[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [Pulp-list] Certificate Verification Failure Debugging

On 01/25/2012 12:03 PM, John Matthews wrote:
We added 2 config options which will log more information about certificate verification failures.

$ cat /etc/pulp/repo_auth.conf
enabled: false
log_failed_cert: true
log_failed_cert_verbose: false

If a certificate fails verification we will log summary info about each Certificate/CA/CRL, additionally you may enable 'log_failed_cert_verbose' and it will output the full decoded text of the Certificate to verify as well.


This is a really important addition. It's frustrating to get an unauthorized but have no idea why, so having some visibility into why someone was refused instead of having to manually piece through the certificate and CAs is going to go a long way. Nicely done.

Jay Dobies
Freenode: jdob @ #pulp
http://pulpproject.org | http://blog.pulpproject.org

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]