[Pulp-list] verify_ssl
Koen Vanoppen
vanoppen.koen at gmail.com
Thu Aug 28 11:47:00 UTC 2014
Ok, I'm back. Sorry couldn't resist :-). I think I solved the most of it...
THe thing that I know get is:
[root at pulppuppet01sand ~]# pulp-admin login -u admin -p admin
Authentication Failed
Use the login command to authenticate with the server and download a session
certificate for use in future calls to this script. If credentials were
specified, please double check the username and password and attempt the
request
again.
I added the latest conf files...
2014-08-28 11:45 GMT+02:00 Koen Vanoppen <vanoppen.koen at gmail.com>:
> And maybe also usefull. The apache error log. Then I quit sending mails
> :-). Or I should find the solution of course :-).
>
> Apache/2.2.15 (Unix) DAV/2 mod_ssl/2.2.15 OpenSSL/1.0.0-fips mod_wsgi/3.4
> Python/2.6.6 configured -- resuming normal operations
> [Thu Aug 28 11:43:56 2014] [notice] caught SIGTERM, shutting down
> [Thu Aug 28 11:43:56 2014] [error] Error in atexit._run_exitfuncs:
> [Thu Aug 28 11:43:56 2014] [error] Traceback (most recent call last):
> [Thu Aug 28 11:43:56 2014] [error] File
> "/usr/lib64/python2.6/atexit.py", line 24, in _run_exitfuncs
> [Thu Aug 28 11:43:56 2014] [error] func(*targs, **kargs)
> [Thu Aug 28 11:43:56 2014] [error] File
> "/usr/lib/python2.6/site-packages/gofer/transport/qpid/consumer.py", line
> 97, in close
> [Thu Aug 28 11:43:56 2014] [error] self.__receiver.close()
> [Thu Aug 28 11:43:56 2014] [error] File "<string>", line 6, in close
> [Thu Aug 28 11:43:56 2014] [error] File
> "/usr/lib/python2.6/site-packages/qpid/messaging/endpoints.py", line 1071,
> in close
> [Thu Aug 28 11:43:56 2014] [error] if not self.session._ewait(lambda:
> self.closed, timeout=timeout):
> [Thu Aug 28 11:43:56 2014] [error] File
> "/usr/lib/python2.6/site-packages/qpid/messaging/endpoints.py", line 580,
> in _ewait
> [Thu Aug 28 11:43:56 2014] [error] result =
> self.connection._ewait(lambda: self.error or predicate(), timeout)
> [Thu Aug 28 11:43:56 2014] [error] File
> "/usr/lib/python2.6/site-packages/qpid/messaging/endpoints.py", line 218,
> in _ewait
> [Thu Aug 28 11:43:56 2014] [error] result = self._wait(lambda:
> self.error or predicate(), timeout)
> [Thu Aug 28 11:43:56 2014] [error] File
> "/usr/lib/python2.6/site-packages/qpid/messaging/endpoints.py", line 197,
> in _wait
> [Thu Aug 28 11:43:56 2014] [error] return self._waiter.wait(predicate,
> timeout=timeout)
> [Thu Aug 28 11:43:56 2014] [error] File
> "/usr/lib/python2.6/site-packages/qpid/concurrency.py", line 57, in wait
> [Thu Aug 28 11:43:56 2014] [error] self.condition.wait(3)
> [Thu Aug 28 11:43:56 2014] [error] File
> "/usr/lib/python2.6/site-packages/qpid/concurrency.py", line 96, in wait
> [Thu Aug 28 11:43:56 2014] [error] sw.wait(timeout)
> [Thu Aug 28 11:43:56 2014] [error] File
> "/usr/lib/python2.6/site-packages/qpid/compat.py", line 53, in wait
> [Thu Aug 28 11:43:56 2014] [error] ready, _, _ = select([self], [],
> [], timeout)
> [Thu Aug 28 11:43:56 2014] [error] error: (4, 'Interrupted system call')
> [Thu Aug 28 11:43:56 2014] [error] mod_wsgi (pid=8334): Exception occurred
> within exit functions.
> [Thu Aug 28 11:43:56 2014] [error] Traceback (most recent call last):
> [Thu Aug 28 11:43:56 2014] [error] File
> "/usr/lib64/python2.6/atexit.py", line 24, in _run_exitfuncs
> [Thu Aug 28 11:43:56 2014] [error] func(*targs, **kargs)
> [Thu Aug 28 11:43:56 2014] [error] File
> "/usr/lib/python2.6/site-packages/gofer/transport/qpid/consumer.py", line
> 97, in close
> [Thu Aug 28 11:43:56 2014] [error] self.__receiver.close()
> [Thu Aug 28 11:43:56 2014] [error] File "<string>", line 6, in close
> [Thu Aug 28 11:43:56 2014] [error] File
> "/usr/lib/python2.6/site-packages/qpid/messaging/endpoints.py", line 1071,
> in close
> [Thu Aug 28 11:43:56 2014] [error] if not self.session._ewait(lambda:
> self.closed, timeout=timeout):
> [Thu Aug 28 11:43:56 2014] [error] File
> "/usr/lib/python2.6/site-packages/qpid/messaging/endpoints.py", line 580,
> in _ewait
> [Thu Aug 28 11:43:56 2014] [error] result =
> self.connection._ewait(lambda: self.error or predicate(), timeout)
> [Thu Aug 28 11:43:56 2014] [error] File
> "/usr/lib/python2.6/site-packages/qpid/messaging/endpoints.py", line 218,
> in _ewait
> [Thu Aug 28 11:43:56 2014] [error] result = self._wait(lambda:
> self.error or predicate(), timeout)
> [Thu Aug 28 11:43:56 2014] [error] File
> "/usr/lib/python2.6/site-packages/qpid/messaging/endpoints.py", line 197,
> in _wait
> [Thu Aug 28 11:43:56 2014] [error] return self._waiter.wait(predicate,
> timeout=timeout)
> [Thu Aug 28 11:43:56 2014] [error] File
> "/usr/lib/python2.6/site-packages/qpid/concurrency.py", line 57, in wait
> [Thu Aug 28 11:43:56 2014] [error] self.condition.wait(3)
> [Thu Aug 28 11:43:56 2014] [error] File
> "/usr/lib/python2.6/site-packages/qpid/concurrency.py", line 96, in wait
> [Thu Aug 28 11:43:56 2014] [error] sw.wait(timeout)
> [Thu Aug 28 11:43:56 2014] [error] File
> "/usr/lib/python2.6/site-packages/qpid/compat.py", line 53, in wait
> [Thu Aug 28 11:43:56 2014] [error] ready, _, _ = select([self], [],
> [], timeout)
> [Thu Aug 28 11:43:56 2014] [error] error: (4, 'Interrupted system call')
> [Thu Aug 28 11:43:56 2014] [error] Exception TypeError: "'NoneType' object
> is not callable" in Exception TypeError: "'NoneType' object is not
> callable" in <bound method Request.__del__ of <M2Crypto.X509.Request
> instance at 0x7f501c04c098>> ignored
> [Thu Aug 28 11:43:56 2014] [error] Exception TypeError: "'NoneType' object
> is not callable" in <bound method PKey.__del__ of <M2Crypto.EVP.PKey
> instance at 0x7f50515c3fc8>> ignored
> [Thu Aug 28 11:43:57 2014] [notice] suEXEC mechanism enabled (wrapper:
> /usr/sbin/suexec)
> [Thu Aug 28 11:43:57 2014] [notice] Digest: generating secret for digest
> authentication ...
> [Thu Aug 28 11:43:57 2014] [notice] Digest: done
> [Thu Aug 28 11:43:57 2014] [notice] Apache/2.2.15 (Unix) DAV/2
> mod_ssl/2.2.15 OpenSSL/1.0.0-fips mod_wsgi/3.4 Python/2.6.6 configured --
> resuming normal operations
>
>
>
> 2014-08-28 11:30 GMT+02:00 Koen Vanoppen <vanoppen.koen at gmail.com>:
>
> the error in the admin.log file concerning above error:
>> 2014-08-28 11:21:17,519 - ERROR - Exception occurred:
>> href: /pulp/api/v2/actions/login/
>> method: POST
>> status: 500
>> error: Unhandled Exception
>> traceback: [u' File
>> "/usr/lib/python2.6/site-packages/pulp/server/webservices/middleware/exception.py",
>> line 44, in __call__\n return self.app(environ, start_response)\n', u'
>> File
>> "/usr/lib/python2.6/site-packages/pulp/server/webservices/middleware/postponed.py",
>> line 42, in __call__\n return self.app(environ, start_response)\n', u'
>> File "/usr/lib/python2.6/site-packages/web/application.py", line 279, in
>> wsgi\n result = self.handle_with_processors()\n', u' File
>> "/usr/lib/python2.6/site-packages/pulp/server/webservices/application.py",
>> line 29, in _handle_with_processors\n return
>> process(self.processors)\n', u' File
>> "/usr/lib/python2.6/site-packages/pulp/server/webservices/application.py",
>> line 26, in process\n return p(lambda: process(processors))\n', u' File
