on distros with openssl 3, the .srl files don't appear to be created.
don't fail if 'rm' can't find them
Fixes: https://tracker.ceph.com/issues/58513
Signed-off-by: Casey Bodley <cbodley@redhat.com>
Get rid of this annoying teuthology log message which appears
many many times:
.../urllib3/connection.py:395: SubjectAltNameWarning: Certificate
for <some_host> has no `subjectAltName`, falling back to check for a
`commonName` for now. This feature is being removed by major browsers and
deprecated by RFC 2818. (See https://github.com/urllib3/urllib3/issues/497
for details.)
I'm also adding the ip address, which also allows https://IPaddress/
This is part of the standard and works with most clients, but python
ignores this. C'est la vie.
Fixes: https://tracker.ceph.com/issues/48177
Signed-off-by: Marcus Watts <mwatts@redhat.com>
we cannot rely on the order in which items are arranged in a dict, the
order varies from version to another. in Python2, it happens to work,
and we can always have the self-signed cert added first. but in Python3,
it does not. and an exception is thrown
```
teuthology.exceptions.ConfigError: ssl: ca root not found for
certificate rgw.client.0
```
in this change, before creating certs, the settings are reordered so
that the self-signed ones are created first.
Signed-off-by: Kefu Chai <kchai@redhat.com>
teuthology looks for overrides by the class name, so overrides weren't
working after the task was renamed
Signed-off-by: Casey Bodley <cbodley@redhat.com>
The ssl task located in a python file called `ssl.py` will generate
python module loading conflicts with the `ssl` system module, when
running QA tests using vstart_runner.py.
Signed-off-by: Ricardo Dias <rdias@suse.com>
