SSL Certificate Validation¶
When establishing a secure connection to a cloud provider endpoint,
Libcloud verifies server SSL certificate. By default, Libcloud searches
paths listed in libcloud.security.CA_CERTS_PATH
for CA certificate files.
CA_CERTS_PATH
contains common paths to CA bundle installations on the
following platforms:
- openssl on CentOS / Fedora
- ca-certificates on Debian / Ubuntu / Arch / Gentoo
- ca_root_nss on FreeBSD
- curl-ca-bundle on Mac OS X
If no valid CA certificate files are found, you will see an error message similar to the one bellow:
No CA Certificates were found in CA_CERTS_PATH.
Acquiring CA Certificates¶
If the above packages are unavailable to you, and you don’t wish to roll your own, the makers of cURL provides an excellent resource, generated from Mozilla: http://curl.haxx.se/docs/caextract.html.