>> "/usr/lib/python2.6/site-packages/web/application.py", line 566, in
>> processor\n return handler()\n', u' File
>> "/usr/lib/python2.6/site-packages/pulp/server/webservices/application.py",
>> line 26, in <lambda>\n return p(lambda: process(processors))\n', u'
>> File
>> "/usr/lib/python2.6/site-packages/pulp/server/webservices/application.py",
>> line 26, in process\n return p(lambda: process(processors))\n', u' File
>> "/usr/lib/python2.6/site-packages/web/application.py", line 581, in
>> processor\n result = handler()\n', u' File
>> "/usr/lib/python2.6/site-packages/pulp/server/webservices/application.py",
>> line 26, in <lambda>\n return p(lambda: process(processors))\n', u'
>> File
>> "/usr/lib/python2.6/site-packages/pulp/server/webservices/application.py",
>> line 28, in process\n return self.handle()\n', u' File
>> "/usr/lib/python2.6/site-packages/web/application.py", line 230, in
>> handle\n return self._delegate(fn, self.fvars, args)\n', u' File
>> "/usr/lib/python2.6/site-packages/web/application.py", line 422, in
>> _delegate\n return f()\n', u' File
>> "/usr/lib/python2.6/site-packages/web/application.py", line 430, in
>> <lambda>\n f = lambda: self._delegate_sub_application(pat, what)\n', u'
>> File "/usr/lib/python2.6/site-packages/web/application.py", line 455, in
>> _delegate_sub_application\n return app.handle_with_processors()\n', u'
>> File
>> "/usr/lib/python2.6/site-packages/pulp/server/webservices/application.py",
>> line 29, in _handle_with_processors\n return
>> process(self.processors)\n', u' File
>> "/usr/lib/python2.6/site-packages/pulp/server/webservices/application.py",
>> line 26, in process\n return p(lambda: process(processors))\n', u' File
>> "/usr/lib/python2.6/site-packages/web/application.py", line 566, in
>> processor\n return handler()\n', u' File
>> "/usr/lib/python2.6/site-packages/pulp/server/webservices/application.py",
>> line 26, in <lambda>\n return p(lambda: process(processors))\n', u'
>> File
>> "/usr/lib/python2.6/site-packages/pulp/server/webservices/application.py",
>> line 26, in process\n return p(lambda: process(processors))\n', u' File
>> "/usr/lib/python2.6/site-packages/web/application.py", line 581, in
>> processor\n result = handler()\n', u' File
>> "/usr/lib/python2.6/site-packages/pulp/server/webservices/application.py",
>> line 26, in <lambda>\n return p(lambda: process(processors))\n', u'
>> File
>> "/usr/lib/python2.6/site-packages/pulp/server/webservices/application.py",
>> line 28, in process\n return self.handle()\n', u' File
>> "/usr/lib/python2.6/site-packages/web/application.py", line 230, in
>> handle\n return self._delegate(fn, self.fvars, args)\n', u' File
>> "/usr/lib/python2.6/site-packages/web/application.py", line 420, in
>> _delegate\n return handle_class(cls)\n', u' File
>> "/usr/lib/python2.6/site-packages/web/application.py", line 396, in
>> handle_class\n return tocall(*args)\n', u' File
>> "/usr/lib/python2.6/site-packages/pulp/server/webservices/controllers/decorators.py",
>> line 227, in _auth_decorator\n value = method(self, *args, **kwargs)\n',
>> u' File
>> "/usr/lib/python2.6/site-packages/pulp/server/webservices/controllers/root_actions.py",
>> line 42, in POST\n key, certificate =
>> factory.cert_generation_manager().make_admin_user_cert(user)\n', u' File
>> "/usr/lib/python2.6/site-packages/pulp/server/managers/auth/cert/cert_generator.py",
>> line 43, in make_admin_user_cert\n return
>> self.make_cert(self.encode_admin_user(user), expiration)\n', u' File
>> "/usr/lib/python2.6/site-packages/pulp/server/managers/auth/cert/cert_generator.py",
>> line 97, in make_cert\n raise Exception("error signing cert request: %s"
>> % output)\n']
>> data: {}
>>
>> # ************************************
>> # Vhost template in module puppetlabs-apache
>> # Managed by Puppet
>> # ************************************
>>
>> <VirtualHost *:443>
>> ServerName pulppuppet01sand.brusselsairport.***
>>
>> ## Vhost docroot
>> DocumentRoot "/var/www/html"
