This repository has been archived by the owner on Aug 21, 2020. It is now read-only.
Issues with TLS client authentication #20
Comments
|
@ThatIsGeek can you please submit a patch? |
|
@dims sure :) I am already working on it. Sorry for not mentioning it in the report. |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
While setting up Calico in our OpenStack deployment we've encountered issues when trying to use TLS authentication to access etcd cluster.
To reproduce:
c = Etcd3Client(host="server", protocol="https", ca_cert="server_ca.crt", cert_cert="user.crt", cert_key="user.key")c.get("random_key")alert bad certificateorCERTIFICATE_VERIFY_FAILEDif you don't have server_ca in your system trust.When looking through the source code we've noticed that the TLS parameters are stored in self.kwargs and then never used.
etcd3-gateway/etcd3gw/client.py
Line 55 in 11cf6c4
When edited to actually set the values on the session object, the TLS auth started working.
Issue appeared on both Ubuntu Xenial (Python 2.7.12, OpenSSL 1.0.2g) and Fedora 27 (Python 2.7.14, OpenSSL 1.1.0h).
The text was updated successfully, but these errors were encountered: