Add configuration to use a different CA cert bundle or disable verification #101
Conversation
appended expalanation verify parm Signed-off-by: AlekseyIvanov199 <[email protected]>
Signed-off-by: AlekseyIvanov199 <[email protected]>
Signed-off-by: AlekseyIvanov199 <[email protected]>
Signed-off-by: AlekseyIvanov199 <[email protected]>
|
Applyed this commit you can get ability set off SSL verify for botocore (SSL will still be used (unless use_ssl is False)), or you can specify ca.pem file in config if you want to use a different CA cert bundle than the one used by botocore |
AlekseyIvanov199
changed the title
clokep
changed the title
| if "verify" in config: | ||
| self.api_kwargs["verify"]=config["verify"] |
There was a problem hiding this comment.
For reference, this is the set of allowed properties passed to the client.
There was a problem hiding this comment.
| if "verify" in config: | |
| self.api_kwargs["verify"]=config["verify"] | |
| if "verify" in config: | |
| self.api_kwargs["verify"] = config["verify"] |
| @@ -179,6 +182,9 @@ def parse_config(config): | |||
| if "secret_access_key" in config: | |||
| result["secret_access_key"] = config["secret_access_key"] | |||
|
|
|||
| if "verify" in config: | |||
| result["verify"]=config["verify"] | |||
There was a problem hiding this comment.
| result["verify"]=config["verify"] | |
| result["verify"] = config["verify"] |
| verify: <boolean/string> | ||
| #Whether or not to verify SSL certificates. By default SSL certificates are verified. You can provide the following values: | ||
| #False - do not validate SSL certificates. SSL will still be used (unless use_ssl is False), but SSL certificates will not be verified. | ||
| #path/to/cert/bundle.pem - A filename of the CA cert bundle to uses. You can specify this argument if you want to use a different CA cert bundle than the one used by botocore. |
There was a problem hiding this comment.
Please move this below secret_access_key.
I do wonder if this should just point back to the AWS docs or something?
|
Waiting for this, just seeing the following message in the logs |
|
@clokep your proposed changes seem rather straightforward, if @AlekseyIvanov199 can not find the time to integrate those, maybe you could directly patch them? It would be great to have this code included! Thank you guys! |
|
bump - please integrate this. I tested it on my site, and it works as expected! |
|
bump - please consider integrating this. @AlekseyIvanov199 do you mind integrating @clokep s changes? |
|
@vlaborie sorry to cold call you into this, but it seems that @clokep is dormant and you are actively commiting - would you mind integrating this or give a statement of non-acceptance? The problem is, that I always have to manually patch this after updates happend, and it would be much more convenient to have it integrated! |
@col-panic i have only sent one PR, i have no maintainer nor review privileges on this repository. |
No description provided.