>>
>>
>>
>> ## Directories, there should at least be a declaration for /var/www/html
>>
>>
>> <Directory "/var/www/html">
>> Options Indexes FollowSymLinks MultiViews
>> AllowOverride None
>> Order allow,deny
>> Allow from all
>> </Directory>
>>
>> ## Load additional static includes
>>
>>
>> ## Logging
>> ErrorLog "/var/log/httpd/pulp_error_ssl.log"
>> ServerSignature Off
>> CustomLog "/var/log/httpd/pulp_access_ssl.log" combined
>>
>>
>>
>>
>> ## SSL directives
>> SSLEngine on
>> SSLCertificateFile "/etc/pki/tls/pulpserver.crt"
>> SSLCertificateKeyFile "/etc/pki/tls/pulpserver.key"
>> SSLCACertificatePath "/etc/pki/tls/certs"
>> SSLCACertificateFile "/etc/pki/pulp/ca.crt"
>> SSLVerifyClient optional
>> SSLVerifyDepth 3
>> SSLOptions +StdEnvVars
>> </VirtualHost>
>>
>>
>>
>>
>> 2014-08-28 7:14 GMT+02:00 Koen Vanoppen <vanoppen.koen at gmail.com>:
>>
>> And after I changed my http conf to ssl:
>>> [root at pulppuppet01sand .pulp]# pulp-admin login -u admin
>>> Enter password:
>>> An internal error occurred on the Pulp server:
>>>
>>> RequestException: POST request
>>> on /pulp/api/v2/actions/login/ failed with 500 - Unhandled Exception
>>>
>>>
>>>
>>>
>>> 2014-08-28 7:00 GMT+02:00 Koen Vanoppen <vanoppen.koen at gmail.com>:
>>>
>>> Here are my config files for the admin and the server.conf. The repo is
>>>> for internal use only so the SSL_verification can be False. Thanx in
>>>> advance!
>>>>
>>>>
>>>> 2014-08-28 6:41 GMT+02:00 Koen Vanoppen <vanoppen.koen at gmail.com>:
>>>>
>>>> This is from the admin.log:
>>>>> 2014-08-28 06:39:50,754 - ERROR - Client-side exception occurred
>>>>>
>>>>> Traceback (most recent call last):
>>>>> File
>>>>> "/usr/lib/python2.6/site-packages/pulp/client/extensions/core.py", line
>>>>> 478, in run
>>>>> exit_code = Cli.run(self, args)
>>>>> File "/usr/lib/python2.6/site-packages/okaara/cli.py", line 974, in
>>>>> run
>>>>> exit_code = command_or_section.execute(self.prompt, remaining_args)
>>>>> File
>>>>> "/usr/lib/python2.6/site-packages/pulp/client/extensions/extensions.py",
>>>>> line 224, in execute
>>>>> return self.method(*arg_list, **clean_kwargs)
>>>>> File
>>>>> "/usr/lib/python2.6/site-packages/pulp/client/admin/admin_auth.py", line
>>>>> 58, in login
>>>>> result = self.context.server.actions.login(username,
>>>>> password).response_body
>>>>> File "/usr/lib/python2.6/site-packages/pulp/bindings/actions.py",
>>>>> line 32, in login
>>>>> return self.server.POST(path)
>>>>> File "/usr/lib/python2.6/site-packages/pulp/bindings/server.py",
>>>>> line 99, in POST
>>>>> return self._request('POST', path, body=body,
>>>>> ensure_encoding=ensure_encoding)
>>>>> File "/usr/lib/python2.6/site-packages/pulp/bindings/server.py",
>>>>> line 143, in _request
>>>>> response_code, response_body = self.server_wrapper.request(method,
>>>>> url, body)
>>>>> File "/usr/lib/python2.6/site-packages/pulp/bindings/server.py",
>>>>> line 316, in request
>>>>> connection.request(method, url, body=body, headers=headers)
>>>>> File "/usr/lib64/python2.6/httplib.py", line 914, in request
>>>>> self._send_request(method, url, body, headers)
>>>>> File "/usr/lib64/python2.6/httplib.py", line 951, in _send_request
>>>>> self.endheaders()
>>>>> File "/usr/lib64/python2.6/httplib.py", line 908, in endheaders
>>>>> self._send_output()
>>>>> File "/usr/lib64/python2.6/httplib.py", line 780, in _send_output
>>>>> self.send(msg)
>>>>> File "/usr/lib64/python2.6/httplib.py", line 739, in send
>>>>> self.connect()
>>>>> File "/usr/lib64/python2.6/site-packages/M2Crypto/httpslib.py", line
>>>>> 50, in connect
>>>>> self.sock.connect((self.host, self.port))
>>>>> File
>>>>> "/usr/lib64/python2.6/site-packages/M2Crypto/SSL/Connection.py", line 181,
>>>>> in connect
>>>>> self.socket.connect(addr)
>>>>> File "<string>", line 1, in connect
>>>>> error: [Errno 111] Connection refused
>>>>>
>>>>>
>>>>>
>>>>> 2014-08-28 6:37 GMT+02:00 Koen Vanoppen <vanoppen.koen at gmail.com>:
>>>>>
>>>>> THANX!!! that was the trick indeed. Sorry...
