def runTest(self): sslUtil = SSLUtil() sslUtil.timeout = 10 # Reset the test certificate = sslUtil.getServerCertificate('https://gecos.solutia-it.es:8443/') sslUtil.removeCertificateFromTrustedCAs(certificate) certificate = sslUtil.getServerCertificate('https://ws003.juntadeandalucia.es/') sslUtil.removeCertificateFromTrustedCAs(certificate) # Start the test SSLUtil.disableSSLCertificatesVerification() self.assertFalse(SSLUtil.isSSLCertificatesVerificationEnabled()) self.assertFalse(SSLUtil.isSSLCertificatesVerificationEnabled())
logging.debug("chef_admin_name retrieved from GECOS auto conf") # Check Chef HTTPS certificate if chef_url.startswith('https://'): # Check server certificate sslUtil = SSLUtil() if not sslUtil.isServerCertificateTrusted(chef_url): if ( sslUtil.getUntrustedCertificateErrorCode(chef_url) == \ SSL_R_CERTIFICATE_VERIFY_FAILED ): # Error code SSL_R_CERTIFICATE_VERIFY_FAILED # means that the certificate is not trusted sslUtil.getUntrustedCertificateErrorCode(chef_url) certificate = sslUtil.getServerCertificate(chef_url) info = sslUtil.getCertificateInfo(certificate) # TODO: Disable certificate validation without asking SSLUtil.disableSSLCertificatesVerification() else: # Any other error code must be shown errormsg = sslUtil.getUntrustedCertificateCause(chef_url) logging.debug("Error connecting to HTTPS server: %s", errormsg) if not debug_mode: gecosCC.unregister_chef_node( gecosAccessData, workstationData.get_node_name()) clean_connection_files_on_error() sys.exit()