[kolla-ansible][Xena] SSL certificate expired
wodel youchi
wodel.youchi at gmail.com
Tue Oct 11 11:08:10 UTC 2022
Anyone???
Le lun. 10 oct. 2022 à 12:21, wodel youchi <wodel.youchi at gmail.com> a
écrit :
> Hi,
>
> I tried to deploy a new certificate using :kolla-ansible reconfigure
> But I got :
>
> "module_stderr": "*Failed to discover available identity versions when
> contacting https://dashint.cloud.exemple.com:35357
> <https://dashint.cloud.exemple.com:35357>*. Attemptin
> g to parse version from URL.\nTraceback (most recent call last):\n File
> \"/opt/ansible/lib/python3.6/site-packages/urllib3/connectio
> npool.py\", line 706, in urlopen\n chunked=chunked,\n File
> \"/opt/ansible/lib/python3.6/site-packages/urllib3/connectionpool.py\"
> , line 382, in _make_request\n self._validate_conn(conn)\n File
> \"/opt/ansible/lib/python3.6/site-packages/urllib3/connectionpool
> .py\", line 1010, in _validate_conn\n conn.connect()\n File
> \"/opt/ansible/lib/python3.6/site-packages/urllib3/connection.py\", l
> ine 421, in connect\n tls_in_tls=tls_in_tls,\n File
> \"/opt/ansible/lib/python3.6/site-packages/urllib3/util/ssl_.py\", line 450,
> in ssl_wrap_socket\n sock, context, tls_in_tls,
> server_hostname=server_hostname\n File
> \"/opt/ansible/lib/python3.6/site-packages
> /urllib3/util/ssl_.py\", line 493, in _ssl_wrap_socket_impl\n return
> ssl_context.wrap_socket(sock, server_hostname=server_hostname
> )\n File \"/usr/lib64/python3.6/ssl.py\", line 365, in wrap_socket\n
> _context=self, _session=session)\n File \"/usr/lib64/python
> 3.6/ssl.py\", line 776, in __init__\n self.do_handshake()\n File
> \"/usr/lib64/python3.6/ssl.py\", line 1036, in do_handshake\n
> self._sslobj.do_handshake()\n File \"/usr/lib64/python3.6/ssl.py\", line
> 648, in do_handshake\n self._sslobj.do_handshake()\nssl
> .*SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed*
>
> Some help please
>
>
>
> Regards.
>
> Le dim. 9 oct. 2022 à 16:19, wodel youchi <wodel.youchi at gmail.com> a
> écrit :
>
>> Hi,
>>
>> My SSL certificate has expired, and now I cannot authenticate into
>> horizon and I have these errors :
>> *WARNING keystoneauth.identity.generic.base [-] Failed to discover
>> available identity versions when contacting
>> https://dashint.cloud.exemple.com:35357
>> <https://dashint.cloud.exemple.com:35357>. Attempting to parse version from
>> URL.: keystoneauth1.exceptions.connection.SSLError: SSL exception
>> connecting to https:// dashint.cloud.exemple.com
>> <http://dashint.cloud.exemple.com> :35357: HTTPSConnectionPool(host='
>> dashint.cloud.exemple.com <http://dashint.cloud.exemple.com>', port=35357):
>> Max retries exceeded with url: / (Caused by SSLError(SSLError(1, '[SSL:
>> CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:897)'),))*
>>
>> In my globals.yml I have this parameter :
>> kolla_verify_tls_backend: "no"
>>
>> 1 - How do I disable SSL verification for now?
>> 2 - How to install a new SSL certificate?
>>
>>
>>
>> Regards.
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.openstack.org/pipermail/openstack-discuss/attachments/20221011/b8920290/attachment.htm>
More information about the openstack-discuss
mailing list