>>>>>> Now I only have this:
>>>>>> The connection was refused when attempting to contact the server
>>>>>> [pulppuppet01sand.brusselsairport.***]. Check the client
>>>>>> configuration to
>>>>>> ensure the server hostname is correct.
>>>>>>
>>>>>> pulp-admin and server are running on the same host, with self
>>>>>> generated cert and key.
>>>>>>
>>>>>> Kind regards,
>>>>>>
>>>>>> Koen
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> 2014-08-27 16:07 GMT+02:00 Sean Waite <swaite at tracelink.com>:
>>>>>>
>>>>>> Hi Koen,
>>>>>>>
>>>>>>> If you read the release notes (
>>>>>>> http://pulp-user-guide.readthedocs.org/en/latest/release-notes/2.4.x.html),
>>>>>>> you'll see that with the self-signed certs, you'll need to set verify_ssl
>>>>>>> to False in the admin.conf and others.
>>>>>>>
>>>>>>> I hit this same issue.
>>>>>>>
>>>>>>>
>>>>>>> On Wed, Aug 27, 2014 at 9:38 AM, Koen Vanoppen <
>>>>>>> vanoppen.koen at gmail.com> wrote:
>>>>>>>
>>>>>>>> Dear All,
>>>>>>>>
>>>>>>>> I have installed pulp v 2.4 and now I'm getting following error
>>>>>>>> when I try to login with "pulp-admin login -u admin"
>>>>>>>>
>>>>>>>> Traceback (most recent call last):
>>>>>>>> File "/usr/bin/pulp-admin", line 9, in <module>
>>>>>>>> load_entry_point('pulp-client-admin==2.4.0', 'console_scripts',
>>>>>>>> 'pulp-admin')()
>>>>>>>> File
>>>>>>>> "/usr/lib/python2.6/site-packages/pulp/client/admin/__init__.py", line 35,
>>>>>>>> in main
>>>>>>>> config_files, exception_handler_class=AdminExceptionHandler
>>>>>>>> File "/usr/lib/python2.6/site-packages/pulp/client/launcher.py",
>>>>>>>> line 85, in main
>>>>>>>> server = _create_bindings(config, logger, username, password)
>>>>>>>> File "/usr/lib/python2.6/site-packages/pulp/client/launcher.py",
>>>>>>>> line 192, in _create_bindings
>>>>>>>> validate_ssl_ca = config['server']['verify_ssl'].lower() !=
>>>>>>>> 'false'
>>>>>>>> KeyError: 'verify_ssl'
>>>>>>>>
>>>>>>>> Any Ideas?
>>>>>>>>
>>>>>>>> Kind regards,
>>>>>>>>
>>>>>>>> Koen
>>>>>>>>
>>>>>>>> _______________________________________________
>>>>>>>> Pulp-list mailing list
>>>>>>>> Pulp-list at redhat.com
>>>>>>>> https://www.redhat.com/mailman/listinfo/pulp-list
>>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> --
>>>>>>> Sean Waite swaite at tracelink.com
>>>>>>> Cloud Operations Engineer GPG 17F91B3A
>>>>>>> TraceLink, Inc.
>>>>>>>
>>>>>>> Be Excellent to Each Other
>>>>>>>
>>>>>>
>>>>>>
>>>>>
>>>>
>>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/pulp-list/attachments/20140828/c81efcae/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: admin.conf
Type: application/octet-stream
Size: 1255 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/pulp-list/attachments/20140828/c81efcae/attachment.obj>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: pulp.conf
Type: application/octet-stream
Size: 1236 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/pulp-list/attachments/20140828/c81efcae/attachment-0001.obj>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: server.conf
Type: application/octet-stream
Size: 8980 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/pulp-list/attachments/20140828/c81efcae/attachment-0002.obj>
More information about the Pulp-list
mailing list