Display meaningful error message when uploading profiles to a server with self-signed certs

[billmeyer]

Description

When attempting to upload profiles to a Compliance or Automate Server that uses self signed certificates, a more meaning error message should be displayed if inspec was not logged in with the --insecure option.

InSpec and Platform Version

1.7.1

Replication Case

inspec compliance upload

Possible Solutions

Produce a friendly error message that the inspec login should use the --insecure flag.

Stacktrace

$ inspec compliance upload ~/chef-git/chef/compliance-profiles/cis/cis-centos7-level1
WARN: Unresolved specs during Gem::Specification.reset:
      excon (>= 0.38.0)
WARN: Clearing out unresolved specs.
Please report a bug if this causes problems.
Profile is already vendored. Use --overwrite.
I, [2017-02-07T13:28:35.936714 #87201]  INFO -- : Checking profile in /Users/bmeyer/chef-git/chef/compliance-profiles/cis/cis-centos7-level1
I, [2017-02-07T13:28:35.936814 #87201]  INFO -- : Metadata OK.
I, [2017-02-07T13:28:38.288960 #87201]  INFO -- : Found 163 controls.
W, [2017-02-07T13:28:38.289030 #87201]  WARN -- : Control xccdf_org.cisecurity.benchmarks_rule_1.1.11_Add_nodev_Option_to_Removable_Media_Partitions has no tests defined
W, [2017-02-07T13:28:38.289047 #87201]  WARN -- : Control xccdf_org.cisecurity.benchmarks_rule_1.1.12_Add_noexec_Option_to_Removable_Media_Partitions has no tests defined
W, [2017-02-07T13:28:38.289058 #87201]  WARN -- : Control xccdf_org.cisecurity.benchmarks_rule_1.1.13_Add_nosuid_Option_to_Removable_Media_Partitions has no tests defined
W, [2017-02-07T13:28:38.289071 #87201]  WARN -- : Control xccdf_org.cisecurity.benchmarks_rule_1.2.3_Obtain_Software_Package_Updates_with_yum has no tests defined
W, [2017-02-07T13:28:38.289081 #87201]  WARN -- : Control xccdf_org.cisecurity.benchmarks_rule_1.2.4_Verify_Package_Integrity_Using_RPM has no tests defined
W, [2017-02-07T13:28:38.289093 #87201]  WARN -- : Control xccdf_org.cisecurity.benchmarks_rule_1.7_Use_the_Latest_OS_Release has no tests defined
W, [2017-02-07T13:28:38.289123 #87201]  WARN -- : Control xccdf_org.cisecurity.benchmarks_rule_3.16_Configure_Mail_Transfer_Agent_for_Local-Only_Mode has no tests defined
W, [2017-02-07T13:28:38.289139 #87201]  WARN -- : Control xccdf_org.cisecurity.benchmarks_rule_4.3.1_Deactivate_Wireless_Interfaces has no tests defined
W, [2017-02-07T13:28:38.289148 #87201]  WARN -- : Control xccdf_org.cisecurity.benchmarks_rule_4.4.1.1_Disable_IPv6_Router_Advertisements has no tests defined
W, [2017-02-07T13:28:38.289157 #87201]  WARN -- : Control xccdf_org.cisecurity.benchmarks_rule_4.4.1.2_Disable_IPv6_Redirect_Acceptance has no tests defined
W, [2017-02-07T13:28:38.289167 #87201]  WARN -- : Control xccdf_org.cisecurity.benchmarks_rule_4.4.2_Disable_IPv6 has no tests defined
W, [2017-02-07T13:28:38.289176 #87201]  WARN -- : Control xccdf_org.cisecurity.benchmarks_rule_4.5.1_Install_TCP_Wrappers has no tests defined
W, [2017-02-07T13:28:38.289185 #87201]  WARN -- : Control xccdf_org.cisecurity.benchmarks_rule_4.5.2_Create_etchosts.allow has no tests defined
W, [2017-02-07T13:28:38.289194 #87201]  WARN -- : Control xccdf_org.cisecurity.benchmarks_rule_4.5.4_Create_etchosts.deny has no tests defined
W, [2017-02-07T13:28:38.289204 #87201]  WARN -- : Control xccdf_org.cisecurity.benchmarks_rule_4.6.1_Disable_DCCP has no tests defined
W, [2017-02-07T13:28:38.289212 #87201]  WARN -- : Control xccdf_org.cisecurity.benchmarks_rule_4.6.2_Disable_SCTP has no tests defined
W, [2017-02-07T13:28:38.289221 #87201]  WARN -- : Control xccdf_org.cisecurity.benchmarks_rule_4.6.3_Disable_RDS has no tests defined


W, [2017-02-07T13:28:38.289229 #87201]  WARN -- : Control xccdf_org.cisecurity.benchmarks_rule_4.6.4_Disable_TIPC has no tests defined


