New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
tornado rejects valid SSL certificate #27555
Comments
The same issue happens with github as well:
State:
(Github forces HTTPS) |
This can be replicated by opening python and executing the following code: import salt.utils.http
salt.utils.http.query('https://dl.bintray.com/mitchellh/consul/0.5.2_linux_amd64.zip', decode=False) |
@centromere thanks for the report. I was not able to reproduce this:
|
@Ch3LL Do you have the pip package certifi installed? If so, can you tell me the version? Also, could you please run this command?: |
@centromere I was actually able to replicate this issue when I was following the instructions at https://docs.saltstack.com/en/latest/topics/development/hacking.html to setup a development setup for salt. But I cannot replicate the issue when I install the package version of salt for ubuntu 14.0 from the saltstack repository. How did you initially install salt? My guess is there is some dependency issue or a package needs to be updated. My version of certifi: certifi (2015.9.6.2)
|
@Ch3LL salt-minion was installed on the nodes via salt-cloud (EC2), which uses salt-bootstrap. salt-master/salt-cloud was installed via package management, using this repository:
Provisioner: ec2:
id: 'use-instance-role-credentials'
key: 'use-instance-role-credentials'
keyname: 'salt master'
private_key: /etc/salt/salt-ssh.key
location: us-west-2
ssh_interface: private_ips
ssh_username: ubuntu
script_args: -P
minion:
master: salt-master.local
driver: ec2 From salt-bootstrap.sh: __ScriptVersion="2015.08.06" Your cacert.pem is identical to mine (just wanted to rule that out). |
@centromere thanks for the additional information. I'll see if I can replicate this and will update this issue. |
affected by the same issue. using the certifi using saltstack 2015.8.0 on ubuntu 14.04.3 openssl s_client -CAfile /usr/local/lib/python2.7/dist-packages/certifi/cacert.pem -connect github.com:443
|
I'm having same issue. I was also working on Consul when I hit this problem. @centromere Your feedback is really appreciated: https://github.com/saltstack-formulas/consul-formula |
Installing certifi==2015.04.28 fixed my problem: certifi/python-certifi#26 |
@centromere sorry for the late reply. I was able to replicate your issue on ubuntu 14, salt 2015.8.0. One thing to note is that once i upgraded to 2015.8.1 it started working. Can you try upgrading to 2015.8.1 and see if you are seeing the error still? |
@centromere Did you see the latest comment from @Ch3LL here? |
@Ch3LL Hi, I will do so and get back to you on this. |
@centromere great thanks i appreciate it |
Because this is fixed in our testing and we haven't had a reply here, I am closing this. If this can be reproduced on the latest release of Salt, please leave a comment and we will re-open it. Thanks. |
When trying to download files using archive.extracted, I get the following error:
This is the state in question:
Version report:
The text was updated successfully, but these errors were encountered: