poliveira89/libcloud_docker.py

## libcloud_docker.py
import libcloud.security
from libcloud.container.types import Provider
from libcloud.container.providers import get_driver

import ssl
from time import sleep

# this code is to declare private CA Root - created specifically for docker TLS connection
libcloud.security.SSL_VERSION = ssl.PROTOCOL_TLSv1
libcloud.security.CA_CERTS_PATH.append('/path/to/ca.pem')

url    = 'https://my.wildcard.domain.example.com'
port   = 2376
key    = '/path/to/key.pem'
cer    = '/path/to/cert.pem'
# I even tried to bunde CA and CERT into one file and pass it to "cert_file" parameter
# like this: cat cert.pem ca.pe > bundle.pem
#cer    = '/path/to/bundle.pem'
driver = cls(host=url, port=port, secure=True, key_file=key, cert_file=cer)
print('docker connected') # console checkpoint

img_list = driver.list_images() # fails here
print(len(img_list)) # console checkpoint

## run.sh
$ python libcloud_docker.py

docker connected

# ...
# stacktrace omitted may lead into error - several files were changed to debug
# ultimaly it ended on httplib_ssl.py with a "new" exception
# an "ELIF" for the following "IF"
#   https://github.com/apache/libcloud/blob/trunk/libcloud/httplib_ssl.py#L326
# ...

socket.error: [Errno 1] Failed to establish SSL / TLS connection ([SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:590)). It is possible that the server doesn't support requested SSL / TLS version (TLS v1.0).
For information on how to work around this issue, please see https://libcloud.readthedocs.org/en/latest/other/ssl-certificate-validation.html#changing-used-ssl-tls-version
	import libcloud.security
	from libcloud.container.types import Provider
	from libcloud.container.providers import get_driver

	import ssl
	from time import sleep

	# this code is to declare private CA Root - created specifically for docker TLS connection
	libcloud.security.SSL_VERSION = ssl.PROTOCOL_TLSv1
	libcloud.security.CA_CERTS_PATH.append('/path/to/ca.pem')

	url = 'https://my.wildcard.domain.example.com'
	port = 2376
	key = '/path/to/key.pem'
	cer = '/path/to/cert.pem'
	# I even tried to bunde CA and CERT into one file and pass it to "cert_file" parameter
	# like this: cat cert.pem ca.pe > bundle.pem
	#cer = '/path/to/bundle.pem'
	driver = cls(host=url, port=port, secure=True, key_file=key, cert_file=cer)
	print('docker connected') # console checkpoint

	img_list = driver.list_images() # fails here
	print(len(img_list)) # console checkpoint
	$ python libcloud_docker.py

	docker connected

	# ...
	# stacktrace omitted may lead into error - several files were changed to debug
	# ultimaly it ended on httplib_ssl.py with a "new" exception
	# an "ELIF" for the following "IF"
	# https://github.com/apache/libcloud/blob/trunk/libcloud/httplib_ssl.py#L326
	# ...

	socket.error: [Errno 1] Failed to establish SSL / TLS connection ([SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:590)). It is possible that the server doesn't support requested SSL / TLS version (TLS v1.0).
	For information on how to work around this issue, please see https://libcloud.readthedocs.org/en/latest/other/ssl-certificate-validation.html#changing-used-ssl-tls-version