[Pulp-list] My Failed PULP setup aka SSL Errors

Randy Barlow rbarlow at redhat.com
Tue Oct 28 14:07:26 UTC 2014

On 10/28/2014 12:32 AM, Gavin Jones wrote:
> ConnectionException: (None, 'tlsv1 alert unknown ca', None)
> Any more ideas?

This error means your server is signed by an untrusted CA (or is self
signed). You have two (possibly three) choices:

1) Sign the httpd process' SSL certificates with a trusted CA. (Recommended)

2) Turn verify_ssl off in /etc/pulp/admin/admin.conf. (not recommended
unless you are only connecting to the local host)

3) It might be possible to set the httpd server's public certificate as
the ca_path in /etc/pulp/admin/admin.conf if it is a self-signed
certificate. I've not tried that, but in theory it might work.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://listman.redhat.com/archives/pulp-list/attachments/20141028/69379335/attachment.sig>

More information about the Pulp-list mailing list