Update docs on SSL certificate location configuration #56
Comments
atodorov
added a commit
that referenced
this issue
Jun 4, 2024
however this won't go into official documentation because it is not a supported method of consuming Kiwi TCMS, users should always have valid SSL certificates. Closes #56
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Env: python3.8 on Ubuntu 20.04 running tcms_api 12.2
In testing with the default Kiwi Docker setup, I found that after I had installed the
ca.crt(retrieved fromstatic/ca.crtand copied to/etc/share/ca-certificates/and installed withsudo dpkg-reconfigure ca-certificates), I had to:url = https://buildkitsandbox/xml-rpcin my~/.tcms.confor a I would get an SSL error with hostname mismatch (I just hacked/etc/hoststo setbuildkitsandboxto 127.0.0.1)SSL_CERT_FILE = /etc/ssl/certs/ca-certificates.crtor the SSL context deep inside the connection calls would not find any certs (context.get_ca_certs()returned an empty list)Python
requestsuses theREQUESTS_CA_BUNDLEenv variable which worked so I knew I had the correct cert but had a lot of trouble figuring this out. Adding something to the docs about this would be very helpful for others that are struggling with certificate verification.Of course, I'm new to all this so if I missed something or there is an easier/cleaner way to do this, I'd love to know what that is.
The text was updated successfully, but these errors were encountered: