Configure and use SSL-related requests options
This patch adds standard SSL options to IPA config and makes use of them when making HTTP requests. For now, a single set of certificates is used when needed. In the future configuration can be expanded to allow per-service certificates. Besides, the 'insecure' option (defaults to False) can be overridden through kernel command line parameter 'ipa-insecure'. This will allow running IPA in CI-like environments with self-signed SSL certificates. Change-Id: I259d9b3caa9ba1dc3d7382f375b8e086a5348d80 Closes-Bug: #1642515
This commit is contained in:
doc/source
etc/ironic_python_agent
ironic_python_agent
releasenotes/notes
@ -118,7 +118,9 @@ def call_inspector(data, failures):
|
||||
encoder = encoding.RESTJSONEncoder()
|
||||
data = encoder.encode(data)
|
||||
|
||||
resp = requests.post(CONF.inspection_callback_url, data=data)
|
||||
verify, cert = utils.get_ssl_client_options(CONF)
|
||||
resp = requests.post(CONF.inspection_callback_url, data=data,
|
||||
verify=verify, cert=cert)
|
||||
if resp.status_code >= 400:
|
||||
LOG.error('inspector error %d: %s, proceeding with lookup',
|
||||
resp.status_code, resp.content.decode('utf-8'))
|
||||
|
Reference in New Issue
Block a user