#20 Check pdc certificate
Closed: Fixed 2 years ago by kevin. Opened 7 years ago by till.

It seems that pagure does not verify PDC's certificate, not sure why:

$ PAGURE_CONFIG=/etc/pagure/pagure.cfg pagure-admin refresh-gitolite --project rpms/gnuradio
2017-08-11 21:36:49,426 [INFO] pagure.lib.git_auth: Looking for backend: distgit
Do you want to re-generate the gitolite.conf file for group: None and project: rpms/gnuradio?
Do you want to continue? [y/N]y
2017-08-11 21:44:22,871 [INFO] pagure.lib.git_auth: Refresh gitolite configuration
2017-08-11 21:44:22,871 [INFO] pagure.lib.git_auth: Write down the gitolite configuration file
2017-08-11 21:44:22,871 [INFO] pagure.lib.git_auth: Loading the file to include at the top of the generated one
2017-08-11 21:44:23,208 [INFO] pagure.lib.git_auth: Refreshing the configuration for one project
2017-08-11 21:44:23,218 [INFO] requests.packages.urllib3.connectionpool: Starting new HTTPS connection (1): pdc.fedoraproject.org
/usr/lib/python2.7/site-packages/urllib3/connectionpool.py:769: InsecureRequestWarning: Unverified HTTPS request is being made. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.org/en/latest/security.html

Is it maybe because of develop=True here:

https://pagure.io/pagure-dist-git/blob/master/f/dist_git_auth.py#_55


Thanks @till. It's been fixed upstream for a while. Currently waiting on a release here: https://github.com/product-definition-center/pdc-client/issues/113

@ralph this was supposed to be hotfixed over a week ago after I complained about it. Why did this patch not get into upstream pagure-dist-git for the next release?

I am pretty sure this issue is moot now. We don't use gitolite anymore and pdc has long since been updated.

If I am mistaken, please re-open.

Metadata Update from @kevin:
- Issue close_status updated to: Fixed
- Issue status updated to: Closed (was: Open)

2 years ago

Log in to comment on this ticket.

Metadata