barbican give fails from python client but works with curl

asked 2015-04-10 15:14:05 -0500

nutshi gravatar image

updated 2015-04-14 11:09:34 -0500

I have integrated barbican with keystone

and was able to test the curl commands

curl -H 'Accept: application/json' -H 'X-Project-Id:123'  -H "X-Auth-Token:**"  http://localhost:9311/v1/secrets/

got the correct response

but now when i try the ptyhon client i get certificate error .. is it because i am not passing auth_token ? if so how do i pass it ?

[root@barbican-keystone ~]# barbican secret list 
Starting new HTTPS connection (1): 169.54.204.73
/root/.pyenv/versions/2.7.6/lib/python2.7/site-packages/requests/packages/urllib3/util/ssl_.py:79: InsecurePlatformWarning: A true SSLContext object is not available. This prevents urllib3 from configuring SSL appropriately and may cause certain SSL connections to fail. For more information, see https://urllib3.readthedocs.org/en/latest/security.html#insecureplatformwarning.
  InsecurePlatformWarning
SSL exception connecting to https://169.2.2.73:35357/v3/tokens: [Errno 1] _ssl.c:507: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed

any pointers ? I made sure i have exported all the required variables corectly

export OS_USERNAME=
export OS_TENANT_NAME=
export OS_PASSWORD=
export OS_AUTH_URL=
export OS_REGION_NAME=
export OS_IDENTITY_API_VERSION=3
export OS_USER_DOMAIN_ID=
export OS_PROJECT_DOMAIN_ID=
export AUTH_TOKEN=
export OS_CERT=/etc/keystone/ssl/certs/ca.pem
export OS_CACERT=/etc/keystone/ssl/certs/ca.pem
export OS_KEY=/etc/keystone/ssl/private/ca.key

what am i missing ? ?any pointers?

edit retag flag offensive close merge delete

Comments

Give more information. What is ur OS_AUTH_URL? Is both barbican and keystone in the same node? It is trying to connect via ssl? Have you configured keystone to use SSL?

Haneef Ali gravatar imageHaneef Ali ( 2015-04-14 11:38:33 -0500 )edit