Uploaded image for project: 'Red Hat 3scale API Management'
  1. Red Hat 3scale API Management
  2. THREESCALE-7850

parameter "-k" doesn't ignore TLS check for linked OAS

    XMLWordPrintable

Details

    • False
    • False
    • Not Started
    • Not Started
    • Not Started
    • Not Started
    • Not Started
    • Not Started

    Description

      I've used command:

      podman run --interactive --rm --privileged=true --mount type=bind,src=/var/data,target=/var/data -e SSL_CERT_FILE=/var/data/ca-bundle.crt 5b1cffae4f2a 3scale -k activedocs create https://wxlA3EwsXgFQ8xkB@3scale-admin.apps.prathamm-fyre48-1.cp.fyre.ibm.com activedoc1-t4sw https://raw.githubusercontent.com/OAI/OpenAPI-Specification/master/examples/v2.0/json/petstore.json
{
  "code": "E_UNKNOWN",
  "message": "SSL_connect returned=1 errno=0 state=error: certificate verify failed (unable to get local issuer certificate)",
  "class": "OpenSSL::SSL::SSLError",
  "stacktrace": [
    "/usr/share/ruby/net/protocol.rb:44:in `connect_nonblock'",
    "/usr/share/ruby/net/protocol.rb:44:in `ssl_socket_connect'",
    "/usr/share/ruby/net/http.rb:1009:in `connect'",
    "/usr/share/ruby/net/http.rb:943:in `do_start'",
    "/usr/share/ruby/net/http.rb:932:in `start'",
    "/usr/share/ruby/net/http.rb:606:in `start'",
    "/usr/share/ruby/net/http.rb:481:in `get_response'",
    "/usr/share/ruby/net/http.rb:458:in `get'",
    "/opt/toolbox/lib/3scale_toolbox/resource_reader.rb:42:in `read_url'",
    "/opt/toolbox/lib/3scale_toolbox/resource_reader.rb:26:in `call'",
    "/opt/toolbox/lib/3scale_toolbox/resource_reader.rb:26:in `read_content'",
    "/opt/toolbox/lib/3scale_toolbox/resource_reader.rb:9:in `load_resource'",
    "/opt/toolbox/lib/3scale_toolbox/commands/activedocs_command/create_command.rb:56:in `activedocs_json_spec'",
    "/opt/toolbox/lib/3scale_toolbox/commands/activedocs_command/create_command.rb:68:in `activedocs_attrs'",
    "/opt/toolbox/lib/3scale_toolbox/commands/activedocs_command/create_command.rb:40:in `run'",
    "/usr/share/gems/gems/cri-2.15.11/lib/cri/command_runner.rb:34:in `call'",
    "/usr/share/gems/gems/cri-2.15.11/lib/cri/command_dsl.rb:294:in `block in runner'",
    "/usr/share/gems/gems/cri-2.15.11/lib/cri/command.rb:362:in `run_this'",
    "/usr/share/gems/gems/cri-2.15.11/lib/cri/command.rb:298:in `run'",
    "/usr/share/gems/gems/cri-2.15.11/lib/cri/command.rb:316:in `run'",
    "/usr/share/gems/gems/cri-2.15.11/lib/cri/command.rb:316:in `run'",
    "/opt/toolbox/lib/3scale_toolbox/cli.rb:47:in `block in run'",
    "/opt/toolbox/lib/3scale_toolbox/cli/error_handler.rb:5:in `block in error_watchdog'",
    "/opt/toolbox/lib/3scale_toolbox/cli/error_handler.rb:11:in `error_watchdog'",
    "/opt/toolbox/lib/3scale_toolbox/cli/error_handler.rb:5:in `error_watchdog'",
    "/opt/toolbox/lib/3scale_toolbox/cli.rb:44:in `run'",
    "/opt/toolbox/exe/3scale:15:in `<top (required)>'",
    "/opt/toolbox/bin/3scale:29:in `load'",
    "/opt/toolbox/bin/3scale:29:in `<main>'"
  ]
}

      The issue here is that Github certificate was no possible to verify. After adding correct certificate bundle, it works. But parameter "-k" should allow ignoring this error and OAS should be imported even if it has not valid certificate.

      Attachments

        Activity

          People

            Unassigned Unassigned
            mkudlej@redhat.com Martin Kudlej
            Martin Kudlej Martin Kudlej
            Eguzki Astiz Lezaun Eguzki Astiz Lezaun
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: