[Pulp-list] Pulp 2.6 vs 2.8 event notifier question
Partha Aji
paji at redhat.com
Wed Feb 3 00:39:54 UTC 2016
So katello uses pulp's http event notifiers to get information about operations like "sync_complete". So Katello typically configures the event notifiers to fire off to "https://localhost/katello/....." . In pulp 2.6 this used to work ok, but with pulp 2.8 we get issues like ""
Feb 1 09:51:34 katello-yoda celery: raise SSLError(e, request=request)
Feb 1 09:51:34 katello-yoda celery: SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:765)
""
when the notification fails. While we can try to add katello's cert to the central ca-trust question arises on why pulp should require this.
When an app has the authority to configure an event notification to any url it chooses (be it http or https), why should pulp care for trusting the certificate of the server its notifying ?.
Partha
More information about the Pulp-list
mailing list