/juju

Return original error when retrying TLS connection with system wide CA set #7414

Merged
merged 1 commit into from May 30, 2017

Conversation

Reviewers

@howbazaar howbazaar

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
4 participants
@wupeka @wallyworld @jujubot @howbazaar
@wupeka
Member

wupeka commented May 29, 2017

Description of change

There is a fallback to system CA set if root CA is set and server cert fails verification. If it fails we should return original error as it's more specific. This is especially important on Windows as with current code a certificate that's expired but is correctly signed by custom CA will fail as unsigned (by system CA) instead of expired.

QA steps

Check TestUpdateCert unit test on Windows.
@howbazaar

howbazaar approved these changes May 29, 2017
View changes

LGTM

@wallyworld
Owner

wallyworld commented May 30, 2017

$$merge$$
@jujubot
Contributor

jujubot commented May 30, 2017

Status: merge request accepted. Url: http://juju-ci.vapour.ws:8080/job/github-merge-juju

@jujubot jujubot merged commit fb58ae0 into juju:develop May 30, 2017
1 check passed

1 check passed

github-check-merge-juju Built PR, ran unit tests, and tested LXD deploy. Use !!.*!! to request another build. IE, !!build!!, !!retry!!
Details

@wupeka wupeka referenced this pull request May 30, 2017

Merged

Better log message in case of TLS error #7416

jujubot added a commit that referenced this pull request May 30, 2017

@jujubot
Merge pull request #7416 from wupeka/websockets-tls-error 
Better log message in case of TLS error

## Description of change
Follow up from #7414 - lower error message level.

## QA steps
Check debug level log messages on TestUpdateCert unit test.
19c2b32
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment