SSL error when deploying Quay with a RHOCS storage backend

Solution Verified - Updated -

Issue

  • Installation through the Red Hat Quay operator fails with `CERTIFICATE_VERIFY_FAILED when trying to access Red Hat Openshift Container Storage backend using a custom SSL certificate:

    2020-03-10 11:57:21,558 [49] [ERROR] [util.config.validator] Validation exception
    Traceback (most recent call last):
    File "/quay-registry/util/config/validator.py", line 79, in validate_service_for_config
      VALIDATORS[service](validator_context)
    File "/quay-registry/util/config/validators/validate_storage.py", line 42, in validate
      "Invalid storage configuration: %s: %s" % (name, msg)
    ConfigValidationException: Invalid storage configuration: rhocs: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:727)
    gunicorn-config stdout | 2020-03-10 11:57:21,558 [49] [ERROR] [util.config.validator] Validation exception
    Traceback (most recent call last):
    File "/quay-registry/util/config/validator.py", line 79, in validate_service_for_config
      VALIDATORS[service](validator_context)
    File "/quay-registry/util/config/validators/validate_storage.py", line 42, in validate
      "Invalid storage configuration: %s: %s" % (name, msg)
    ConfigValidationException: Invalid storage configuration: rhocs: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:727)
    

Environment

  • Red Hat Quay 3.2
  • Red Hat Quay Operator 1.0.2
  • Red Hat OpenShift Container Storage (RHOCS) 4.2
  • extraCaCert in use for RHOCS NooBaa storage connection

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

Log in for full access

Log In