SSL error when deploying Quay with a RHOCS storage backend

Solution Verified - Updated -

Issue

  • Installation through the Red Hat Quay operator fails with `CERTIFICATE_VERIFY_FAILED when trying to access Red Hat Openshift Container Storage backend using a custom SSL certificate:

    2020-03-10 11:57:21,558 [49] [ERROR] [util.config.validator] Validation exception
    Traceback (most recent call last):
    File "/quay-registry/util/config/validator.py", line 79, in validate_service_for_config
      VALIDATORS[service](validator_context)
    File "/quay-registry/util/config/validators/validate_storage.py", line 42, in validate
      "Invalid storage configuration: %s: %s" % (name, msg)
    ConfigValidationException: Invalid storage configuration: rhocs: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:727)
    gunicorn-config stdout | 2020-03-10 11:57:21,558 [49] [ERROR] [util.config.validator] Validation exception
    Traceback (most recent call last):
    File "/quay-registry/util/config/validator.py", line 79, in validate_service_for_config
      VALIDATORS[service](validator_context)
    File "/quay-registry/util/config/validators/validate_storage.py", line 42, in validate
      "Invalid storage configuration: %s: %s" % (name, msg)
    ConfigValidationException: Invalid storage configuration: rhocs: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:727)
    

Environment

  • Red Hat Quay 3.2
  • Red Hat Quay Operator 1.0.2
  • Red Hat OpenShift Container Storage (RHOCS) 4.2
  • extraCaCert in use for RHOCS NooBaa storage connection

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content