DEVHIDE
Login Or Sign up

Cloudify 3.3 - Openstack:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed

511 Views Asked by At

I'm trying to create a Cloudify Manager into OpenStack with Keystone using HTTPS connection.

When I execute the command:

cfy bootstrap --install-plugins -p /path/to/manager/blueprint/file -i /path/to/inputs/yaml/file

I receive the following error:

raise exceptions.SslCertificateValidationError(reason=e) SslCertificateValidationError: SSL certificate validation has failed: [Errno 1] _ssl.c:504: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed 2016-01-29 09:50:58 CFY [external_network_5bbde.creation] Task failed 'neutron_plugin.network.creation_validation' -> SSL certificate validation has failed: [Errno 1] _ssl.c:504: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed [attempt 1/6]

What should I do to solve the problem?

openstack cloudify cloudify-script-plugin
Original Q&A
2

There are 2 best solutions below

0
On

I solved inserting, into the dsl_definition of the OpenStack blueprint:

dsl_definitions: 
 openstack_configuration: &openstack_configuration
  username: { get_input: keystone_username }
  password: { get_input: keystone_password }
  tenant_name: { get_input: keystone_tenant_name }
  auth_url: { get_input: keystone_url }
  region: { get_input: region }
  nova_url: { get_input: nova_url }
  neutron_url: { get_input: neutron_url }

the following statement:

custom_configuration:
 nova_client:
  insecure: true
 keystone_client:
  insecure: true
 neutron_client:
  insecure: true
 cinder_client:
  insecure: true

so that the final result was:

dsl_definitions:
 openstack_configuration: &openstack_configuration
  username: { get_input: keystone_username }
  password: { get_input: keystone_password }
  tenant_name: { get_input: keystone_tenant_name }
  auth_url: { get_input: keystone_url }
  region: { get_input: region }
  nova_url: { get_input: nova_url }
  neutron_url: { get_input: neutron_url }
  custom_configuration:
   nova_client:
    insecure: true
   keystone_client:
    insecure: true
   neutron_client:
    insecure: true
   cinder_client:
    insecure: true
0
On

It seems that you have a problem with the keystone SSL certificate.

You should either import the certificate to your CLI machine.

Or you could try before bootstrap to run: 

export CLOUDIFY_SSL_TRUST_ALL=true;

Related Questions in OPENSTACK

Related Questions in CLOUDIFY

Related Questions in CLOUDIFY-SCRIPT-PLUGIN

Trending Questions

Popular # Hahtags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Popular Questions

Copyright © 2021 Jogjafile Inc.