[Openstack-security] [Bug 1662556] Re: Coprhd disabling certificate verification

Xing Yang 1662556 at bugs.launchpad.net
Wed Feb 15 22:07:44 UTC 2017 

*** This bug is a duplicate of bug 1653626 ***
    https://bugs.launchpad.net/bugs/1653626

Marked this bug as a duplicate of
https://bugs.launchpad.net/cinder/+bug/1653626 which already have a
patch submitted for it.

** This bug has been marked a duplicate of bug 1653626
   IBM User tries to communicate with CoprHD securely, but fails to do so

-- 
You received this bug notification because you are a member of OpenStack
Security, which is subscribed to OpenStack.
https://bugs.launchpad.net/bugs/1662556

Title:
  Coprhd disabling certificate verification

Status in Cinder:
  New

Bug description:
  Coprhd is making reqeust calls with verify=False which disables SSL certificate checks in the following files:
  cinder/volume/drivers/coprhd/helpers/authentication.py
  cinder/volume/drivers/coprhd/helpers/commoncoprhdapi.py

  As suggested in this patch set
  (https://review.openstack.org/#/c/426385/), this bug is being opened
  in order to either fix the checks or add comments in the driver
  explaining why this is safe.

To manage notifications about this bug go to:
https://bugs.launchpad.net/cinder/+bug/1662556/+subscriptions

More information about the Openstack-security mailing list