#!/bin/bash
W, [2017-02-07T13:28:38.289245 #87201]  WARN -- : Control xccdf_org.cisecurity.benchmarks_rule_5.1.3_Configure_etcrsyslog.conf has no tests defined
W, [2017-02-07T13:28:38.289256 #87201]  WARN -- : Control xccdf_org.cisecurity.benchmarks_rule_5.1.4_Create_and_Set_Permissions_on_rsyslog_Log_Files has no tests defined
W, [2017-02-07T13:28:38.289266 #87201]  WARN -- : Control xccdf_org.cisecurity.benchmarks_rule_5.1.6_Accept_Remote_rsyslog_Messages_Only_on_Designated_Log_Hosts has no tests defined
W, [2017-02-07T13:28:38.289287 #87201]  WARN -- : Control xccdf_org.cisecurity.benchmarks_rule_5.3_Configure_logrotate has no tests defined
W, [2017-02-07T13:28:38.289317 #87201]  WARN -- : Control xccdf_org.cisecurity.benchmarks_rule_6.3.3_Set_Lockout_for_Failed_Password_Attempts has no tests defined
W, [2017-02-07T13:28:38.289329 #87201]  WARN -- : Control xccdf_org.cisecurity.benchmarks_rule_6.4_Restrict_root_Login_to_System_Console has no tests defined
W, [2017-02-07T13:28:38.289344 #87201]  WARN -- : Control xccdf_org.cisecurity.benchmarks_rule_8.3_Set_GNOME_Warning_Banner has no tests defined
W, [2017-02-07T13:28:38.289359 #87201]  WARN -- : Control xccdf_org.cisecurity.benchmarks_rule_9.1.10_Find_World_Writable_Files has no tests defined
W, [2017-02-07T13:28:38.289369 #87201]  WARN -- : Control xccdf_org.cisecurity.benchmarks_rule_9.1.13_Find_SUID_System_Executables has no tests defined
W, [2017-02-07T13:28:38.289379 #87201]  WARN -- : Control xccdf_org.cisecurity.benchmarks_rule_9.1.14_Find_SGID_System_Executables has no tests defined
W, [2017-02-07T13:28:38.289388 #87201]  WARN -- : Control xccdf_org.cisecurity.benchmarks_rule_9.2.1_Ensure_Password_Fields_are_Not_Empty has no tests defined
W, [2017-02-07T13:28:38.289400 #87201]  WARN -- : Control xccdf_org.cisecurity.benchmarks_rule_9.2.8_Check_User_Dot_File_Permissions has no tests defined
W, [2017-02-07T13:28:38.289412 #87201]  WARN -- : Control xccdf_org.cisecurity.benchmarks_rule_9.2.13_Check_User_Home_Directory_Ownership has no tests defined
Profile is valid
/opt/inspec/embedded/lib/ruby/2.3.0/net/http.rb:933:in `connect_nonblock': SSL_connect returned=1 errno=0 state=error: certificate verify failed (OpenSSL::SSL::SSLError)
	from /opt/inspec/embedded/lib/ruby/2.3.0/net/http.rb:933:in `connect'
	from /opt/inspec/embedded/lib/ruby/2.3.0/net/http.rb:863:in `do_start'
	from /opt/inspec/embedded/lib/ruby/2.3.0/net/http.rb:852:in `start'
	from /opt/inspec/embedded/lib/ruby/2.3.0/net/http.rb:584:in `start'
	from /opt/inspec/embedded/lib/ruby/gems/2.3.0/gems/inspec-1.7.1/lib/bundles/inspec-compliance/http.rb:71:in `send_request'
	from /opt/inspec/embedded/lib/ruby/gems/2.3.0/gems/inspec-1.7.1/lib/bundles/inspec-compliance/http.rb:20:in `get'
	from /opt/inspec/embedded/lib/ruby/gems/2.3.0/gems/inspec-1.7.1/lib/bundles/inspec-compliance/api.rb:16:in `profiles'
	from /opt/inspec/embedded/lib/ruby/gems/2.3.0/gems/inspec-1.7.1/lib/bundles/inspec-compliance/api.rb:67:in `exist?'
	from /opt/inspec/embedded/lib/ruby/gems/2.3.0/gems/inspec-1.7.1/lib/bundles/inspec-compliance/cli.rb:164:in `upload'
	from /opt/inspec/embedded/lib/ruby/gems/2.3.0/gems/thor-0.19.4/lib/thor/command.rb:27:in `run'
	from /opt/inspec/embedded/lib/ruby/gems/2.3.0/gems/thor-0.19.4/lib/thor/invocation.rb:126:in `invoke_command'
	from /opt/inspec/embedded/lib/ruby/gems/2.3.0/gems/thor-0.19.4/lib/thor.rb:369:in `dispatch'
	from /opt/inspec/embedded/lib/ruby/gems/2.3.0/gems/thor-0.19.4/lib/thor/invocation.rb:115:in `invoke'
	from /opt/inspec/embedded/lib/ruby/gems/2.3.0/gems/thor-0.19.4/lib/thor.rb:242:in `block in subcommand'
	from /opt/inspec/embedded/lib/ruby/gems/2.3.0/gems/thor-0.19.4/lib/thor/command.rb:27:in `run'
	from /opt/inspec/embedded/lib/ruby/gems/2.3.0/gems/thor-0.19.4/lib/thor/invocation.rb:126:in `invoke_command'
	from /opt/inspec/embedded/lib/ruby/gems/2.3.0/gems/thor-0.19.4/lib/thor.rb:369:in `dispatch'
	from /opt/inspec/embedded/lib/ruby/gems/2.3.0/gems/thor-0.19.4/lib/thor/base.rb:444:in `start'
	from /opt/inspec/embedded/lib/ruby/gems/2.3.0/gems/inspec-1.7.1/bin/inspec:12:in `<top (required)>'
	from /usr/local/bin/inspec:22:in `load'
	from /usr/local/bin/inspec:22:in `<main>'