Feature #3180
Improve SSL CLI support
Status: | Closed | Start date: | 09/09/2014 | |
---|---|---|---|---|
Priority: | Normal | Due date: | ||
Assignee: | Javi Fontan | % Done: | 0% | |
Category: | CLI | |||
Target version: | Release 4.10 | |||
Resolution: | fixed | Pull request: |
Description
Two suggestions to improve it:
1. Allow the client to disable SSL peer certificate verification
2. Allow client to provide a certification location through config or environment variable
Associated revisions
feature #3180: options for SSL certs in OCA
ONE_CERT_DIR: adds an extra directory with trusted CA certificates
ONE_DISABLE_SSL_VERIFY: disable certificate verification
Both of these options make the calls change from asynchronous (one http
connection per call) to synchronous (same http connection for all calls).
XMLRPC library creates a new HTTP object per asynchronous connection and
there is no way of passing configuration options to it.
feature #3180: add option to make xmlrpc calls synchronous
Using SSL options in Ruby OCA no longer disable async calls automatically. The sync call
must be specified when creating a client:
client = OpenNebula::Client.new(secret, proxy, :sync => true)
feature #3180: make CLI use sync calls to honor SSL parameters
feature #3180: Raise an exception for not compatible client options
History
#1 Updated by Tino Vázquez almost 7 years ago
- Target version set to Release 4.10
#2 Updated by Tino Vázquez almost 7 years ago
- Status changed from Pending to New
#3 Updated by Ruben S. Montero almost 7 years ago
- Assignee set to Javi Fontan
#4 Updated by Ruben S. Montero over 6 years ago
- Status changed from New to Closed
- Resolution set to fixed