-
Bug
-
Resolution: Done
-
Normal
-
rhel-7.9.z
-
None
-
Moderate
-
rhel-sst-high-availability
-
ssg_filesystems_storage_and_HA
-
None
-
False
-
-
None
-
None
-
None
-
None
-
If docs needed, set a value
-
-
All
-
None
Description of problem:
The cacert.pem bundled in python-s3transfer's botocore libs is expired. Customer reported. Confirmed below.
[root@fastvm-rhel-7-6-21 requests]# pwd
/usr/lib/fence-agents/bundled/botocore/vendored/requests
[root@fastvm-rhel-7-6-21 requests]# openssl verify -CAfile cacert.pem cacert.pem
cacert.pem: C = US, O = GTE Corporation, OU = "GTE CyberTrust Solutions, Inc.", CN = GTE CyberTrust Global Root
error 10 at 0 depth lookup:certificate has expired
OK
This package gets pulled in by python-boto3 (for fence-agents-aws) on RHEL 7.
Version-Release number of selected component (if applicable):
python-s3transfer-0.1.13-1.el7
How reproducible:
Always
Steps to Reproduce:
1. cd /usr/lib/fence-agents/bundled/botocore/vendored/requests
2. openssl verify -CAfile cacert.pem cacert.pem
Actual results:
cacert.pem: C = US, O = GTE Corporation, OU = "GTE CyberTrust Solutions, Inc.", CN = GTE CyberTrust Global Root
error 10 at 0 depth lookup:certificate has expired
OK
Expected results:
Not expired