[openstack-dev] [Clients] Does the keystoneclient have an --insecure option like nova does?
Jay Pipes
jaypipes at gmail.com
Tue Nov 27 14:59:10 UTC 2012
jp833r at c2r1:~$ keystone endpoint-list
No handlers could be found for logger "keystoneclient.client"
Authorization Failed: Unable to communicate with identity service:
[Errno 1] _ssl.c:504: error:14090086:SSL
routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed. (HTTP 400)
jp833r at c2r1:~$ keystone --insecure endpoint-list
usage: keystone [--os_username <auth-user-name>]
<snip>
<subcommand> ...
keystone: error: unrecognized arguments: --insecure
Whereas nova has the --insecure option, but doesn't have such a nice
error message indicating that certificate verify failed :)
jp833r at c2r1:~$ nova list
ERROR: n/a (HTTP 400)
jp833r at c2r1:~$ nova --insecure list
+----+------+--------+----------+
| ID | Name | Status | Networks |
+----+------+--------+----------+
+----+------+--------+----------+
Thoughts? I think it would be great to get:
1) Some consistency between the two tools regarding how they indicate
that cert verification failed
2) An --insecure option consistent in all clients for use in
test/non-prod environments that have self-signed certs
3) The ability for all CLI tools to support a --version option (or
version command)
Do people agree?
Best,
-jay
More information about the OpenStack-dev
mailing list