poliveira89 · April 7, 2016 09:52 · poliveira89 · Apr 7, 2016
diff --git a/libcloud_docker.py b/libcloud_docker.py
 import libcloud.security
 from libcloud.container.types import Provider
 from libcloud.container.providers import get_driver

 import ssl
 from time import sleep

 # this code is to declare private CA Root - created specifically for docker TLS connection
 libcloud.security.SSL_VERSION = ssl.PROTOCOL_TLSv1
 libcloud.security.CA_CERTS_PATH.append('/path/to/ca.pem')

 url    = 'https://my.wildcard.domain.example.com'
 port   = 2376
 key    = '/path/to/key.pem'
 cer    = '/path/to/cert.pem'
 # I even tried to bunde CA and CERT into one file and pass it to "cert_file" parameter
 # like this: cat cert.pem ca.pe > bundle.pem
 #cer    = '/path/to/bundle.pem' 
 driver = cls(host=url, port=port, secure=True, key_file=key, cert_file=cer)
 print('docker connected') # console checkpoint

 img_list = driver.list_images() # fails here
 print(len(img_list)) # console checkpoint
diff --git a/run.sh b/run.sh
 $ python libcloud_docker.py

 docker connected

 # ... 
 # stacktrace omitted may lead into error - several files were changed to debug
 # ultimaly it ended on httplib_ssl.py with a "new" exception
 # an "ELIF" for the following "IF"
 #   https://github.com/apache/libcloud/blob/trunk/libcloud/httplib_ssl.py#L326
 # ...

 socket.error: [Errno 1] Failed to establish SSL / TLS connection ([SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:590)). It is possible that the server doesn't support requested SSL / TLS version (TLS v1.0).
 For information on how to work around this issue, please see https://libcloud.readthedocs.org/en/latest/other/ssl-certificate-validation.html#changing-used-ssl-tls-version
	import libcloud.security
	from libcloud.container.types import Provider
	from libcloud.container.providers import get_driver

	import ssl
	from time import sleep

	# this code is to declare private CA Root - created specifically for docker TLS connection
	libcloud.security.SSL_VERSION = ssl.PROTOCOL_TLSv1
	libcloud.security.CA_CERTS_PATH.append('/path/to/ca.pem')

	url = 'https://my.wildcard.domain.example.com'
	port = 2376
	key = '/path/to/key.pem'
	cer = '/path/to/cert.pem'
	# I even tried to bunde CA and CERT into one file and pass it to "cert_file" parameter
	# like this: cat cert.pem ca.pe > bundle.pem
	#cer = '/path/to/bundle.pem'
	driver = cls(host=url, port=port, secure=True, key_file=key, cert_file=cer)
	print('docker connected') # console checkpoint

	img_list = driver.list_images() # fails here
	print(len(img_list)) # console checkpoint
	$ python libcloud_docker.py

	docker connected

	# ...
	# stacktrace omitted may lead into error - several files were changed to debug
	# ultimaly it ended on httplib_ssl.py with a "new" exception
	# an "ELIF" for the following "IF"
	# https://github.com/apache/libcloud/blob/trunk/libcloud/httplib_ssl.py#L326
	# ...

	socket.error: [Errno 1] Failed to establish SSL / TLS connection ([SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:590)). It is possible that the server doesn't support requested SSL / TLS version (TLS v1.0).
	For information on how to work around this issue, please see https://libcloud.readthedocs.org/en/latest/other/ssl-certificate-validation.html#changing-used-ssl-tls-version