFYHOST, False)
             if opts.ssl_key:
                 self.curl_obj.setopt(pycurl.SSLKEY, opts.ssl_key)
             if opts.ssl_key_type:


Thanks,
Kaushik

_______________________________________________
Yum-devel mailing list
Yum-devel@lists.baseurl.org
http://lists.baseurl.org/mailman/listinfo/yum-devel

[UG] Hostname being verified with sslverify=0

Reply via email to