Cloudify with Openstack:SSL3\u获取\u服务器\u证书:证书验证失败
我想在公司的Openstack中使用Cloudify 3.1 不幸的是,我知道keystone身份验证失败了。 当我看到日志时,它显示“SSL3\u获取\u服务器\u证书:证书验证失败” 我认为是HTTPS让它失败了。我看到下面的卷曲Cloudify with Openstack:SSL3\u获取\u服务器\u证书:证书验证失败,ssl,https,openstack,cloudify,Ssl,Https,Openstack,Cloudify,我想在公司的Openstack中使用Cloudify 3.1 不幸的是,我知道keystone身份验证失败了。 当我看到日志时,它显示“SSL3\u获取\u服务器\u证书:证书验证失败” 我认为是HTTPS让它失败了。我看到下面的卷曲 curl -i 'https://identity.example.com/v2.0/tokens' -X POST -H "Content-Type: application/json" -H "Accept: application/json" -H "Us
curl -i 'https://identity.example.com/v2.0/tokens' -X POST -H "Content-Type: application/json" -H "Accept: application/json" -H "User-Agent: python-novaclient" -d '{"auth": {"tenantName": "xxxx", "passwordCredentials": {"username": "xxxx", "password": "xxxxx"}}}'
HTTP/1.0 200 Connection Established
Proxy-agent: Apache
curl: (60) SSL certificate problem, verify that the CA cert is OK. Details:
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
More details here: http://curl.haxx.se/docs/sslcerts.html
curl performs SSL certificate verification by default, using a "bundle"
of Certificate Authority (CA) public keys (CA certs). If the default
bundle file isn't adequate, you can specify an alternate file
using the --cacert option.
If this HTTPS server uses a certificate signed by a CA represented in
the bundle, the certificate verification probably failed due to a
problem with the certificate (it might be expired, or the name might
not match the domain name in the URL).
If you'd like to turn off curl's verification of the certificate, use
the -k (or --insecure) option.
-k-unsecure或者,如果有人有使用openstack的经验,并且KEYSTONE在安装Cloudify时使用HTTPS?SSL证书可能因多种原因无效。我甚至看到人们在更新证书后忘记重新加载web服务器。但是,它告诉您总体问题是什么-您需要正确安装的有效SSL证书
在开发环境中使用
curl-kcurl--unsecureopenstack_config:
...
custom_configuration:
nova_client:
insecure: true
希望这能有所帮助。最近,我看到了cloudify的github。 他们正在解决我的问题,问题链接
工作正在进行。回答得不错。另外,选择一个定制的化身,你已经赢得了它