Ok, this is a bug. requests lib is verifying SSL by default while cloudmonkey is probably ignoring SSL. There are two options
1) Fix marvin to accept SSL while detecting your default certs in /etc/ssl/certs? Or use an env variable 2) Ignore SSL auth from marvin. Can you please file a bug report? It should be a simple fix, so you can run with it or I'll get to it tomorrow. Ref: http://www.python-requests.org/en/latest/user/advanced/#ssl-cert-verification On Tue, Oct 08, 2013 at 04:14:46PM +0200, Daan Hoogland wrote: > H Prasanna, > > $ ./zoneCommand.py > Traceback (most recent call last): > File "./zoneCommand.py", line 91, in <module> > print "zones: " + repr(blub.listZones(conn)) > File "./zoneCommand.py", line 42, in listZones > resp = conn.marvin_request(lz) > File "/usr/lib/python2.7/site-packages/marvin/cloudstackConnection.py", > line 218, in marvin_request > cmdname, self.auth, payload=payload, method=method) > File "/usr/lib/python2.7/site-packages/marvin/cloudstackConnection.py", > line 153, in request > raise c > requests.exceptions.SSLError: [Errno 1] _ssl.c:508: error:14090086:SSL > routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed > > This is using the keys that are also used by cloudmonkey > > any hint? > Daan > > > On Tue, Oct 8, 2013 at 2:31 PM, Daan Hoogland <daan.hoogl...@gmail.com>wrote: > > > H Prasanne, > > > > I didn't get around this bit a few days. > > > > Cloudmonkey works throught the same connection. I will find some time the > > coming days to test this with debug enabled marvin. > > > > regards, > > Daan > > > > > > On Thu, Oct 3, 2013 at 6:22 AM, Prasanna Santhanam <t...@apache.org> wrote: > > > >> On Thu, Sep 26, 2013 at 04:21:38PM +0200, Daan Hoogland wrote: > >> > H, > >> > > >> > I have some trouble getting marvin to connect to cloudstack over https. > >> > I am supposing the following should work > >> > conn = cloudConnection(mgmtip, apiKey=apikey, > >> > securityKey=secretkey, logging=log, port=443, scheme="https") > >> > lz = listZones.listZonesCmd() > >> > conn.marvin_request(lz) > >> > > >> > is this a valid assumption? > >> > > >> > I can browse to the https://<mgmtip>/client/ and login to retrieve the > >> > keys used, but on running the code above i get > >> > > >> > requests.exceptions.ConnectionError: > >> > HTTPSConnectionPool(host='10.200.23.16', port=443): Max retries > >> > exceeded with url: > >> > > >> /client/api?apiKey=JGvIQPeIVsbgEhVC3shZ51r9buYwClB4ToJZX9Cxs9e3NZbRoJLNyANnWEKgsmgt1uoF_eLdL31GHMwcss6Zyw&command=listZones&signature=KL93r9GYIr6%2FRcbNHuaOj3jUF6o%3D&response=json > >> > (Caused by <class 'socket.error'>: [Errno 111] Connection refused) > >> > >> In the loglevel() method in CloudConnection.py, switch the logging to > >> logging.DEBUG. That will spew out more verbose logging as to what's > >> happening here. > >> > >> I've never tried it on an https enabled cloudstack so there might be a > >> bug. Does cloudmonkey work for you on this endpoint? If yes, then I > >> don't see why marvin shouldn't. Both use the same request mechanism. > >> > >> > > >> > I am not sure where to look. at marvin, httprequest or the setup of my > >> > env. Hints? > >> > > >> > thanks, > >> > Daan > >> > >> -- > >> Prasanna., > >> > >> ------------------------ > >> Powered by BigRock.com > >> > >> > > -- Prasanna., ------------------------ Powered by BigRock.com
