You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
When attempting to upload profiles to a Compliance or Automate Server that uses self signed certificates, a more meaning error message should be displayed if inspec was not logged in with the --insecure option.
InSpec and Platform Version
1.7.1
Replication Case
inspec compliance upload
Possible Solutions
Produce a friendly error message that the inspec login should use the --insecure flag.
Stacktrace
$ inspec compliance upload ~/chef-git/chef/compliance-profiles/cis/cis-centos7-level1
WARN: Unresolved specs during Gem::Specification.reset:
excon (>= 0.38.0)
WARN: Clearing out unresolved specs.
Please report a bug if this causes problems.
Profile is already vendored. Use --overwrite.
I, [2017-02-07T13:28:35.936714 #87201] INFO -- : Checking profile in /Users/bmeyer/chef-git/chef/compliance-profiles/cis/cis-centos7-level1
I, [2017-02-07T13:28:35.936814 #87201] INFO -- : Metadata OK.
I, [2017-02-07T13:28:38.288960 #87201] INFO -- : Found 163 controls.
W, [2017-02-07T13:28:38.289030 #87201] WARN -- : Control xccdf_org.cisecurity.benchmarks_rule_1.1.11_Add_nodev_Option_to_Removable_Media_Partitions has no tests defined
W, [2017-02-07T13:28:38.289047 #87201] WARN -- : Control xccdf_org.cisecurity.benchmarks_rule_1.1.12_Add_noexec_Option_to_Removable_Media_Partitions has no tests defined
W, [2017-02-07T13:28:38.289058 #87201] WARN -- : Control xccdf_org.cisecurity.benchmarks_rule_1.1.13_Add_nosuid_Option_to_Removable_Media_Partitions has no tests defined
W, [2017-02-07T13:28:38.289071 #87201] WARN -- : Control xccdf_org.cisecurity.benchmarks_rule_1.2.3_Obtain_Software_Package_Updates_with_yum has no tests defined
W, [2017-02-07T13:28:38.289081 #87201] WARN -- : Control xccdf_org.cisecurity.benchmarks_rule_1.2.4_Verify_Package_Integrity_Using_RPM has no tests defined
W, [2017-02-07T13:28:38.289093 #87201] WARN -- : Control xccdf_org.cisecurity.benchmarks_rule_1.7_Use_the_Latest_OS_Release has no tests defined
W, [2017-02-07T13:28:38.289123 #87201] WARN -- : Control xccdf_org.cisecurity.benchmarks_rule_3.16_Configure_Mail_Transfer_Agent_for_Local-Only_Mode has no tests defined
W, [2017-02-07T13:28:38.289139 #87201] WARN -- : Control xccdf_org.cisecurity.benchmarks_rule_4.3.1_Deactivate_Wireless_Interfaces has no tests defined
W, [2017-02-07T13:28:38.289148 #87201] WARN -- : Control xccdf_org.cisecurity.benchmarks_rule_4.4.1.1_Disable_IPv6_Router_Advertisements has no tests defined
W, [2017-02-07T13:28:38.289157 #87201] WARN -- : Control xccdf_org.cisecurity.benchmarks_rule_4.4.1.2_Disable_IPv6_Redirect_Acceptance has no tests defined
W, [2017-02-07T13:28:38.289167 #87201] WARN -- : Control xccdf_org.cisecurity.benchmarks_rule_4.4.2_Disable_IPv6 has no tests defined
W, [2017-02-07T13:28:38.289176 #87201] WARN -- : Control xccdf_org.cisecurity.benchmarks_rule_4.5.1_Install_TCP_Wrappers has no tests defined
W, [2017-02-07T13:28:38.289185 #87201] WARN -- : Control xccdf_org.cisecurity.benchmarks_rule_4.5.2_Create_etchosts.allow has no tests defined
W, [2017-02-07T13:28:38.289194 #87201] WARN -- : Control xccdf_org.cisecurity.benchmarks_rule_4.5.4_Create_etchosts.deny has no tests defined
W, [2017-02-07T13:28:38.289204 #87201] WARN -- : Control xccdf_org.cisecurity.benchmarks_rule_4.6.1_Disable_DCCP has no tests defined
W, [2017-02-07T13:28:38.289212 #87201] WARN -- : Control xccdf_org.cisecurity.benchmarks_rule_4.6.2_Disable_SCTP has no tests defined
W, [2017-02-07T13:28:38.289221 #87201] WARN -- : Control xccdf_org.cisecurity.benchmarks_rule_4.6.3_Disable_RDS has no tests defined
W, [2017-02-07T13:28:38.289229 #87201] WARN -- : Control xccdf_org.cisecurity.benchmarks_rule_4.6.4_Disable_TIPC has no tests defined
#!/bin/bash
W, [2017-02-07T13:28:38.289245 #87201] WARN -- : Control xccdf_org.cisecurity.benchmarks_rule_5.1.3_Configure_etcrsyslog.conf has no tests defined
W, [2017-02-07T13:28:38.289256 #87201] WARN -- : Control xccdf_org.cisecurity.benchmarks_rule_5.1.4_Create_and_Set_Permissions_on_rsyslog_Log_Files has no tests defined
W, [2017-02-07T13:28:38.289266 #87201] WARN -- : Control xccdf_org.cisecurity.benchmarks_rule_5.1.6_Accept_Remote_rsyslog_Messages_Only_on_Designated_Log_Hosts has no tests defined
