如果我运行:
curl -si localhost:8000/login -H "Accept: application/json" -d username='salt' -d password='salt' -d eauth='pam'
它给出了这个错误:
Process Manager starting! Enter PEM pass phrase: [WARNING ] SSL Error on 8 ('127.0.0.1', 50408): [Errno 1] _ssl.c:510: error:1407609C:SSL routines:SSL23_GET_CLIENT_HELLO:http request [ERROR ] Uncaught exception Traceback (most recent call last): File "/usr/lib/python2.7/dist-packages/tornado/http1connection.py", line 693, in _server_request_loop ret = yield conn.read_response(request_delegate) File "/usr/lib/python2.7/dist-packages/tornado/gen.py", line 870, in run value = future.result() File "/usr/lib/python2.7/dist-packages/tornado/concurrent.py", line 215, in result raise_exc_info(self._exc_info) File "/usr/lib/python2.7/dist-packages/tornado/gen.py", line 876, in run yielded = self.gen.throw(*exc_info) File "/usr/lib/python2.7/dist-packages/tornado/http1connection.py", line 168, in _read_message quiet_exceptions=iostream.StreamClosedError) File "/usr/lib/python2.7/dist-packages/tornado/gen.py", line 870, in run value = future.result() File "/usr/lib/python2.7/dist-packages/tornado/concurrent.py", line 215, in result raise_exc_info(self._exc_info) File "", line 3, in raise_exc_info SSLError: [Errno 1] _ssl.c:510: error:1407609C:SSL routines:SSL23_GET_CLIENT_HELLO:http request
这里是:
tail /etc/salt/master # socket backlog backlog: 128 ssl_crt: /etc/pki/api/certs/cert.pem # no need to specify ssl_key if cert and key # are in one single file ssl_key: /etc/pki/api/certs/key.pem debug: False disable_ssl: False webhook_disable_auth: False cors_origin: null
然后我将自签名证书复制到上面显示的位置并将其添加到根 CA:
sudo cp cert.pem /usr/share/ca-certificates/ sudo dpkg-reconfigure ca-certificates
最佳答案
看来您不能将虚拟环境与 salt-api 一起使用。我删除了 Anaconda 并升级到 Python 3,现在它可以工作了,但它给出了警告,但没有给出错误:
curl -si localhost:8000/login > -H "Accept: application/json" >
-d username='salt' > -d password='salt' > -d eauth='pam'
不抛出错误,只抛出警告:
[DEBUG ] Process Manager starting! [WARNING ] SSL Error on 11 ('127.0.0.1', 46632): [SSL: HTTP_REQUEST] http request (_ssl.c:600)
关于使用 Tornado 的 SaltStack 上 8 上的 SSL 错误,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/52095272/