W, [2017-02-07T13:28:38.289287 #87201] WARN -- : Control xccdf_org.cisecurity.benchmarks_rule_5.3_Configure_logrotate has no tests defined
W, [2017-02-07T13:28:38.289317 #87201] WARN -- : Control xccdf_org.cisecurity.benchmarks_rule_6.3.3_Set_Lockout_for_Failed_Password_Attempts has no tests defined
W, [2017-02-07T13:28:38.289329 #87201] WARN -- : Control xccdf_org.cisecurity.benchmarks_rule_6.4_Restrict_root_Login_to_System_Console has no tests defined
W, [2017-02-07T13:28:38.289344 #87201] WARN -- : Control xccdf_org.cisecurity.benchmarks_rule_8.3_Set_GNOME_Warning_Banner has no tests defined
W, [2017-02-07T13:28:38.289359 #87201] WARN -- : Control xccdf_org.cisecurity.benchmarks_rule_9.1.10_Find_World_Writable_Files has no tests defined
W, [2017-02-07T13:28:38.289369 #87201] WARN -- : Control xccdf_org.cisecurity.benchmarks_rule_9.1.13_Find_SUID_System_Executables has no tests defined
W, [2017-02-07T13:28:38.289379 #87201] WARN -- : Control xccdf_org.cisecurity.benchmarks_rule_9.1.14_Find_SGID_System_Executables has no tests defined
W, [2017-02-07T13:28:38.289388 #87201] WARN -- : Control xccdf_org.cisecurity.benchmarks_rule_9.2.1_Ensure_Password_Fields_are_Not_Empty has no tests defined
W, [2017-02-07T13:28:38.289400 #87201] WARN -- : Control xccdf_org.cisecurity.benchmarks_rule_9.2.8_Check_User_Dot_File_Permissions has no tests defined
W, [2017-02-07T13:28:38.289412 #87201] WARN -- : Control xccdf_org.cisecurity.benchmarks_rule_9.2.13_Check_User_Home_Directory_Ownership has no tests defined
Profile is valid
/opt/inspec/embedded/lib/ruby/2.3.0/net/http.rb:933:in `connect_nonblock': SSL_connect returned=1 errno=0 state=error: certificate verify failed (OpenSSL::SSL::SSLError)
from /opt/inspec/embedded/lib/ruby/2.3.0/net/http.rb:933:in `connect'
from /opt/inspec/embedded/lib/ruby/2.3.0/net/http.rb:863:in `do_start'
from /opt/inspec/embedded/lib/ruby/2.3.0/net/http.rb:852:in `start'
from /opt/inspec/embedded/lib/ruby/2.3.0/net/http.rb:584:in `start'
from /opt/inspec/embedded/lib/ruby/gems/2.3.0/gems/inspec-1.7.1/lib/bundles/inspec-compliance/http.rb:71:in `send_request'
from /opt/inspec/embedded/lib/ruby/gems/2.3.0/gems/inspec-1.7.1/lib/bundles/inspec-compliance/http.rb:20:in `get'
from /opt/inspec/embedded/lib/ruby/gems/2.3.0/gems/inspec-1.7.1/lib/bundles/inspec-compliance/api.rb:16:in `profiles'
from /opt/inspec/embedded/lib/ruby/gems/2.3.0/gems/inspec-1.7.1/lib/bundles/inspec-compliance/api.rb:67:in `exist?'
from /opt/inspec/embedded/lib/ruby/gems/2.3.0/gems/inspec-1.7.1/lib/bundles/inspec-compliance/cli.rb:164:in `upload'
from /opt/inspec/embedded/lib/ruby/gems/2.3.0/gems/thor-0.19.4/lib/thor/command.rb:27:in `run'
from /opt/inspec/embedded/lib/ruby/gems/2.3.0/gems/thor-0.19.4/lib/thor/invocation.rb:126:in `invoke_command'
from /opt/inspec/embedded/lib/ruby/gems/2.3.0/gems/thor-0.19.4/lib/thor.rb:369:in `dispatch'
from /opt/inspec/embedded/lib/ruby/gems/2.3.0/gems/thor-0.19.4/lib/thor/invocation.rb:115:in `invoke'
from /opt/inspec/embedded/lib/ruby/gems/2.3.0/gems/thor-0.19.4/lib/thor.rb:242:in `block in subcommand'
from /opt/inspec/embedded/lib/ruby/gems/2.3.0/gems/thor-0.19.4/lib/thor/command.rb:27:in `run'
from /opt/inspec/embedded/lib/ruby/gems/2.3.0/gems/thor-0.19.4/lib/thor/invocation.rb:126:in `invoke_command'
from /opt/inspec/embedded/lib/ruby/gems/2.3.0/gems/thor-0.19.4/lib/thor.rb:369:in `dispatch'
from /opt/inspec/embedded/lib/ruby/gems/2.3.0/gems/thor-0.19.4/lib/thor/base.rb:444:in `start'
from /opt/inspec/embedded/lib/ruby/gems/2.3.0/gems/inspec-1.7.1/bin/inspec:12:in `<top (required)>'
from /usr/local/bin/inspec:22:in `load'
from /usr/local/bin/inspec:22:in `<main>'
The text was updated successfully, but these errors were encountered:
Description
When attempting to upload profiles to a Compliance or Automate Server that uses self signed certificates, a more meaning error message should be displayed if inspec was not logged in with the --insecure option.
InSpec and Platform Version
1.7.1
Replication Case
inspec compliance upload
Possible Solutions
Produce a friendly error message that the
inspec login
should use the --insecure flag.Stacktrace
The text was updated successfully, but these errors were encountered: